I recently wrote about the subject of asymmetric keys. Asymmetric keys consist of two keys: a public key and a private key. Remember that a sender uses their private key to encrypt messages and a receiver uses the sender’s pubic key to decrypt the encrypted message. But how are these public key pairs created?

There are two methods for creating public asymmetric keys. Some systems can generate the public key pair on the sender’s host. Other systems will generate the public key pair when creating a certificate. The certificate includes the sender’s name, their public key and a digital signature.

When a user (sender) creates their own public key pair they first create the public key pair, keep their private key and then send their public key to a Certificate Authority (CA) who uses that information to create a certificate.

When a Certificate Authority creates the public key pair the CA first creates the public key pair, creates a signed certificate and then sends the public key pair and the certificate to the user (sender).

Continue reading Creating Public Asymmetric Keys