F5 GLOSSARY

Secret Key

What is a Secret Key?

A secret key is a confidential key that must be kept private by the owner within a Public Key Infrastructure (PKI). In public key cryptography, every pair consists of a secret key (kept private) and a public key (shared openly with third parties).

Before the advent of public key cryptography, symmetric key cryptography was commonly used. In symmetric encryption, the same key is used for both encryption and decryption, requiring it to be shared with the communication partner. However, the security of symmetric encryption is compromised if the key is intercepted during transmission. To address this issue, public key cryptography was introduced.

In public key cryptography, the key owner shares the public key with a communication partner, who uses it to encrypt data before sending it to the key owner. The key owner then decrypts the received data using their secret key, which is never transmitted, making it easier to maintain security.

The most widely used public key cryptosystem today is RSA encryption. One unique feature of RSA is that data encrypted with either the public or secret key can only be decrypted using the other. This allows flexibility, enabling both public-key encryption/secret-key decryption and secret-key encryption/public-key decryption.

This characteristic is utilized in digital signatures. A document encrypted with a secret key can be decrypted by the corresponding public key, proving that the document could only have been created by the secret key's owner.

It is important to note, however, that RSA’s secret and public keys are not symmetric in their relationship. While a public key can be derived from the secret key, deriving the secret key from the public key is computationally infeasible. RSA’s security is based on the difficulty of factoring large numbers into their prime components. To ensure strong security, longer key lengths are recommended. As computing speeds improve and new decryption algorithms are developed, the need for longer and updated keys and algorithms arises over time.