If this is the first time you hear about public key cryptography or asymmetric cryptography, it can sound like some kind of magic you wouldn’t ever understand but it isn’t as complicated as it sounds.
To be able to better understand Asymmetric Cryptography, let’s take a look at what Cryptography and Symmetric Key Cryptography is.
Cryptography
Cryptography is the science of making communication secure. This means that sending information between myself and someone else without third-parties getting that information.
Symmetric Cryptography
Let’s imagine Bob has a box with a lock. He has a key that can lock and unlock that box. If he wants to protect something, he puts it in the box and locks it. That’s it: one key, and you can use it to encrypt (lock) and decrypt (unlock) your data (anyone can use that key).
Asymmetric Cryptography
You have a box too, but you have this extraordinary lock on it and it has two separate keys. The first key can only turn clockwise and the second one can only turn counterclockwise.
You keep the first key to yourself and never give it to anyone. This is your private key. The second key can be accessed and copied by everyone, this is called the public key. All the public key can do is lock the box. Only you can open it with your private key.
With Symmetric Cryptography, everyone could open your box who has the key, now no one besides you can open the box.
How can we use this?
If someone wants to send you a sensitive document, he or she can put the document in the box and use the copy of your public key to lock it (to turn the clock counterclockwise). Now that the box is locked, the only key that can unlock (turn it clockwise) is your private key.
You can also put a document in the box and use your private key to lock the box. If you send your box to someone and they don’t believe that’s a box from you, they can get your public key and open it (turn the lock counterclockwise)
This can only mean that the box was locked using your private key so it’s proof that you sent it. They can be sure now, that you and only you put the document in the box. This is called a “digital signature”.
Conclusion
If someone encrypts (locks) something with your public key, only you can decrypt it (unlock) with your private key.
You can use your private key to encrypt (lock) something and anyone can decrypt (unlock) it with your public key, but it’s proof that you encrypted it.
That’s Public Key Cryptography in a nutshell.
