Suppose Bob wants to send a private message to Alice that he doesn’t want anyone to be able to intercept and read. How can he do this?

He can use asymmetric key encryption as follows:

• Alice generates a public & private key pair (plenty of software can do this).
• Alice makes her public key accessible to everyone in a public key server.
• Bob fetches the public key from Alice’s public key server.
• Bob encrypts his message using Alice’s public key and sends his message to Alice.
• Any malicious hacker who intercepts Bob’s message will only see the scrambled encrypted data so they won’t be able to understand the message.
• Alice receives the encrypted message and decrypts it using her private key.

What if Alice wants to send a secure message to Bob so that a third-party can’t intercept it? The above process is essentially reversed: Bob generates his own public and private key pair, Alice uses Bob’s public key to encrypt, and Bob uses his public key to decrypt Alice’s message.