Assume you own a bank and you want to send a users name and password to the server.
But while passing the data, a hacker can easily hack that data.
To solve this, you can use an encrypt and decrypt key. Now your data will be encrypted.
Now the hacker gets the data but it's encrypted.
But you have to sent the key to the server so that the server can decrypt as well.
Now the hacker will get the key and hack your data.
This is called Symmetric encryption.
Asymmetric encryption
To prevent the issues in symmetric encryption, we use private and public key.
Assuming public lock for our better understanding in this blog.
Here your data is encrypted using public lock and you can encrypt the data only using the private key.
You can generate this key using this way.
You can use this public lock and anyone can access it but can not break or open it.
But you can access the server 1 using your private key.
Now the server sets 2 keys. Public and private key and send the public key or lock to you.
The hacker gets one too.
Now you add the encryption key to this packet.
You then send this packet to the server.
Now the server can easily unlock its public lock which it sent previously.
This time hacker can not access to the package as it does not have server's private key.
Now the server has successfully got the encrypted key.
Now assume that the hacker is acting like a server .
Now you were confused and sent your encrypted key and data to the hacking server.
So, you have been hacked now as the hacker has all the data.
But we have a solution here.
When any server send any package it sends a certificate as well to prove that the server is real.
This is how it might look.
But the hacker can also create a certificate of its own.
But how to know that?
You can see the certificate is signed by himself
But this should not be here.
Even browsers show you issues when they see "self" in the signature row.
So, here comes Certificate Authority(CA) which will ensure the real certificate.
Once issues, you can see this.
Basically our browser has access to CAs and get recognize it.
This is how our browsers have recorded all of the CAs.
Lets clear the public lock and key confusion.
As mentioned, this is actually a public key not a public lock.
You can encrypt your data with one key and decrypt with other.
So, if you encrypt using private key, hacker and other can easily access public key and thus can hack your data.
So, you should encrypt your data using public key and you can then decrypt data only using the private key which is not available to the hackers.
Also , they are meant using these extensions.
Done!
Top comments (0)