Suppose Bob wants to send a private message to Alice that he doesn’t want anyone to be able to intercept and read. How can he do this?

He can use asymmetric key encryption as follows:

- Alice generates a public & private key pair (plenty of software can do this).
- Alice makes her public key accessible to everyone in a public key server.
- Bob fetches the public key from Alice’s public key server.
- Bob encrypts his message using Alice’s public key and sends his message to Alice.
- Any malicious hacker who intercepts Bob’s message will only see the scrambled encrypted data so they won’t be able to understand the message.
- Alice receives the encrypted message and decrypts it using her private key.

What if Alice wants to send a secure message to Bob so that a third-party can’t intercept it? The above process is essentially reversed: Bob generates his own public and private key pair, Alice uses Bob’s public key to encrypt, and Bob uses his public key to decrypt Alice’s message.