Asymmetric encryption, also known as public key encryption, makes the HTTPS protocol possible. In asymmetric encryption, two keys are used instead of one.
After reading this article you will be able to:
Copy article link
There are two sides in an encrypted communication: the sender, who encrypts the data, and the recipient, who decrypts it. As the name implies, asymmetric encryption is different on each side; the sender and the recipient use two different keys. Asymmetric encryption, also known as public key encryption, uses a public key-private key pairing: data encrypted with the public key can only be decrypted with the private key.
TLS (or SSL), the protocol that makes HTTPS possible, relies partially on asymmetric encryption. A client will obtain a website's public key from that website's TLS certificate (or SSL certificate) and use that to initiate secure communication. The website keeps the private key secret.
In symmetric encryption, the same key both encrypts and decrypts data. For symmetric encryption to work, the two or more communicating parties must know what the key is; for it to remain secure, no third party should be able to guess or steal the key.
TLS, historically known as SSL, is a protocol for encrypting communications over a network. TLS uses both asymmetric encryption and symmetric encryption. During a TLS handshake, the client and server agree upon new keys to use for symmetric encryption, called "session keys." Each new communication session will start with a new TLS handshake and use new session keys.
The TLS handshake itself makes use of asymmetric cryptography for security while the two sides generate the session keys, and in order to authenticate the identity of the website's origin server.
A key is a string of data that, when used in conjunction with a cryptographic algorithm, encrypts or decrypts messages. Data encrypted with the key will look like a random series of characters, but anyone with the right key can put it back into plaintext form. (A key can also be used to digitally sign data, not just for encryption.)
Cloudflare offers the use of free SSL/TLS certificates. Website owners who have signed up for Cloudflare can implement SSL/TLS with one click. This makes it easy for websites to move from HTTP to HTTPS, keeping user data secure and increasing user trust.
To learn more about SSL/TLS handshakes and how they use both asymmetric and symmetric encryption, see What happens in a TLS handshake?
Learning Center Navigation