private key (secret key)

Contributor(s): Michael Cobb

In cryptography, a private key (secret key) is a variable that is used with an algorithm to encrypt and decrypt code. Quality encryption always follows a fundamental rule: the algorithm doesn't need to be kept secret, but the key does. Private keys play important roles in both symmetric and asymmetric cryptography.

Most cryptographic processes use symmetric encryption to encrypt data transmissions but use asymmetric encryption to encrypt and exchange the secret key. Symmetric encryption, also known as private key encryption, uses the same private key for both encryption and decryption. The risk in this system is that if either party loses the key or the key is intercepted, the system is broken and messages cannot be exchanged securely.

Asymmetric cryptography, also known as public key encryption, uses two different but mathematically linked keys. The complexity and length of the private key determine how feasible it is for an interloper to carry out a brute force attack and try out different keys until the right one is found. The challenge for this system is that significant computing resources are required to create long, strong private keys.

Secret-key ciphers generally fall into one of two categories: stream ciphers or block ciphers. A block cipher applies a private key and algorithm to a block of data simultaneously, whereas a stream cipher applies the key and algorithm one bit at a time. Symmetric-key encryption is much faster computationally than asymmetric encryption but requires a key exchange.

This was last updated in September 2016

Continue Reading About private key (secret key)

Dig Deeper on Disk and file encryption tools

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How do you protect the integrity and secrecy of private keys in your organization?


File Extensions and File Formats