What is asymmetric encryption?

Asymmetric encryption is a type of encryption that uses two separate but mathematically connected “keys” to encrypt and decrypt data and protect it from unauthorized access or use.

These keys are known as:

  1. Private key
  2. Public key

Together, they’re called a “public and private key pair” or just “key pair“.

One of the keys, the public key, is available for anyone to use. The other key is known as the private key.

Data encrypted with the public key can ONLY be decrypted with the private key. This is why asymmetric encryption is also known as “public-key cryptography”.

How Asymmetric Encryption Works

When first learning about asymmetric encryption, the following classic example is used:

To send encrypted data to someone, you must encrypt the data with that person’s public key, and the person receiving the data decrypts it with the corresponding private key.

All the data you send through the internet is in plaintext. This means that anyone who gets access to it can see and read it.

If you don’t want anyone to be able to read your data, what you can do is encrypt the data using the public key of the recipient or person you’re sending the message to. (This person would send you her public key ahead of time.)

Once the data has been converted into ciphertext, you can’t decrypt it using the same key.

The ciphertext can be decrypted only with the corresponding private key, which only the recipient has.

How Asymmetric Encryption Works

The illustration above shows how you can freely distribute the public key so that only you, as the owner of the private key, can read data that was encrypted with the public key.


Since you’re encrypting the data with a public key, this is why this type of asymmetric encryption is also known as “public-key encryption“. 

Obviously, the most popular use of asymmetric encryption is to send confidential messages.

If I’m sending a love letter to your mom over the internet and I don’t want you to be able to read it, I can use asymmetric encryption.

I would encrypt the message with your mom’s public key, then send the message to her.

Being able to unscramble the text back into a readable format would require the private key, which only your mom is in possession of. So only SHE would be able to read the message (not you!) and learn about my true feelings for her.

Love Letter to Yo Mama

How Asymmetric Encryption Works in Crypto

Asymmetric encryption was first used to encrypt and decrypt messages.  But cryptocurrencies now use this technology in a slightly different way.

In the classic example of asymmetric encryption, I explained how you use a public key to encrypt data and then need the private key to decrypt the data.

But the reverse also works as well!

You can also use a private key to encrypt data and then use the public key to decrypt the data.

And this is how asymmetric encryption is used in cryptocurrencies!

How Asummetric Encryption Works in Crypto

In crypto, the sender uses his private key to encrypt a special message and the recipient uses the sender’s public key to decrypt it.

It’s the REVERSE from the classic example earlier! Instead of using the RECIPIENT’S keys, it’s the SENDER’S keys that are being used.

If you wanted to send confidential messages this way, it’d be a bad idea since anyone with your public key, which by definition, is public, would be able to decrypt your message and read it.

But in Bitcoin (and other cryptocurrencies), all transactions are made public so it doesn’t need to keep the data private or confidential.

It uses asymmetric encryption for a totally different purpose. And it’s pretty clever.

It uses asymmetric encryption for authentication….to prove you are who you say you are.

More specifically, when you want to send some bitcoins to another person, it’s used to prove that YOU are the actual owner of the bitcoins that you wish to send.

Authentication is the act of proving an assertion, such as the identity of a user. This is in contrast with identification, twhich is he act of indicating a person’s iidentity. Authentication is the process of verifying that identity.

If you encrypt (“lock”) something with your private key, anyone can decrypt it (“unlock”) with your public key.

This serves as proof that you are the original sender of the message because you are the ONLY one who would be able to encrypt the message (because you have the corresponding private key).

And since now that your identity (as the true owner of the bitcoins you wish to send) has been authenticated, you are now authorized to send the bitcoins.

Identification means claiming to be someone. Authentication means proving that you really are who you claimed to be. Authorization means getting access to something due to the previously authenticated identity.

Now that we’ve learned what asymmetric encryption is, and how it works, let’s now put it all together and see how it’s used in digital signatures.