Secure Email with InstantCrypt

(c) Wolfgang Schlage, 2005

- Every participant has his own key pair.
- One key of this pair encrypts the message, which then can only be read by the other key of the same pair, and by no other key.
- This also works the other way around: what has been encrypted with the second key can be decrypted with the first.
- You cannot decrypt the message with the key that you have used for encryption.
- Knowing one key of a key pair does not help you to find the other one.

- Participants create their own key pair.
- They keep one key of their key pair secret, e.g. protecting it with a passphrase: this is their “private” or “secret” key.
- They give the other key to anyone who might want to send them a secure email, this key does not have to be kept secret: this is the “public” key.
- Participants collect the public keys of all the people to whom they want to send secure emails.
- If Alice wants to send a secure email to Bob, Alice uses Bob’s public key to encrypt the email and sends the email to Bob. Alice knows that only Bob with his private key can read it.

In traditional cryptography (with only a single key used for encryption and
decryption), there is always the problem of the “key exchange”,
i.e., the sender has to let the receiver know which key was used, without
anybody else being able to find out: the key exchange has to be secret. This is
not always easy -- you cannot just send another email with the key, can you? In
public-key cryptography, this problem is solved: Everybody can know
anybody’s public key and will still not be able to read encrypted emails
directed to them, as long as the secret keys (which do not have to be
exchanged) remain secret.