1,885
edits
Changes
→Practical Considerations
== Practical Considerations ==
* The algorithms used in public-key cryptography are very slow. Therefore, it's common to use public key cryptography to exchange a key for a faster, symmetrical cyphercipher, and then use that cypher cipher for the actual data stream.
* ''Signing'' a message means authenticating it by taking a checksum (hash) of the message and encrypting that. This is faster than encrypting the entire message.
* Public key cryptography is very susceptible to the manipulation of public keys by an attacker interposed between the two parties at the time that the public keys are shared (e.g., when someone is downloading your public key from your website). This is called a ''Man in the Middle'' (MIM) attack. To protect against this, keys can be signed by a mutually-trusted third party (called a Certification Authority, or CA) -- this is how your browser communicates securely with your bank.
