Asymmetric Cryptography: The Idea That Changed the Internet
How public-key cryptography works, where you use it without knowing, and the story of the idea that was invented twice. With curious facts and original references.
Every time you see the padlock icon in your browser, every time you digitally sign a document, every time someone sends you a WhatsApp message that nobody else can read... behind all of that is an idea that's less than 50 years old and was, curiously enough, invented twice.
This is the story of asymmetric cryptography. How it works, where you use it without realizing, what companies depend on it, and a few things you probably didn't know.
The problem nobody could solve
Imagine you want to send someone a secret message over the internet. You encrypt it with a key. Great. But now you have a problem: how do you send that key to the other person without someone intercepting it along the way?
It's like mailing a locked box. Your friend needs the key to open it, but if you put the key inside the box... they can't open it. And if you send the key separately, anyone can copy it.
For centuries, cryptography worked this way: both parties shared the same key (what we now call symmetric cryptography). It worked fine if you were in the same room, or if you had a trusted messenger. But in a world where millions of people need to communicate securely with strangers over a public network... it didn't scale.
The mailbox idea
In 1976, Whitfield Diffie and Martin Hellman published a paper that changed everything: "New Directions in Cryptography". The idea was elegant and counterintuitive: what if instead of one key, we used two?
The clearest analogy is a mailbox on the street. Anyone knows where it is and can drop a letter in (that's your public key). But only you have the key to open it and read the letters (that's your private key).
The two keys are mathematically related, but knowing one doesn't let you figure out the other. You can publish your public key on your website, in your email, wherever you want. Whoever wants to send you something secret encrypts it with your public key. And only you, with your private key, can decrypt it.
That simple. That revolutionary.
But the British invented it first (and couldn't tell anyone)
Here's the first twist. In 1997, the British government declassified a document that rewrote history: intelligence agency GCHQ (Britain's equivalent of the NSA) had discovered public-key cryptography years before Diffie and Hellman.
James Ellis conceived the idea in 1969. Clifford Cocks developed what was essentially the RSA algorithm in 1973, four years before Rivest, Shamir and Adleman published it. And Malcolm Williamson discovered the Diffie-Hellman key exchange in 1974, two years before the Stanford paper.
The difference: everything was classified. They couldn't publish it, couldn't patent it, couldn't tell anyone. Williamson wanted to go public when he saw the Diffie-Hellman paper, but his superiors vetoed it. They weren't visionary enough to see the digital revolution coming.
When Diffie traveled to meet Ellis years later, Ellis told him: "Well, I don't know how much I should say. I'll just say you did a lot more with it than we did."
Williamson was more philosophical: "My reaction was: OK, that's the way it goes. Basically I just got on with life."
Ellis died in November 1997, one month before his work was declassified. He never received public recognition.
How it works (no formulas)
Asymmetric cryptography relies on mathematical problems that are easy to do in one direction but practically impossible to reverse.
The classic example: multiplying two enormous prime numbers is trivial for a computer. But given the result, figuring out which two primes produced it is computationally infeasible if the numbers are large enough. The RSA algorithm, published in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman (three MIT professors), is based on exactly this.
To get a sense of scale: a 2048-bit RSA key (the current standard) means factoring a number with roughly 617 decimal digits. Multiplying the two primes that compose it takes microseconds. Reversing the operation with the best available technology would take longer than the universe has existed. That's not rhetoric: it's an actual estimate. The public factoring record is RSA-250, a 250-digit number (829 bits), achieved in 2020 using the equivalent of 2,700 years of single-core computation. And that's less than half the bits in a standard key.
An important nuance: RSA with short keys is no longer secure. 512-bit keys were broken in 1999, and 1024 bits has been considered vulnerable for years. That's why the minimum today is 2048 bits, and 4096 is recommended for long-term protection.
Another approach uses elliptic curves (ECC): points on a mathematical curve where operations have similar "easy one way, impossible the other" properties, but with much shorter keys. A 256-bit ECC key provides security equivalent to a 3,072-bit RSA key. That's why ECC has become the standard on mobile devices, IoT, and blockchain, where computing resources are limited.
The key point is that you never need to share your private key with anyone. That was the original problem, and asymmetric cryptography solves it at the root.
Where you use it every day (without knowing)
Asymmetric cryptography is everywhere. Literally.
Every HTTPS webpage. When your browser connects to a secure website, the first step is a "handshake" where asymmetric keys are exchanged. Your browser uses the server's public key to establish a secure channel. Then, for efficiency, it switches to symmetric encryption (AES) for the rest of the session. Asymmetric is the handshake; symmetric is the conversation.
WhatsApp, Signal, Telegram. When you start a chat, these apps use asymmetric cryptography (the Signal protocol uses Diffie-Hellman over elliptic curves) to exchange keys. Then each message is encrypted with symmetric keys derived from that exchange. Not even WhatsApp's servers can read your messages.
Digital signatures. When you sign a PDF, a Git commit, or a software update, your private key creates a signature that anyone can verify with your public key. This proves the document wasn't altered and that you actually signed it.
Bitcoin and crypto. Your Bitcoin wallet is basically an asymmetric key pair. The public address is where people send you funds. The private key is what lets you spend them. Lose the private key, lose access forever.
SSH and server access. When you ssh into your server, key-based authentication uses asymmetric cryptography. Your public key sits on the server; your private key stays on your machine. Without the private key, nobody gets in. If you want to dig deeper into this, we have a complete SSH guide for developers.
Asymmetric cryptography in business
For companies, asymmetric cryptography isn't optional: it's infrastructure.
TLS/SSL certificates are the foundation of all secure web communication. Each certificate contains a public key tied to a domain, verified by a certificate authority. Without this, there's no HTTPS, no e-commerce, no online banking.
Code signing. Microsoft, Apple, Google, and any company that distributes software signs its binaries with asymmetric keys. When your operating system verifies that an update is legitimate, it's checking that signature. It's what prevents someone from slipping you malware disguised as a Windows update.
Secure business email. Protocols like S/MIME and PGP use key pairs to encrypt emails end-to-end. In regulated industries like banking, healthcare, or defense, this isn't optional: it's a legal requirement.
Public Key Infrastructure (PKI). Large organizations maintain an entire hierarchy of certificates and asymmetric keys to authenticate devices, employees, internal services, and APIs. It's invisible to the end user, but if it fails, everything goes down.
Envelope encryption. Services like AWS KMS, Google Cloud KMS, and tools like SecureCodeHQ use a pattern called "envelope encryption" where a symmetric key encrypts the data (fast), and an asymmetric key protects that symmetric key (secure). The best of both worlds.
The hack that shook RSA itself
In March 2011, RSA Security (yes, the company named after the algorithm, founded by Rivest, Shamir, and Adleman) suffered one of the most impactful attacks in cybersecurity history.
It all started with an email. An employee received a message with an Excel attachment titled "2011 Recruitment Plan." It looked like it came from a colleague. They opened it. Inside was an Adobe Flash zero-day exploit that installed a trojan called Poison Ivy.
From there, the attackers escalated privileges, moved laterally through the network, and reached what they were looking for: the cryptographic "seeds" of SecurID, the two-factor authentication system used by 250 million people worldwide, including the US military, Lockheed Martin, and Northrop Grumman.
The direct cost to EMC (RSA's parent company): $66.3 million. Lockheed Martin had to temporarily disconnect its network. The attack is suspected to have been carried out by a Chinese military cyber-espionage unit.
But the story has a twist that wasn't known until 10 years later, when the RSA executives' non-disclosure agreement expired. The attackers came back a second time looking for the master keys, which proved they hadn't actually gotten them in the first attack. The exfiltrated data was useless without those keys. RSA had protected its data both times, but the reputational damage was already done.
The irony: the company that invented the standard for asymmetric cryptography wasn't hacked through a cryptographic flaw, but because an employee opened an Excel file.
What's coming: the quantum threat
There's a clock ticking for asymmetric cryptography as we know it. Quantum computers, once powerful enough, will be able to run Shor's algorithm, which solves the large prime factorization problem exponentially faster than any classical computer. That would break both RSA and ECC.
When? Nobody knows for certain. Estimates range from 10 to 30 years. But the problem is that data encrypted today can be stored and decrypted tomorrow when the technology is ready. It's called "harvest now, decrypt later."
That's why NIST (the US standards institute) finalized three new post-quantum cryptography standards in August 2024, based on mathematical problems believed to be resistant to quantum computers: lattices, hash-based signatures, and others.
The transition has already begun. Symmetric cryptography like AES-256 is considered resistant to quantum computing (Grover's algorithm only halves the security, so AES-256 would be equivalent to 128 bits, which is still sufficient). But all asymmetric infrastructure will need to migrate.
Curious facts to close
RSA sold for $200 million in 1996. RSA Data Security, a company built on an algorithm that three MIT professors published in an academic paper. Pure mathematics turned into a multi-million dollar business. Extra fact: that 1977 paper also introduced the world to "Alice and Bob," the fictional characters that have been used universally to explain cryptographic protocols ever since. Diffie called it "the most spectacular contribution to public-key cryptography."
A British mathematician tried to prove public-key cryptography was impossible. Malcolm Williamson of GCHQ was so convinced that Cocks's idea had a flaw that he took the work home (something forbidden for intelligence employees). After five hours trying to find the error, he ended up discovering a second public-key algorithm. Sometimes trying to break something is the best way to build something new.
Diffie-Hellman should be called Diffie-Hellman-Merkle. Hellman himself suggested this in 2002 to recognize Ralph Merkle's contributions. The community partially accepted it, but the original name stuck out of inertia.
The oldest known cryptography is almost 4,000 years old. Around 1900 BC, in the tomb of Egyptian nobleman Khnumhotep II, a scribe carved non-standard hieroglyphs instead of the usual ones. Though the purpose wasn't to hide a message but to give it a more mysterious and elegant feel (something like "decorative cryptography"), it's the oldest evidence of deliberate text transformation. The first cipher with a real intent to conceal information came later: a Mesopotamian clay tablet from around 1500 BC that encrypted a recipe for ceramic glaze, likely for its commercial value. And around 50 BC, Julius Caesar used his famous substitution cipher to communicate with his generals in the field. From there to elliptic curves... it's been a long journey.
Your browser negotiates asymmetric cryptography multiple times a day without you noticing. Every new HTTPS tab involves a TLS handshake. If you have 20 tabs open, you've done 20 asymmetric key exchanges just today.
Asymmetric cryptography is one of those ideas that seems obvious once you understand it, but that took humanity thousands of years to conceive. And three British spies decades of silence before the world knew they were first.
Original papers and references
The two foundational papers on asymmetric cryptography are freely available:
"New Directions in Cryptography" by Whitfield Diffie and Martin Hellman (1976). The paper that introduced the concept of public-key cryptography and the Diffie-Hellman key exchange. Published in IEEE Transactions on Information Theory. ee.stanford.edu/~hellman/publications/24.pdf
"A Method for Obtaining Digital Signatures and Public-Key Cryptosystems" by Ron Rivest, Adi Shamir, and Leonard Adleman (1977). The first practical implementation: the RSA algorithm. Published in Communications of the ACM. people.csail.mit.edu/rivest/Rsapaper.pdf
History of cryptography on Wikipedia. Comprehensive article on the evolution of cryptography from ancient Egypt to the modern era. en.wikipedia.org/wiki/History_of_cryptography
Cryptographic hieroglyphic writing on Encyclopaedia Britannica. Detailed analysis of non-standard hieroglyphs used as decorative cryptography in ancient Egypt. britannica.com/topic/hieroglyphic-writing
The alternative history of public-key cryptography on Cryptome. The story of Ellis, Cocks, and Williamson at GCHQ, with direct quotes. cryptome.org/ukpk-alt.htm
The Untold Story of the RSA Breach on Cybereason. The full account of the 2011 RSA hack, told for the first time by the executives who lived through it. cybereason.com/blog/the-untold-story-of-the-rsa-breach-part-1
The Story of the 2011 RSA Hack on Schneier on Security. Analysis by Bruce Schneier on the RSA incident. schneier.com/blog/archives/2021/05/the-story-of-the-2011-rsa-hack.html
Asymmetric Encryption on IBM. Technical but accessible explanation of how asymmetric cryptography works and its enterprise applications. ibm.com/think/topics/asymmetric-encryption
Post-Quantum Cryptography Standards from NIST. The new post-quantum cryptography standards finalized in 2024. netlibsecurity.com/articles/symmetric-vs-asymmetric-encryption-in-a-quantum-world
Further reading
- SSH for developers: keys, servers, and AI agents to see asymmetric cryptography in action with servers and GitHub
- 5 secret mistakes on your server for what happens when keys aren't managed properly
- AI agent security: a practical guide covers how coding agents interact with your secrets
- The complete guide to LLM security for the broader AI threat landscape
- Why .env files are dangerous with AI agents on the problem of secrets sitting on disk
- Try SecureCode free. Envelope encryption (AES-256-GCM + Cloud KMS) for your secrets.