Public/private key crypto

Asymmetric crypto gives you two keys that are mathematically linked. What one does, only the other can undo. The private key stays secret, the public key goes everywhere.

There are two operations and they are mirror images.

• Encryption: anyone encrypts with your public key, only you decrypt with your private key. Think sending a sealed envelope.
• Signing: you sign with your private key, anyone verifies with your public key. Think a wax seal that proves you wrote the letter.

That is the whole mental model. Mix it up and you get the VAPID inversion bug, which I will cover later.

The two big algorithm families are RSA and elliptic curve. RSA is older, key sizes are huge (2048 or 4096 bits for safety). Elliptic curve (ECDSA, Ed25519) gets equivalent security with 256-bit keys, so signatures and handshakes are faster and smaller. Modern systems pick Ed25519 or P-256 by default.

Why not use asymmetric for everything? It is 100 to 1000 times slower than symmetric crypto like AES. So real protocols (TLS, SSH, age) use asymmetric crypto once to exchange a symmetric session key, then encrypt the actual data with AES. This is called a hybrid cryptosystem.

Key facts to internalize.

• Public keys are not secret. You can put yours in DNS or on GitHub. Mine is at github.com/yashs33244.keys.
• Private keys never leave the machine that generated them. If you copy a private key across a network unencrypted, you have already lost.
• The "public" key is derived from the private key, never the other way around. You cannot recover a private key from its public key (that is the hard math problem the whole field rests on).

When an interviewer asks "how does HTTPS work" the right opener is: "asymmetric key exchange to agree on a symmetric session key, then AES for the bulk data." Lead with the hybrid model.