Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

Security Introduction to Data Security Solutions Communications

Loris Guerra
Loris Guerra
17,536 Points

Confusion about Shared Secret Key

In this example, if Bob and Alice agree together on a Shared-Secret-Key that they use to encrypt messages, (and this Shared-Key is also switched-changed often), how could they still decrypt all the messages using their own private key?

2 Answers

Steven Parker
Steven Parker
231,269 Points

They wouldn't need a private key if they do symmetric encryption.

The shared key would be the only key needed to encrypt and decrypt the messages. Changing it often prevents someone who manages to acquire it from reading their entire message history, or messages they generate in the future after the next change.

If they were using private keys, they would not use a shared key. Each of them would have a unique private key and a public key (4 keys total).

Patrick Palmowski
Patrick Palmowski
4,042 Points

Now Iยดm confused, do they use a public key now? Because why would they use a shared private key, it just has the characteristics like a public key. Am I so wrong?

Steven Parker
Steven Parker
231,269 Points

A "private" key would not be shared. And private keys (along with pubic keys) are used in a different kind of encryption.

In the kind of encryption that this question was asking about, the shared secret key is the only key used.