There really isn’t a “ELI5” answer to modern cryptography. It is very complex.

The high-level answer is that there is a type of cryptography that uses two keys – one to encrypt and one to decrypt. Having one key doesn’t help you – you can have encrypted data _and_ the encryption key and you _still_ can’t decode the data; you have to have the decryption key to decrypt.

This means that you can make the encryption key public – tell anyone who wants to send you encrypted data to use that encryption key. You then keep the decryption key a secret – only you know it. The result is anyone can send you encrypted data – even folks you don’t have prior contact with – and you can be confident the data is secure. This is the basis for almost all modern web traffic security.