100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace
Cybersecurity

Asymmetric Encryption

IntermediateTechnique5.2K learners

Asymmetric encryption, also called public-key cryptography, uses a mathematically linked pair of keys — a public key that can be shared openly and a private key kept secret — where data encrypted with one key can only be decrypted with the…

Definition

Asymmetric encryption, also called public-key cryptography, uses a mathematically linked pair of keys — a public key that can be shared openly and a private key kept secret — where data encrypted with one key can only be decrypted with the other.

Overview

Unlike Symmetric Encryption, asymmetric encryption solves the key distribution problem: anyone can encrypt a message using a recipient's public key, but only the recipient's private key can decrypt it, so the two parties never need to share a secret over an insecure channel. The same key pair can also be used in reverse to create a Digital Signature — signing data with a private key lets anyone verify authenticity using the corresponding public key. Common algorithms include RSA and elliptic curve cryptography (ECC), with ECC increasingly preferred for its ability to provide comparable security with much smaller key sizes, improving performance. Because asymmetric operations are computationally expensive relative to symmetric encryption, they're typically used for small amounts of data — most notably to securely exchange a temporary symmetric key during a TLS handshake, after which the faster symmetric algorithm takes over. Asymmetric encryption underpins Public Key Infrastructure (PKI), the system of certificates and Certificate Authorities that verifies identities on the web.

Key Concepts

  • Uses a mathematically linked public/private key pair
  • Public key can be shared openly; private key must remain secret
  • Solves the key distribution problem inherent to symmetric encryption
  • Enables digital signatures for authenticity and integrity verification
  • Common algorithms: RSA and elliptic curve cryptography (ECC)
  • More computationally expensive than symmetric encryption, so used for small data

Use Cases

Securely exchanging a symmetric session key during a TLS handshake
Verifying software authenticity through code-signing certificates
Enabling secure email encryption (e.g., PGP/GPG)
Authenticating SSH connections using public/private key pairs
Underpinning Public Key Infrastructure for website certificates

Frequently Asked Questions