The private/public key system is widely used, for example in cryptocurrencies, to send encrypted messages or for electronic signatures. There are a few things to understand, but the difficulty is not that great.
One day, you find an old coffee grinder, and when you open the lid, a sort of cloud of coffee dust comes out. It transforms into a strange being and declares, "I am SSH Keygen, master of magicians.". Quite pleased, you ask for your first wish, but he responds, "No, instead I will give you two magician minions: one that you must hide from everyone because he is forever grounded and will disappear if seen by anyone other than you, and another that you can show to everyone." Strange, you think, and you reply, "What kind of nonsense is this, are you a bug in the matrix or something, what’s the point of all this?" "It’s for magic, of course, here’s what they can do:" ? - If you show a text to your private magician, he can create a signature that no one can imitate, and everyone can verify that it was the private magician who signed it
To do this, you just need to ask the public magician if the signature comes from the private magician. But that's not all: this signature proves that you provided the original document because no other document could have resulted in this signature. So the signature is unique to both your private magician and your document.
- Uh, yes, and then ?
- A little riddle to start with: how do you prove that you possess the private magician without showing him ?
- Well... I have to have him sign something, that's for sure because that's the only thing I know he can do, and of course, I have to give the signature. But my interlocutor might say that I picked up a random signature. Oh yes, unless I sign a document that my interlocutor just gave me, that way he can ask the public magician if the private magician really signed the document.
- Exactly, well done! And there are plenty of other tricks they can do. For example, how do you prove that you hold a document now without giving the document.
- Uh, I give its signature ?
- Exactly, that way you can provide the document later, and your interlocutor can verify that the signature you gave earlier matches this document, and that it was indeed you who signed it since you’re the only one with access to the private magician. You're doing well.
- Oh, you know, I always have to sign, so I answer that, but I don't feel like I fully understand.
- That’s normal, magic is strange, but you'll see that you're starting to get it.
- Okay, but what’s the point of proving that you had a document ?
-For a lot of things, for example, you make a video, and you want to prove that you made it; you just have to sign it and send the signature anonymously. Since you send the signature before its release, it's a good piece of evidence that you’re the originator.
-Well okay, it's true that could be useful
-Oh, but that's not all, they have a few more tricks. For example, someone can invite your public magician and have him encrypt a document, then they can send it to you so that no one else can read it. Only your private magician will be able to decrypt it.
-Wow, that's impressive, I thought the public magician could only answer questions.
-No, in fact, he is just as powerful as the private one, but depending on the needs, both can do different things. They look a bit alike when you look at them, but you must never show the private magician, or everything will vanish forever.
-But how can you ensure that no one ever sees your private magician.
-I put him in a safe locked with a strong password.
-But that’s harsh, poor thing, with all the services he provides you.
-Don't worry, he's an electronic being, for him, time doesn't exist.