**Posted By:**
Christopher_Koenigsberg

**Posted On:**
Monday, May 13, 2002 02:57 PM

*the Key is not same as the key used to encrypt*

Ah, congratulations, you have independently discovered the "key distribution" problem in crypto, as Diffie & Hellmann (?) first categorized it.

Either the secret encrypt/decrypt key must be shared somehow in advance (symmetric, like in DES), so the encrypting and decrypting parties both know it, or else you must use an asymmetric public/private key scheme first, to distribute and share the symmetric (DES) key, which will be used subsequently.

Diffie & Hellmann's advance was the notion of the public/private key pair & algorithm, which could be used as a way to distribute the symmetric (DES) key, safely & securely, without an infinite regress, of requiring further shared secrets beforehand.

It's too computationally expensive usually, to use the public/private key pair for the entire encrypted session, so it's usually used just to distribute the symmetric (DES) key, which can be used for faster encrypt/decrypt operations, once it's shared successfully by both parties.

That is how PGP etc. work -- you encrypt your chosen/generated private secret symmetric (DES) key, using only my public key. You send it to me, and I decrypt it using my private key. Now I have the same private secret symmetric (DES) key, and we can use it from then on, to encrypt and decrypt our further conversation.