SSL/TLS: Why will the server be the only one to be able to decrypt the encrypted number if it's a public key?

Question

Wouldn't anyone else be able to decrypt it too using the public key? Or is it saying that it will be decrypted with a private key. If that's the case how could something be encrypted with one key and decrypted with another?

This is in reference to this wikipedia article.

Specifically - "In order to generate the session keys used for the secure connection, the client encrypts a random number with the server's public key and sends the result to the server. Only the server should be able to decrypt it, with its private key."

Sorry if this was a silly question.

possible duplicate of Various questions about RSA encryption — Artjom B.
It's not a silly question. It's simply too broad. Analogy: Why do you have to push/rotate the door handle to open the door, but don't need to do anything with the handle to close the door? It's just how the mechanism works. Take some example numbers and calculate it through. — Artjom B.

user207421 user207421 · Accepted Answer · 2015-06-23T00:02:06

Because it's public-private key encryption, not symmetric encryption. The plaintext is encrypted to cipher text with the public key and decrypted back to the plaintext with the private key. Trying to decrypt that ciphertext with the public key doesn't work.

SSL/TLS: Why will the server be the only one to be able to decrypt the encrypted number if it's a public key?

1 Answers