What is Public Key and Private Key Cryptography, and How Does It Work?

Public key cryptography and private key cryptography refer to two different encryption schemes that serve two vastly different functions. In this article, we’ll give a quick overview of both, as well as what they’re used for.

Breaking Down Public Key and Private Key Cryptography

What is Private Key Cryptography?

Private key encryption is the original type of encryption. Dating back to the advent of cryptography, private key cryptosystems were the first and continue to be the most common. When using private key cryptography, both parties much each possess, or at least exchange the private key. The word “key” can be a bit misleading — the key itself is really just the cipher that’s used to scramble and unscramble the data being encrypted.

Read More

What is HTTP Public Key Pinning and Why It’s Not Good to Practice

In the annals of bad human ideas, HTTP public key pinning, or what’s more commonly known as HPKP, ranks right up there with spray-on hair and two-in-one toilet/bidets. Without straying too far into the proverbial weeds, we’re going to lay out why you definitely shouldn’t be pinning your keys in this blog post.

And to be clear — just in case you don’t read past this sentence — don’t pin your keys. Simply put, HPKP is a terrible idea, and it’s more likely to break your website than lead to any meaningful improvement in security! Even Google agrees.

Read More