Warning: I don’t know anything about PKI, so I am learning as I go along. I will collect all of my blog posts into a long form article which will be a better reference than the blog posts.

I would normally learn subjects with acronym titles starting from the first letter and moving from left to right. In this case, the place to begin is the K part of acronym. In order to get a handle on this, I had to take a crash course on Cryptography.

Cryptography is basically converting something that is understandable by two parties, a message, into garbage, a cyphertext, and sending it across an enviroment where other parties can look at the garbage but cannot un-garbage it. Let’s call our two parties Ben and Jerry. If Ben wants to send Jerry a secret ice cream recipe, both Ben and Jerry need to share a Key. The Key is the encryption code that can be used to convert the secret recipe into garbage and the garbage back into the recipe.

Trouble is, if a Bad Bunny wanted to get that secret recipe, all they have to do is steal that key.

How will Ben and Jerry keep their secret ice cream recipe from Bad Bunny? They will use a Key Pair, a pair of keys, one public, and one private. Anyone can see the public key. Nobody should ever ever see the private key.

Ben knows Jerry’s Public Key because Jerry has published it somewhere or just gave it to Ben. Ben encrypts the secret recipe using the public key and sends it to Jerry. For Jerry to read the recipe, they have to decrypt the received cyphertext using their Private Key.

What’s interesting is that this works the other way around too. Ben can encrypt the secret ice cream recipe with their Private Key and Jerry can decrypt the recipe using Ben’s Public Key.

Makes sense so far? Next blog post will introduce the “infrastructure” bit of PKI (sort of)