1 article with this tag
Public-key crypto uses a 'public key' (safe to hand out) and a 'private key' (held only by the owner). Anything encrypted with the public key can only be decrypted by the matching private key, and a signature made with the private key can be verified with the public key. That asymmetry underpins TLS (HTTPS) key exchange, digital signatures, and passkeys. Defenses: don't roll your own crypto (use standard protocols and battle-tested libraries), protect and be able to revoke the private key, and keep key length and algorithms current.