Digital information may be transmitted in plaintext, or unencrypted, form or in encrypted form. Plaintext form is simple to handle as no specific processing is necessary to obtain a plaintext. On the other hand, where plaintext is used in communication, the contents of a communication may be discovered by an eavesdropper simply by gaining access to a transmission medium used to convey the plaintext.
Encryption may be employed to render it more difficult for an eavesdropper to gain access to the contents of a communication. Instead of communicating the plaintext, which may be readable by a human unaided, a ciphertext is communicated over the transmission medium. The ciphertext is derived from the plaintext using an encryption algorithm, which is designed to make it difficult for eavesdroppers to reverse the operation and obtain the plaintext from the ciphertext.
An encryption algorithm may use the plaintext and a key as inputs, wherein using the algorithm in the reverse direction, that is to obtain the plaintext from a ciphertext, which is known as decryption, is difficult without the key.
In symmetric cryptography, the same key is used to encrypt plaintext to ciphertext and to decrypt ciphertext to plaintext. The key needs to be communicated between the sender and recipient in a way that an eavesdropper cannot obtain access to it, since with the key and the ciphertext obtained from the transmission medium the eavesdropper could access the plaintext. The key, known after the encryption type as a symmetric key, may be communicated out-of-band, for example via registered letter, personal visit or diplomatic pouch. This is known as a secure key exchange.
In public-key cryptography, also known as asymmetric cryptography, there exist two kinds of keys, public and secret keys which exist as pairs. A secret key of a public-key cryptography system may alternatively be referred to as a private key. A first user may share his public key freely, while carefully retaining his secret key. A second user may encrypt a plaintext to a ciphertext using the public key. A public-key encryption system is designed so that the plaintext is obtainable from the ciphertext only using the secret key. Due to this property, an eavesdropper cannot obtain the plaintext even if he obtains the ciphertext and public key from the transmission medium. Therefore unlike symmetric cryptography, asymmetric cryptography employs different keys in encryption and decryption and avoids the need for a secure key exchange.
Public-key cryptography algorithms are based on mathematical problems which currently admit no efficient solution that are inherent in certain integer factorization, discrete logarithm, and elliptic curve relationships. It is computationally straightforward for the first user to generate a personal public and secret key pair and to use them for encryption and decryption. The strength of the algorithm lies in the fact that it is computationally infeasible for a properly generated secret key to be determined from its corresponding public key. Thus the public key may be published without compromising security, whereas the secret key must not be revealed to anyone not authorized to read messages or perform digital signatures. An example of a public-key cryptography algorithm is the ElGamal algorithm.