Asymmetric Encryption
From Pfyshnet
Asymmetric Encryption, or Public Key Cryptography, is very important to the Internet. It allows you to conduct business with your bank securely, and it is the basis of PGP. It also provides the foundation for Pfyshnet's security.
Asymmetric Encryption can be described by the following analogy. Imagine you have a set of padlocks, and only you know the combinations to unlock them. You distribute these padlocks to your friends. When one of your friends wishes to send you something securely he puts it into a box and locks it with one of your padlocks. Then he ships it to you. The delivery service cannot be trusted, but they do not know the combination to the padlock. The box can only be unlocked by you.
Asymmetric Encryption works in a similar manner, but instead of padlocks you electronically distribute a special set of numbers, called your Public Key. When someone wishes to send you a message they encrypt it by doing some calculations on their message with your Public Key (Pfyshnet uses El Gamal). Only you can decode the encrypted message using another special set of numbers called your Private Key. You keep your Private Key a secret. Even if someone knows your Public Key she will not be able to decode a message that has been encoded by someone else. Your Public and Private keys are uniquely associated, just as a combination is uniquely associated to a padlock. Associated Public and Private Keys are called a Key Pair.
When you start your Pfyshnet node for the first time it generates a Key Pair. Generating this key takes some time because very specific types of random numbers have to be found. The added benefit is that the time needed provides a rudimentary Sybil Attack throttle.
In practice entire pieces of data are not encrypted using asymmetric encryption because it is not very efficient. Instead a random Symmetric Encryption key is generated, and the data is encrypted with it. Then the symmetric key is encrypted using the destination's public key. The encoded symmetric key is combined with the encoded data. When the destination receives the data it decodes the symmetric key using its private key. Then it decodes the rest of the data using the decoded symmetric key. This is the primary encryption method used by Pfyshnet.
