Asymmetric Encryption
Asymmetric encryption, also called public-key cryptography, uses a mathematically linked pair of keys — a public key that can be shared openly and a private key kept secret — where data encrypted with one key can only be decrypted with the…
Definition
Asymmetric encryption, also called public-key cryptography, uses a mathematically linked pair of keys — a public key that can be shared openly and a private key kept secret — where data encrypted with one key can only be decrypted with the other.
Overview
Unlike Symmetric Encryption, asymmetric encryption solves the key distribution problem: anyone can encrypt a message using a recipient's public key, but only the recipient's private key can decrypt it, so the two parties never need to share a secret over an insecure channel. The same key pair can also be used in reverse to create a Digital Signature — signing data with a private key lets anyone verify authenticity using the corresponding public key. Common algorithms include RSA and elliptic curve cryptography (ECC), with ECC increasingly preferred for its ability to provide comparable security with much smaller key sizes, improving performance. Because asymmetric operations are computationally expensive relative to symmetric encryption, they're typically used for small amounts of data — most notably to securely exchange a temporary symmetric key during a TLS handshake, after which the faster symmetric algorithm takes over. Asymmetric encryption underpins Public Key Infrastructure (PKI), the system of certificates and Certificate Authorities that verifies identities on the web.
Key Concepts
- Uses a mathematically linked public/private key pair
- Public key can be shared openly; private key must remain secret
- Solves the key distribution problem inherent to symmetric encryption
- Enables digital signatures for authenticity and integrity verification
- Common algorithms: RSA and elliptic curve cryptography (ECC)
- More computationally expensive than symmetric encryption, so used for small data