What are Public and Private Keys?

The Dual Key Architecture

In asymmetric cryptography, keys always come in pairs: a public key and a private key. They are mathematically linked, but you cannot realistically derive the private key from the public key.

Your public key is meant to be shared with the world. Anyone can use it to encrypt a message meant exclusively for you. Your private key must remain absolutely secret, as it is the only thing capable of decrypting that message.

Conceptual Example

If Alice wants Bob to send her a secure message, Alice gives Bob her public key. Bob runs his message through a mathematical formula using Alice's public key to encrypt it. Crucially, the public key is 'one-way': Bob cannot use Alice's public key to decrypt the very message he just created! Only Alice, using her closely-held private key, can reverse the math.

Everyday Example

Imagine your Public Key is an open padlock, and your Private Key is the physical metal key. You can mail hundreds of open padlocks to anyone in the world. Anyone can place a secret message in a box and click your padlock shut. Once it clicks shut, not even the person who locked it can open it again. Only you, holding the single metal private key, can unlock the box.

The Deep Mathematics

Asymmetric keys rely on 'trapdoor permutations'. A function f(x) is chosen such that calculating f(x) = y is incredibly fast in polynomial time, but calculating the inverse f^(-1)(y) = x is computationally infeasible without a specific piece of side-information (the trapdoor / private key).