Asymmetric Cryptography: How Public and Private Keys Work

Symmetric encryption's fundamental problem: both parties need the same key, and getting that key from one to the other securely is hard. If you could share the key securely, you might not need encryption in the first place.

Asymmetric encryption sidesteps this by using two mathematically linked keys. What one key encrypts, only the other can decrypt. One key is public — share it freely, post it on your website. The other is private — never leaves your machine.

How RSA works (conceptually)

RSA's security rests on a mathematical asymmetry: multiplying two large prime numbers together is fast, but factoring the result back into its components is, for large enough primes, computationally infeasible with known algorithms.

Your public key is essentially a product of two large primes. Your private key encodes those primes. Encrypting with the public key is easy. Decrypting requires knowing the factors, which only the private key holder knows.

A 2048-bit RSA key (the current minimum) means a 617-digit number that would take longer than the age of the universe to factor with today's hardware. A 4096-bit key provides significantly more margin against future advances, including early-stage quantum computing.

Encryption vs. signing

The two-key structure enables two different operations:

Encryption: encrypt with the recipient's public key. Only their private key decrypts it. You're keeping something secret from everyone except them.

Signing: encrypt a hash of your message with your own private key. Anyone with your public key can verify it. You're proving you produced the message, since only you have the private key. This is what digital signatures do.

Note the direction reversal: for encryption, the sender uses the recipient's public key. For signing, the sender uses their own private key.

RSA's practical limitations

RSA is slow compared to AES — encrypting a large file directly with RSA is impractical. In real systems (TLS, PGP, Signal), asymmetric encryption is only used to exchange or derive a symmetric key, then the actual data moves under that symmetric key. This hybrid approach gets the key-exchange benefits of asymmetric crypto with the performance of symmetric crypto.

RSA also has a size limit: you can only encrypt data smaller than the key itself. For a 2048-bit key, that's ~245 bytes of plaintext. Everything else goes through a hybrid scheme.

Elliptic curve cryptography

Modern systems increasingly use elliptic curve variants (ECDSA, ECDH) rather than RSA. A 256-bit elliptic curve key provides security equivalent to a 3072-bit RSA key. Smaller key sizes mean faster operations and smaller signatures, which matters at scale. TLS 1.3 defaults to ECDHE (elliptic curve Diffie-Hellman ephemeral) for key exchange.

The RSA tool lets you generate a key pair and encrypt/decrypt in your browser. Notice that a newly generated key pair encrypts and decrypts the same message — that's the math working. Swap out the public key and the decrypt step fails.