Anonymous 10/07/2019 (Mon) 16:54:29 No.11514 del
>>11510
Disk encryption uses a symmetric encryption. This means there's just one key, often derived from a password and this key both encrypts and decrypts your data.

There's also asymmetric encryption. This means, that you can create a pair of (private key and public key). A secure algorithm would make deriving a private key from a public key impossible. You may then publish such a public key and it means, that anyone having that key can encrypt a message which will be impossible to decrypt without the private key. You can then safely publish such a public key so then people can download it and send you messages privately.

That's about encryption and decryption, there's also another application of asymmetric encryption and that is making a signature and verifying a signature. In this mode if someone has your public key and a signature you issued with your private key he can verify that this signature has been 100% created by an owner of this private key that's matching the public key he owns. This way you can be sure that for example you are downloading a file that has been authorized by some trusted source.

That's quite simplified, because in fact asymmetric crypto is very inefficient compared to symmetric crypto, so most often those two are combined. Eg. you actually generate a symmetric key, encrypt a message using this key and then encrypt this key (which will be very short compared to some message) with a public key.

PGP is a standard format/protocol for asymmetric (but also symmetric) crypto (sorta like SSL, but for files/messages, not streams/sockets). GPG (GnuPG) is an implementation of PGP (the most popular implementation).