If computer A needs to communicate with computer F in confidentiality, then any data exchanged between A and F over a public network needs end-to-end encryption. This means that, in case the data gets intercepted over the network, no one should be able to understand the conversation between A and F.
One way to implement confidentiality between n-parties is with the use of encryption based on symmetric or asymmetric algorithms.
A symmetric system uses one key for both encryption and decryption.
K= Key; E = Encryption Function; D= Decryption Function; X= Data in clear; Y= Encrypted data
A encrypts X and sends it to F as Y: {A [Y= EK(X)]} = A{Y} is sent to F
F receives and decrypts Y in order to get the original data X in clear: {F[X=DK(Y)]} = F{X}
An asymmetric system uses two keys, one public and one private. In this case, encryption is done with the public key and decryption with the private key.
X= Data in clear; Y= Encrypted data; PBKA= A’s public key; PRKA= A’s private key (only known to A); PBKF= F’s public key; PRKF= F’s private key (only known to F); E = Encryption Function; D= Decryption Function
A encrypts X with F’s public key and sends it to F as Y: {A[Y=EPBKF(X)]} = A{Y} is sent to F
F receives and decrypts Y with F’s private key, in order to get the original data X in clear:
{F[X=DPRKF(Y)]} = F{X}
{F[X=DPRKF(Y)]} = F{X}
Electronic signature or authenticity can also be achieved with an asymmetric system, by simply switching the use of keys.
(See Wikipedia for an articulated meaning of this topic)
