AES encryption, what are public and private keys?

Question

In AES encryption (.net framework), how are the public and private keys used?

Are the public and private keys combined to form a full key, and then the algorithm use

Answer 1

A public key is linked to a private key. The public key (RSA) is distributed to the 'wild' and anyone who wants to send an encrypted file (generically speaking here), they will request the public key and encode against it. The cypertext is unreadable to anyone who gains access to the file, even if they have the public key.

The private key is needed to decode the file. As long as the private key is kept private, it is statically improbable that anyone will guess or hack the the key. Improbable, not impossible.

The real issue is keeping the private key private. Most cracks are done with social hacking. Extortion, loggers and monkey-in-the-middle public key conversion are other ways more probable than brute forcing the password or key.

In your comment to Brawndo you asked

what's the point of having a public and private key then if both can decrypt others? Why not both have the same key?

What you are describing is Symmetric-key algorithms, which AES is one. The reason for public-private keys are that with Symmetric-key algorithms how do you pass a Symmetric key over unsecured networks, mail, phone or what not without the key being intercepted. Perhaps encrypting the key, but then how do you pass that key? With a public-private key combo, that becomes LESS relevant.

"In most cases, there's a greater probability that the sun will burn out before all the computers in the world could factor in all of the information needed to brute force a 256-bit key," said Jon Hansen, vice president of marketing for AccessData Corp, the Lindon, Utah, company that built the software that powers DNA.