7 Public Key Encryption and Digital Signatures: Unleashing RSA

 

This chapter covers

  • Using RSA encryption with JSON Web Encryption
  • Using RSA signatures with JSON Web Signature

When you buy products online, look for directions to a restaurant, interact with friends and strangers on a social network, or collaborate with coworkers on a video conference call, you depend on public key cryptography. Without public key cryptography, the Internet as we know it would not exist.

Secure communication on the internet relies on the Transport Layer Security (TLS) protocol, which is built upon public key cryptography algorithms. Mastering TLS is a vital skill for any developer. With a solid understanding of public key cryptography, configuring and troubleshooting TLS connections becomes straightforward. Without this knowledge, you may find yourself blindly copying commands from blogs, hoping your changes will fix issues. Public key cryptography is not just a tool—it's an essential foundation for any developer working with secure applications.

7.1 The secret key distribution problem

7.2 Public key cryptosystems

7.3 RSA public key cryptosystem

7.3.1 Configuring RSA

7.3.2 Hybrid Encryption

7.3.3 Using RSA with JSON Web Encryption (JWE)

7.3.4 The man-in-the-middle attack

7.3.5 Using RSA with JSON Web Signing (JWS)

7.4 Summary