← All posts
5 min read

Public-Key Cryptography: Public Information and Private Authority

#technology#security#cryptography#public-key
📑 On this page

Traditional symmetric encryption uses the same secret key to encrypt and decrypt. That is efficient, but two parties need a safe way to share the secret.

Public-key cryptography introduces a pair.

A public key can be distributed, while its mathematically related private key remains controlled and provides the secret authority for decryption, signing, or key agreement.

The exact operation depends on the cryptographic algorithm and protocol.

A concrete example: opening a secure website

During a modern TLS connection, a browser receives certified public-key information for the server. The protocol uses asymmetric cryptography to authenticate the server and establish fresh shared secrets.

After that handshake, efficient symmetric encryption protects the application data.

Public-key cryptography helps establish trust and keys; it does not encrypt every byte of the session by itself.

Key pairs

A key-generation algorithm creates:

  • a public key intended for distribution,
  • and a private key that must remain secret or tightly controlled.

The keys are mathematically related, but a secure scheme makes deriving the private key from the public key computationally infeasible under current assumptions and suitable parameters.

Three different purposes

Public-key techniques are used for distinct purposes:

  • encryption: protect data for a private-key holder;
  • digital signatures: let others verify data approved by a private-key holder;
  • key agreement: let parties derive a shared secret over an exposed channel.

Do not assume one algorithm or key should be reused for every purpose. Protocols define allowed operations.

Public-key encryption

In a simplified picture, a sender encrypts with the recipient's public key and only the private-key holder can decrypt.

Real schemes require secure padding, parameter choices, and message-size limits. Developers should use reviewed high-level libraries and protocols, not raw mathematical operations.

Direct asymmetric encryption is often reserved for small secrets rather than large files.

Hybrid encryption

Hybrid encryption combines strengths:

  1. generate a random symmetric data key,
  2. encrypt the data efficiently with that key,
  3. protect or derive the data key using asymmetric cryptography,
  4. and store or transmit the protected key with the ciphertext.

This pattern supports large data and multiple authorized recipients without encrypting the entire content asymmetrically.

Digital signatures

For signatures, the private key creates a signature over data or its cryptographic digest. Anyone with the correct public key can verify that the signature matches.

This provides evidence of integrity and possession of the signing key. It does not prove that the signer understood the content or that the content is safe.

Key agreement

Key-agreement protocols let two parties derive a shared secret without sending that final secret directly.

Ephemeral keys can provide forward secrecy: later compromise of a long-term key should not expose previously recorded sessions, assuming the protocol and implementations are sound.

Authentication is still needed to prevent an attacker from standing between the parties.

The public key needs an identity

A public key alone is just a number. A user needs confidence about whose key it is.

Identity can be established through:

  • certificates and trust chains,
  • verified key directories,
  • secure exchange,
  • pinned keys,
  • or another trusted channel.

If an attacker substitutes their own public key, the mathematics may work perfectly for the wrong identity.

Private-key custody

Private keys may be protected in:

  • hardware security modules,
  • secure device enclaves,
  • managed key services,
  • encrypted key stores,
  • or offline systems.

Controls include least privilege, multi-person approval, audit logging, rotation, backup, revocation, and destruction. Copying a private key into source code defeats the protocol's assumptions.

Algorithms and parameters

Common families include RSA and elliptic-curve cryptography, with specific schemes for encryption, signatures, or agreement.

Security depends on algorithm, key size, curve, padding, hash functions, randomness, and implementation. Use current platform guidance and interoperable protocols rather than selecting primitives independently.

Randomness matters

Weak random-number generation can expose private keys or repeat values that a scheme requires to be unique.

Use operating-system cryptographic randomness and trusted libraries. Never create keys from timestamps, usernames, or ordinary pseudo-random functions.

Performance tradeoffs

Asymmetric operations are generally slower and use larger keys or signatures than symmetric cryptography.

Protocols minimize expensive operations, reuse verified sessions appropriately, and switch to symmetric encryption for bulk traffic. Performance optimizations must preserve freshness and security properties.

Quantum considerations

Large fault-tolerant quantum computers would threaten widely used public-key schemes based on factoring or discrete logarithms.

Post-quantum cryptography uses different mathematical assumptions. Migration requires inventory, interoperability testing, larger artifacts in some schemes, and attention to data that must remain confidential for many years.

Common mistakes

Failures include:

  • accepting any public key without identity verification,
  • inventing a custom protocol,
  • using obsolete algorithms,
  • reusing keys across purposes,
  • failing to validate inputs,
  • leaking private keys through logs or builds,
  • and having no rotation or revocation plan.

Strong mathematics cannot rescue weak protocol design or operations.

Knowledge check

  1. How do public and private keys differ?
  2. Why do protocols use hybrid encryption?
  3. What are three distinct asymmetric-cryptography purposes?
  4. Why must a public key be connected to an identity?
  5. Which operational controls protect private authority?

The one idea to remember

Public-key cryptography separates distributable public information from controlled private authority. Secure use depends on reviewed protocols, authenticated keys, strong randomness, suitable algorithms, careful private-key custody, and efficient combination with symmetric cryptography.