this post was submitted on 28 Apr 2024
1 points (100.0% liked)
Security
5014 readers
1 users here now
Confidentiality Integrity Availability
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Great question: it's called asymmetric cryptography for a reason.
The key pair is built by the person wanting to receive private messages. The public part is made public an can be used to encrypt messages to the owner of the private key. Without it you cant read the contents.
As this method is not really performance friendly, thus method is usually used to establish a symmetric encryption key for both parties that can't be intercepted this way.
In fact: if the attacker can switch out the public key for his own during transfer, he can use it to decrypt the messages and relay them to the first party, thereby revealing all the messages. This is called a man-in-the-middle attack. This is why authentication of the key is so important. This is usually done via a trusted third party.
Sorry to be so short, I hope I have given you enough words to Google for further reading.