# Asymmetric Encryption ## What is Asymmetric Encryption Asymmetric encryption, also called public key cryptography, uses a mathematically related pair of keys rather than a single shared key. One key is the public key, which can be freely shared with anyone. The other key is the private key, which must be kept secret by its owner. Data encrypted with the public key can only be decrypted with the corresponding private key. Data encrypted with the private key can be decrypted with the corresponding public key. This mathematical relationship makes asymmetric cryptography extremely useful for solving the key distribution problem that affects symmetric encryption. ## How Asymmetric Encryption Works The security of asymmetric encryption relies on mathematical problems that are easy to compute in one direction but computationally infeasible to reverse without additional information. RSA relies on the difficulty of factoring the product of two large prime numbers. Elliptic Curve Cryptography relies on the difficulty of solving the elliptic curve discrete logarithm problem. The public and private keys are generated together as a mathematically related pair. The public key can be derived from the private key, but the private key cannot be derived from the public key within any practical time frame using current or foreseeable computers. ## Encryption and Decryption with Key Pairs When someone wants to send a confidential message to a recipient, they encrypt the message using the recipient's public key. Only the recipient, who possesses the corresponding private key, can decrypt the message. Anyone can encrypt a message to a recipient, but only that specific recipient can decrypt it. This solves the key distribution problem because the public key can be shared openly without compromising security. ## RSA Algorithm RSA, named after its inventors Rivest, Shamir, and Adleman, is the most widely used asymmetric algorithm. RSA key generation involves selecting two large prime numbers and computing their product as the modulus. The public and private keys are numbers that have a specific mathematical relationship with the prime numbers. RSA encryption raises the plaintext to the power of the public exponent modulo the modulus. Decryption raises the ciphertext to the power of the private exponent modulo the modulus. The security depends on the difficulty of factoring the modulus back into its prime factors. RSA keys must be at least 2048 bits long to be considered secure today. ## Elliptic Curve Cryptography ECC is a newer approach to asymmetric cryptography based on the mathematics of elliptic curves. ECC provides equivalent security to RSA with much shorter key lengths. A 256-bit ECC key provides comparable security to a 3072-bit RSA key. Shorter keys mean faster computation and less data to transmit, making ECC particularly valuable for mobile devices and IoT applications with limited processing power. ## Digital Signatures Using Asymmetric Cryptography Asymmetric cryptography enables digital signatures. A sender signs a message by encrypting a hash of the message with their private key. Anyone with the sender's public key can decrypt the signature and compare it to their own calculation of the message hash. If they match, the message is authentic and unmodified, and the sender cannot deny having signed it.