Public key isn’t enough to decrypt the packages. Your private key is needed too.

Easiest way to understand this is, let’s say your private key is 9973, the largest 4 digit prime number and the public key is 997. Multiplication of these give you 9,943,081. Factoring out 9,943,081 is time consuming, but if you have the public key, it’s trivial.

A public key only allows someone to encrypt messages that you can decrypt with your private key. The person encrypting the message can’t even decrypt it again themselves unless they have your private key. 

In public key cryptography the message is encrypted with the public key and decrypted with the private key.

Asymmetric encryption involves creating a pair of keys. Anything encrypted by one key can only be decrypted by the paired key. The same key cannot be used to decrypt anything that it encrypts. In order to exchange encrypted data, we dub one key the “public key” and the other the “private key”

So, to have an encrypted email exchange, you give your public key to whoever you want to email you. In turn, they send you their public key. Any email that they encrypt with it can only be decrypted by you because only you have the private key. It doesn’t matter if anyone else has the same public key. Conversely, when you email them, you use their public key, and only they will be able to decrypt it.

It should be noted that you should not be using your private key to send encrypted data you intend for only the recipient to read, since anyone with your public key could read it. You can use your private key to verify you are the one sending it. This happens by first encrypting the data using your recipient’s public key to encrypt the email you are sending. You then encrypt that with your private key. Your recipient will then decrypt with your public key. Since the public key can only decrypt what has been encrypted with the private key, they know it comes from you. They will then decrypt what was decrypted with your public key with their private key so they can read the email.

When receiving your public key encrypts it but only your private key decrypts it. When you are sending it you use their public key and then only their private key will decrypt it.

The public key of asymetrical encryption is, well, public, its not a secret, you can share it with anyone or post it on facebook.

All others can do with that key is validating that a message was written by you(or whoever holds the private key to that public key) or encrypt mesaages with it that only the private key can decrypt.

Think of a locked box. The lock on it is kind of special. Only one key unlocks but there is a key (public key) that can lock the box. So you send out the lock box and the public key to someone. They put what they want to send to you in the box and use their public key to lock the box. No one else can unlock the box unless they have the unlock (ie private) key.

Think of it like a public drop box. Anyone can drop stuff into the drop box. This is the public key part of it. But once it’s been dropped into the box only the person with the private key to the drop box can unlock it and get to the contents inside. Handing out the public key is basically letting everyone know where your drop box is.

[deleted]

It is some amazing math. You have two separate keys that work together. When you encrypt with the public key you can’t unencrypt with that same key It has to be done with the private key.

For the encryption a public key is like having a bunch of lock boxes that people can come by and pick up put their message in and send it to you but only you having the key can unlock it.

And the other direction you can sign a message with your private key so that when someone receives it they can use the public key you yourself have published to confirm that the message was sent from you and has not been altered.

for how all the math works, I’ll have to leave that to someone who understands it better than I do. https://en.m.wikipedia.org/w/index.php?title=Public-key_cryptography