A totally new approach was developed in the 1970s; that of asymmetric encryption. This method no longer relies on a secret key that is known at both ends, but on a pair of keys instead:
- The first part of the key pair is used to encrypt the data that are to be sent to the key owner. This key, subsequently called the public key, can be made publicly available to anybody interested in communication.
- The second part of the key pair is the private key that is only used to decrypt the received message. This key is secret and may not fall into the hands of unauthorized persons.
The main difference to symmetrical methods: A publicly available key is used in this so-called "public key method". An example of an asymmetrical encryption method is RSA.
Let's take another look at the example with Alice and Bob:
- For secure communications, Bob first of all generates a key pair with a private key and a public key that belong together. The method used for generating this key ensures that the private key cannot be backwardly computed with knowledge of the public key. Bob can now publicize the public key without worry. He can send it to Alice per e-mail or simply publish it on a web server.
- Alice now encrypts the message for Bob with his public key. This now illegible message can only be decrypted by using Bob's private key. Even if the data are intercepted on the way from Alice to Bob, no-one but Bob can regenerate the cleartext message.
The asymmetrical encryption offers the following advantages over symmetrical variants:
- A key pair is not required for every communications relationship, but for each participant only. Even with 1000 participants, each user needs only his/her personal key pair, of which only the public key is publicly available. Instead of 500,000 secret keys, the public key method requires just 1000 key pairs.
- The risky transmission of a secret key to the communications partner is simply not necessary as knowledge is only required of the public key on the other side of the communications relationship. This is the solution to a significant problem in the dynamic encryption of data between multiple participants.
