Asymmetric · 02

Foundations of Asymmetric Encryption

Two keys instead of one. A locking key that everyone can see and an unlocking key that only one person holds. The math sits underneath, but the model is simpler than people expect. This page covers the abstraction before any specific algorithm.

01

Two Keys Are Better Than One

A public-key cryptosystem produces two mathematically linked keys per person: a public key that is given to anyone who asks, and a private key that the owner keeps secret. Anything one key locks, only the other key can unlock.

The pair is generated together. You cannot pick one and then derive the other from scratch; the generation algorithm produces them simultaneously from a single seed of randomness. After that, the public key can be shouted from the rooftops. Posted on a website. Printed on a business card. Indexed in a directory. The private key must never leave the owner's machine.

KeyWho has itWhat it does
Public keyEveryone. Published openly.Encrypts messages to the owner. Verifies signatures from the owner.
Private keyThe owner only.Decrypts messages addressed to the owner. Signs messages the owner authored.
02

The Padlock Analogy

Imagine Alice wants Bob to be able to send her secret messages, but they have never met. Alice manufactures a thousand identical open padlocks. The padlocks all share one feature: only Alice's personal key can open any of them.

Alice mails the open padlocks all over town. She leaves them in cafes, libraries, gas stations. Anyone who wants to send Alice a private message picks up a padlock, puts the message in a box, snaps the lock shut, and mails the box to her. The box could be intercepted by anyone in transit. But only Alice can open it.

The padlocks are public keys. The key Alice keeps on her belt is the private key. The padlocks can be everywhere; the key stays with Alice.

Interactive · Padlock Simulator

Lock a message with Alice's public key, then try to open it

Type a short message. Click Lock with public key to encrypt it (anyone can do this, since the public key is public). Then try unlocking it with either Alice's private key (success) or Bob's private key (failure, because the keys are mismatched).

A padlock that opens and closes based on state OPEN
Meet me at noon
Plaintext is visible. The padlock is open. Click "Lock" to encrypt.
03

What "Trapdoor Function" Means

The math that makes asymmetric cryptography possible is called a trapdoor one-way function. It is a function that is easy to compute in one direction and computationally infeasible to reverse, unless you happen to know a specific piece of extra information (the "trapdoor").

That asymmetry is the entire trick. The public key encodes the "easy direction" parameters. The private key contains the trapdoor. Without the trapdoor, decrypting a ciphertext is computationally equivalent to solving the hard problem from scratch.

Different asymmetric algorithms use different hard problems:

AlgorithmHard problemThe trapdoor
RSAFactoring large integersThe two prime factors of the modulus.
Diffie-HellmanDiscrete logarithm in a finite fieldThe secret exponent.
ECDSA / ECDHDiscrete logarithm on an elliptic curveThe secret scalar.
Lattice-based (Kyber, Dilithium)Learning with errors in high-dimensional latticesThe short basis.
04

The Two Operations: Confidentiality and Authenticity

The same key pair can be used in two different directions, and each direction provides a different security property. This is the source of most early confusion about asymmetric crypto: students assume it is "just encryption with two keys," but it is actually two distinct operations.

Figure 2.1: The two operations of a key pair A two-row diagram. The top row shows encryption: Bob takes plaintext, encrypts it with Alice's public key, and Alice decrypts it with her private key. The bottom row shows signing: Alice signs plaintext with her private key, sends it, and anyone can verify with her public key. CONFIDENTIALITY: encrypt with recipient's PUBLIC, decrypt with recipient's PRIVATE Bob has plaintext encrypt with Alice's public key ciphertext across network Alice decrypts with private AUTHENTICITY: sign with sender's PRIVATE, verify with sender's PUBLIC Alice has plaintext sign with Alice's private key message + signature across network anyone verifies with public same key pair, opposite directions, two different security properties
Fig 2.1 · A single key pair powers both confidentiality and authenticity

The mnemonic is worth memorizing: "encrypt to a public key, sign with a private key." If you find yourself encrypting with someone's private key, you are not doing encryption; you are doing signing. The vocabulary is borrowed from the encryption side, but the security property is integrity, not secrecy.

05

What Asymmetric Cryptography Cannot Do

The model is powerful but it has hard limits that show up immediately in practice.

Performance

RSA encryption is roughly 1,000 times slower than AES. ECC is faster but still no match for symmetric speed. This is why every real protocol uses asymmetric crypto only to establish a session key, then switches to a symmetric cipher for the actual data.

Message size limits

RSA can only encrypt a message smaller than the modulus, typically 2048 bits or 256 bytes minus padding overhead. ECC native encryption (ECIES) has similar limits. You do not encrypt files this way. You encrypt session keys this way.

Identity binding

A public key by itself is just a number. It does not say who owns it. Without some external mechanism to bind the key to an identity (a CA-signed certificate, a Web-of-Trust signature, a manual fingerprint check), an attacker can publish their own key under your name. This is what PKI exists to solve.

The next pages address each of these gaps. RSA, Diffie-Hellman, and Elliptic Curves give you the algorithms. Signatures give you authenticity. Hybrid Encryption resolves the speed problem. PKI resolves the identity problem. TLS uses all of them at once.