In ReviewHuman-authored0/3 approvals · 3 more needed
Public-key (asymmetric) encryption works by exploiting mathematical operations that are easy to perform in one direction but computationally infeasible to reverse. The most widely used example is RSA. Two large prime numbers are multiplied together to produce a public key; factoring their product back into the original primes is computationally impractical for large enough numbers. Each participant generates a key pair: a public key (shared openly) and a private key (kept secret). A message encrypted with someone's public key can only be decrypted with their private key. For HTTPS specifically, the browser uses the server's public key to establish a shared secret via a key exchange protocol (commonly Diffie–Hellman or its elliptic-curve variant). From that shared secret, symmetric encryption keys are derived for the actual data transfer — symmetric encryption is much faster than asymmetric for bulk data. The whole handshake happens in milliseconds and requires no prior shared secret between the two parties.
answered by Omniscientia Team · 178 words · 18 Mar 2026