Also referred to as asymmetric cryptography or public key cryptography, this security approach differs from symmetric encryption in a fundamental way: it uses two distinct keys instead of one shared key.
In symmetric systems like the Advanced Encryption Standard (AES), both parties use the same secret key—a temporary key shared by both parties—to encrypt and decrypt data. This approach requires the key to be securely exchanged beforehand. Public key encryption avoids this challenge by using a public key to encrypt and a private key to decrypt. It’s like a mailbox that anyone can drop a letter into, but only the owner can unlock.
This separation enables secure communication over untrusted networks. It also supports additional capabilities such as digital signatures, authentication and non-repudiation (undeniable proof of authorship).
In practice, the two security approaches are often combined: public key encryption establishes a shared secret, which is then used for faster symmetric encryption of the actual data.
Industry newsletter
Stay up to date on the most important—and intriguing—industry trends on AI, automation, data and beyond with the Think newsletter. See the IBM Privacy Statement.
Your subscription will be delivered in English. You will find an unsubscribe link in every newsletter. You can manage your subscriptions or unsubscribe here. Refer to our IBM Privacy Statement for more information.
Public key encryption solves one of cybersecurity’s most enduring challenges: protecting sensitive information in environments where trust is limited or non-existent.
According to Google’s Transparency Report, desktop users load more than half of the pages they view over Hypertext Transfer Protocol Secure (HTTPS) and spend two-thirds of their time on encrypted pages. HTTPS relies on cryptographic protocols like Secure Sockets Layer (SSL) and Transport Layer Security (TLS), which secure data in transit by encrypting the connection between systems. Although technically distinct, SSL and TLS are often used interchangeably, with TLS being the more modern and secure successor to SSL.
During the initial handshake, secure communication is established through SSL/TLS certificates, which are digital credentials that verify a website’s identity and establish an encrypted connection. The site uses public key encryption to securely exchange a shared secret which is then used to encrypt the rest of the session with faster symmetric encryption.
With millions of SSL/TLS certificates issued daily—at times reaching 340,000 TLS certificates an hour—public key encryption underpins the secure connections established every day. In doing so, it forms the backbone of safe digital communication.
Beyond shoring up websites, public key encryption delivers several essential capabilities that make secure communication possible:
These capabilities underpin many of today’s security protocols and applications, including secure file transfer, encrypted email and various cryptosystem models used in cloud computing and beyond.
Public key encryption relies on a series of interrelated processes, each essential to enabling secure, verifiable communication at scale.
Cryptographic algorithms such as the RSA algorithm (named after founders Rivest, Shamir and Adleman) and Diffie-Hellman are used to generate a public and private key pair.
These algorithms are based on complex mathematical problems—such as factoring large prime numbers or solving discrete logarithms—that are easy to compute in one direction but difficult to reverse without the private key.
The public key is shared widely through directories, application programming interfaces (APIs) or digital certificates issued by a certificate authority. The private key remains confidential. If it's lost or stolen, it cannot be recovered, creating a major vulnerability. If compromised, a private key can allow attackers to decrypt messages, forge digital signatures or impersonate legitimate users.
Organizations often use related keys for different tasks: one asymmetric key for signing, another for encryption and ephemeral keys for short-lived sessions. Managing these cryptographic keys effectively is critical to the security of any encryption system.
To encrypt data, the sender uses the recipient’s public key. This transforms the plaintext—readable data—into ciphertext, which appears scrambled and unreadable without the proper key. Only the recipient’s corresponding private key can decrypt the ciphertext and restore it to its original, readable form.
This asymmetric encryption approach enables secure communication without requiring a prior exchange of secret keys. It protects against man-in-the-middle (MITM) attacks by ensuring that only the intended recipient can decrypt the message.
While asymmetric encryption removes the need to exchange a shared secret in advance, it is often used to securely establish one. This shared secret is then used with symmetric encryption algorithms to secure the data in transit, whether it’s a credit card number or private messages between users.
Symmetric key encryption—also known as symmetric cryptography—is more efficient for bulk data. So, a hybrid encryption system combines this strength with those of public key encryption. It uses public key encryption for secure key distribution and then switches to symmetric key encryption like AES for the data itself.
Digital signatures allow senders to sign data using their private key. The signature can be verified by anyone using the public key, confirming the sender’s identity and the data’s integrity.
Algorithms such as the Digital Signature Algorithm (DSA) and the Elliptic Curve Digital Signature Algorithm (ECDSA) play a critical role in achieving non-repudiation and trust. They are widely used in software distribution, secure updates and document signing workflows.
The strength of an encryption system depends on the cryptographic algorithms, key length and key management practices. Poor implementation or short keys leave systems open to brute force attacks.
The National Institute for Standards and Technology (NIST) recommends at least 2048-bit key length for RSA and 256-bit keys for elliptic curve cryptography. Key distribution protocols and robust encryption algorithm implementation are considered essential for long-term data protection.
Different key encryption algorithms provide different trade-offs in performance and security:
RSA is a staple of asymmetric cryptography. It relies on the difficulty of factoring large numbers and supports both encryption and digital signatures.
Developed by NIST, DSA supports digital signatures and meets Federal Information Processing Standards (FIPS) compliance requirements.
This algorithm is best known for secure key exchange and the creation of a shared secret key across untrusted channels.
There are also broader approaches to deploying public key encryption. One example is elliptic curve cryptography (ECC), a family of cryptographic algorithms that enable strong encryption with smaller keys and reduced computational load.
Specific elliptic curve–based Digital Signature Algorithms—such as Edwards-Curve DSA (EdDSA) and Elliptic Curve DSA (ECDSA)—are widely adopted in Secure Shell (SSH), JSON Web Tokens (JWT) and zero trust architectures. Their efficiency makes them especially useful in Internet of Things (IoT) and mobile environments.
Other emerging approaches, such as lattice-based and hash-based cryptography, have the potential to resist attacks from quantum computers. These post-quantum algorithms are part of ongoing efforts to future-proof encryption systems as computational threats evolve.
Public key encryption appears in nearly every modern cybersecurity framework, whether it’s safeguarding ecommerce transactions or enabling secure remote server logins. Common use cases include: