It works using two extremely large numbers. Multiplying these out gives you a third even larger number. These numbers are so huge that you have to have special maths libraries in order to handle them on a computer.

When the numbers are as big as they are, if you are given only the result, trying to work out which two numbers were multiplied together to create the total is extremely difficult without checking every possible number in between, which can take longer than the age of the universe (because the numbers used are just that large).

So what you end up with is two secret numbers that multiply out to a third public number.

With a bit of clever maths (far too clever for an ELI5), you can thus distribute the third number to anyone. Only you are likely to know the numbers that made it. But once you *know* even one number that made it, finding the other is instantaneous.

Using the clever maths, you can thus “encrypt” the message with the big number. And it’s almost impossible to decrypt. But if you have one of the numbers that started out, and you know the big number (which is given away) you can *easily* decrypt it. You’ve made a lock that’s incredibly simple to lock, yet incredibly difficult to open unless you know a secret number. With the secret number, it’s incredibly simple to open. Or, to use encryption terminology, the “public key” encrypts data, and ANYONE can know that and encrypt data. The “private” key associated with it is kept secret and only the person who needs to receive the message has it. They never give it to anyone else. And it is the only thing that can decrypt the data. Without the private key, there are just FAR TOO MANY possibilities of two numbers that might multiply out to the public key that you can’t try them all before the universe finishes.

(For example, say you chose 20 as the big number. That could be 1 x 20. or 2 x 10. Or 4 x 5. One small number gives you three possibilities. As the numbers get bigger, the number of possibilities can get insane – a number with trillions of digits will have trillions of possible factors).

It’s not *quite* that simple, but that’s the basic principle. In reality the “public” number is a mix of a small number and a big number, and the “private” number is a different mix. And both numbers are incredibly large prime numbers. But the maths is basically just that.

A x B = C.

Tell everybody C and let them use it to encrypt messages in a special way. But C alone is useless, because of the way encryption is done.

There are now so many possible A’s and B’s that multiply out to C that you can never know if you have the right one (not just trillions but trillions upon trillions upon trillions upon trillions…)

But if you happen to know A, and C is something that you’ve told everyone, then finding B is very easy. And if you make it so that you need the right A and B to unlock a message encrypted with C (using clever maths), then you’ve just invented public key cryptography.

The maths to turn this into an encryption scheme where you can’t just “guess” at A and B, and where C can never decrypt a message on its own is some of the best mathematics in the world. It’s held your bank and credit card info secure, and even military secrets, for nearly 80 years (the UK GCHQ invented PKC back after beating Enigma in WW2 but never told anyone… three Americans (RSA) discovered the exact same thing for themselves in the 70’s… we didn’t tell them that we already had it until late into the 90’s).