Contact Us Today 01642 716680

Asymmetric Encryption

Definition: Asymmetric encryption, also known as public-key cryptography, is a type of encryption that uses a pair of keys—a public key and a private key—to encrypt and decrypt data. The public key is shared openly and can be used by anyone to encrypt messages or verify signatures, whereas the private key is kept secret by the owner and is used to decrypt messages or create digital signatures.

Asymmetric encryption is fundamental to various cyber security mechanisms because it allows two parties to communicate securely without having previously exchanged secret information. It’s used in numerous applications, such as securing communications over the internet with SSL/TLS, authenticating users and devices, and ensuring the integrity and non-repudiation of messages through digital signatures.

The strength of asymmetric encryption stems from the computational difficulty of deriving the private key from its corresponding public key. Algorithms commonly used for asymmetric encryption include RSA, ECC (Elliptic Curve Cryptography), and ElGamal. Despite its security benefits, asymmetric encryption is generally slower than symmetric encryption, hence it is often used alongside symmetric encryption in a hybrid approach.

Key Characteristics:

  • Key Pair: Uses two mathematically related keys, where one key encrypts the data and the other decrypts it.
  • Non-Repudiation: Digital signatures provide proof of the sender’s identity and the integrity of the message.
  • Key Distribution: Solves the key distribution problem by allowing anyone to encrypt with the public key, secure in the knowledge that only the holder of the private key can decrypt.
  • Computational Security: Based on hard mathematical problems, making it computationally unfeasible to derive the private key from the public key.


  • Real-World Example: SSL/TLS protocols use asymmetric encryption to establish a secure session between a web browser and server, often indicated by a padlock icon in the browser’s address bar.
  • Hypothetical Scenario: A diplomatic message is sent using asymmetric encryption. The sender uses the recipient’s public key to encrypt the communication, ensuring that only the recipient can decrypt the message with their private key upon receipt.

Related Terms:

  • Symmetric Encryption: An encryption system where the same key is used for both encryption and decryption.
  • Public Key Infrastructure (PKI): A framework for managing public keys and digital certificates, enabling secure electronic transfer of information.
  • Digital Signature: An electronic signature that uses cryptographic techniques to provide assurances about the signatory and the authenticity of a message.

Learn better by watching a video? Here is a YouTube video explaining the concept, again using the Alice and Bob notation.

Related Services:

What is the OWASP Top 10: Download our flash cards to find out.

Inside you will find a description of the most common web vulnerabilities.

Contact us

Get a free, no obligation quote from one of our expert staff.