Blog/Infosec 101/

Lifting the veil on public key encryption

Jun 03, 2020

public key encryption

Public key encryption (also known as asymmetric cryptography) may sound like a term from spy movies that has nothing to do with regular people. Nothing could be further from the truth — these days, encryption is part of our daily lives, since most digital services rely on it.

Here’s a little history: symmetric encryption, which uses the same key for encryption and decryption, has been around for thousands of years. But it has one disadvantage — to share information with other people, you need to entrust them the key. And the more people that have the keys to something, the less safe it becomes.

By contrast, public key encryption is much safer, because you don’t share your private keys with anybody.

How does public key encryption work?

Public key encryption is a method of encrypting data with two different keys — a public key that is available to everyone and a private one that is known only to the recipient. The keys are linked, which means that information encrypted with a public key can only be decrypted with a corresponding private key. This works the other way around, too — data encrypted with a private key can only be decrypted with a specific public key.

You don’t need to worry about your keys — all encryption happens automatically. Your computer gives the public key to other computers it wants to communicate with while the private key stays in its possession.

Public key cryptosystems

The two most common public key encryption methods are RSA and ECC.

RSA (Rivest-Shamir-Adleman)

RSA is the most commonly used method to encrypt emails, websites, and software. RSA takes two prime numbers and multiplies them to create a public key. However, it was found to be vulnerable, threatening its reputation — experts predict that by 2030 RSA won’t be in use anymore, being replaced with ECC.

ECC (Elliptic Curve Cryptography)

The biggest difference between RSA and ECC is key size. A 256-bit ECC is as strong as a 3,072-bit RSA key, meaning it consumes less computing power and battery for the same security. The small key size is appealing to IoT devices and mobile phones with limited storage space. Most companies providing SSL (Secure Sockets Layer) certification are moving towards replacing RSA with ECC.


Have you ever wondered why some URLs begin with http while others begin with https? The additional letter declares the website is safe to use — it owns a SSL certificate that encrypts visitors’ information.

SSL allows you to securely transmit sensitive information, such as credit card details, login credentials, and social security numbers. The certificate is installed on the server, where the public key is also stored. The private key remains with the user. When a user wants to authenticate himself, his private key must correspond to the public key stored on the server.

SSL has two main purposes:

  • Verifying that you are in fact communicating with the server you actually wanted to reach.
  • Ensuring that only the server can read what you send to it, and only you can read what it sends back.

Combining symmetric and public key encryption

Symmetric and public key encryption are often used together to combine their strengths. As symmetric encryption is faster, it is used to convert plaintext to ciphertext, whereas public key encryption is used to cipher the symmetric key for more security.

NordLocker uses the same method for fast and secure encryption. You don’t need to know all the technology operating behind the scenes, though — even people with limited knowledge can easily encrypt their files with NordLocker. If you’re not sure where to start, you can read all about our secure file encryption software here.

Elisa Armstrong

Elisa Armstrong

Verified author

Elisa’s all about languages. She speaks five, loves stand-up comedy, and is writing her first novel. Besides her extensive knowledge of cybersecurity, she’s an expert in persuasion techniques hackers use and strives to teach people how to avoid online scams.