Key insight
Public-key cryptography gives everyone a matched pair of keys: a public key you share with the whole world, and a private key you never share. What one locks, only the other opens. That single trick lets strangers agree secrets in the open (encryption), lets you prove who you are (signatures), and — wrapped in a certificate a trusted authority vouches for — is exactly what the padlock in your browser relies on. For an AI agent, its private key is its identity: lose it, and anyone can become the agent.
Start with a puzzle that sounds impossible. Two people who have never met, with no private way to talk, need to agree on a shared secret — while standing in a crowded room where everyone hears every word. For most of history there was no good answer. Then a beautiful idea solved it, and that idea quietly underpins nearly every secure thing you do online: banking, messaging, the padlock in your address bar. It is called public-key cryptography, and once you see the trick, none of it is magic anymore.
1 · An impossible-sounding problem
The old way to communicate secretly was to share a secret key ahead of time, in person. That works for two people who can meet, but it falls apart the moment you need to talk securely with someone you have never met — a website you are visiting for the first time, say. Any secret you try to send over the open internet to agree on a key could be read by anyone watching along the way. Public-key cryptography solves exactly this: agreeing a secret in the open, with a stranger, safely.
2 · Two keys instead of one
The trick throws out the idea of a single shared key that both people must already know. Instead, each person has a pair of keys that belong together. One is the public key, which you hand out freely to anyone — it being public is entirely the point. The other is the private key, which you guard fiercely and never share. The two are linked by mathematics so that whatever one locks, only the other can unlock — and knowing the public key does not let anyone work out the private one.
3 · Anyone can lock; only you can unlock
The first use is sending secrets to someone, and it works like a clever mailbox. Picture a mailbox with a narrow posting slot: anyone can drop a letter in, but only the person with the key can open it and take letters out. Your public key is the open slot — you give it to the whole world, and anyone can use it to lock a message meant for you. But that locked message can only be opened by your private key, which never leaves you. So a total stranger, using only your freely shared public key, can send you something nobody else on earth — not even the sender — can unlock. The crowded-room problem is solved.
4 · Signatures: proving it was really you
The second use runs the same idea in reverse, and instead of hiding a message, it proves who wrote it. You use your private key to create a special mark on a document — a digital signature. Because your private key is yours alone, only you could have produced that mark. Then anyone can use your public key to check the signature, confirming two things at once: that it really came from you, and that not a single character has changed since you signed it, because any change breaks the match. This is how software updates prove they came from their maker, and how secure messages prove they were not tampered with. One key pair, two uses: lock with the public key to keep a secret, sign with the private key to prove an identity.
5 · Certificates: who vouches for the key?
There is a gap attackers love. If public keys are handed out freely, how do you know the key claiming to be your bank's really is, and not an impostor's swapped in along the way? The answer is a certificate — a public key with a trusted third party's signature wrapped around it. That third party, a Certificate Authority, checks in advance that a key genuinely belongs to the real bank, then uses its own private key to sign a statement saying so. Your browser and devices come with a built-in short list of authorities they already trust. So when your bank presents a certificate, your browser checks the authority's signature on it, and through that trusted middle-party, believes the key is truly the bank's.
6 · TLS: the padlock in your browser
Now the padlock makes complete sense, because it is all of the above happening in a fraction of a second. When you visit a secure website, a process called TLS runs first, before any real data flows. Your browser asks the site for its certificate and checks that a trusted authority signed it, confirming the site is genuinely who it claims. Then browser and site use public-key cryptography to safely agree a brand-new shared secret key, right there in the open, exactly like the mailbox trick. Finally, they switch to that fast shared key to scramble the entire rest of the conversation. The slow, powerful public-key step is used only briefly — just to introduce two strangers and agree a secret — and then a quick shared key does the heavy lifting.
7 · What it means for an AI agent
This machinery is exactly how AI agents prove who they are to the services they use, and how those services prove themselves back. An agent typically holds its own private key and presents a certificate, so a database, a payment system, or another agent can be certain which agent is calling, and can set up an encrypted channel the same way your browser does with your bank.
The critical thing to understand is that, for an agent, its private key is not just a password — it is its entire identity. Anyone who steals that private key can perfectly impersonate the agent, with all of its access, and no system can tell the difference. That is precisely why agent keys should be stored in protected hardware where possible, given short lifetimes, and rotated regularly, so a stolen key stops being useful quickly rather than forever.
8 · A simple test you can run this week
1. Open a website you trust and click the padlock in the address bar.
2. Read who issued the certificate (the trusted authority) and when it expires.
3. For one system or AI agent, ask: where is its private key kept, and how often is it changed?
4. A private key that is shared between things, or never rotated, is the gap.
The lesson: public keys can be shared with the whole world safely; private keys are the crown jewels, and losing one means losing your identity.
9 · Glossary — every term, spelled out
- Public-key cryptography
- A system using matched key pairs, where what one key locks only the other can unlock, letting strangers agree secrets in the open.
- Public key
- The key you share freely with anyone; used to lock messages to you, or to check your signatures.
- Private key
- The key you never share; used to unlock messages sent to you, or to sign things as you. For an agent, it is its identity.
- Digital signature
- A mark made with a private key that anyone can verify with the matching public key, proving who wrote something and that it was not altered.
- Certificate
- A public key wrapped in a trusted authority's signature, vouching that the key belongs to who it claims.
- Certificate Authority
- A trusted third party that verifies identities and signs certificates; browsers ship with a built-in list of ones they trust.
- TLS
- The process behind the browser padlock: check the certificate, agree a fresh shared key using public-key crypto, then encrypt the conversation with that shared key.
Everyone has a public key to share and a private key to guard; what one locks, only the other opens.
Lock with someone's public key to send them a secret; sign with your private key to prove who you are.
A certificate is a public key a trusted authority vouches for — and TLS uses it to set up the browser padlock.
For an AI agent, the private key is its identity: store it in hardware, keep it short-lived, and rotate it.
References
- NIST Special Publication 800-175B, Revision 1, Guideline for Using Cryptographic Standards: Asymmetric-Key Algorithms, National Institute of Standards and Technology. csrc.nist.gov
- IETF RFC 8446, The Transport Layer Security (TLS) Protocol Version 1.3. datatracker.ietf.org
- This guide’s Multi-Factor Authentication, Explained From Zero — where physical keys strengthen the proof of identity.
- This guide’s Hashing vs Encryption vs Encoding, Explained From Zero — the shared-key encryption TLS switches to.