Is part of Public Key Infrastructure (PKI), a type of this is asymmetrical encryption. This is a mathematical trap-door function that enables secure encrypted communication within public-network, preventing eavesdropping.

### The mathematical expression

$$e^{\Phi(k) \times \Phi(d)} \bmod \Mu = C$$Legend:

\( \Phi \) : Phi-function

\( \Mu \) : The message (data)

\( C \) : Ciphertext

The key take away from the mathematical expression is encrypting such a way that the forward (Message -> Ciphertext) is easy to compute but the backward (Ciphertext -> Message) is extremely difficult

$$\begin{align} \begin{split} easy &\to \\ ^{plaintext}ABC &\implies B12A^{encrypted} \\ &\gets hard \end{split} \end{align}$$### Analogy 1

Imagine this fish-trap, where the fish easily goes into the trap, but extremely difficult to for the fishes to escape once is inside of the trap.

### Analogy 2

$$\space A \times B = C$$ multiplying A and B to get C is very easy, but figuring out A and B from C is extremely hard

This is only possible if A and B is extremely large and it is made up of prime-number. Example find the prime number of XXXXXX and YYYYYY where their multiplication is 153153257849.

(hint: \(196169 \times 780721 \) )

### Practical

The informed reader is now understood that, given every key pair consist of private-key and public-key. Note that the public-key can be generated from private-key.

```
# in ~/.ssh/
id_rsa2048
id_rsa2048.pub
```

Alice can distribute as many public-key as she wanted. Imagine this public-key is an unlocked padlock. Whoever wants to send message to Alice in secret can use this unlocked padlock and lock the message.

Only Alice with the private-key, able to decrypt the encrypted message. Therefore Bob is successfully send messages to Alice.

Note that the terminology can be extended to document signing. Since it is a asymmetrical key-pairs.

Only private-key able to *decrypt* public key

this also applies in reverse.

Only public-key able to *decrypt* private-key

Therefore, if a message is encrypted with public-key, is call **encrypting** but
if a message is encrypted with private-key, is call **signing**.

Why the term “signing” is used? because everyone with public-key is able to decrypt an encrypted message by private-key!

Hence, anyone with the public-key able to verify that this message is indeed from the private-key holder.

Conclusion, PKI is used many applications, such as SSH (Secure Shell; uses
private-key pair) and TLS uses *certificate* with private-key pair.