## DEV Community is a community of 788,395 amazing developers

We're a place where coders share, stay up-to-date and grow their careers.

Robertino

Posted on

# How to Explain Public-Key Cryptography and Digital Signatures to Anyone

#### đź”Ť Hereâ€™s an easy-to-understand analogy to help your non-technical friends and customers understand public keys and private keys, and how they relate to cryptography and digital signatures.

If you work in cybersecurity or any computer-related field, sooner or later, youâ€™ll have to explain public-key cryptography and digital signatures to non-technical people. With the recent rise of remote work and stories about system breaches, computer security has become a topic of discussion even among laypeople.

After trying to explain public-key cryptography and digital signatures to some clients with varying degrees of success, I wanted to develop an analogy that explained them and was easy to remember. Iâ€™ve found that even techies get confused by the formal definitions, and many non-technical explanations just seem unsatisfying.

Thatâ€™s when I stumbled upon Panayotis Vryonisâ€™ article, Public-key cryptography for non-geeks. It became my go-to analogy until my computer science professor, Dr. Robin Dawes pointed out a flaw. I refined it with his help, and a suggestion from Matthew Ernest, and the result is below. I hope you find it helpful when trying to explain these concepts to anyone!

## The Box

Imagine a box with a special lock, as pictured below:

The lock has three positions:

1. When the lock is at the â€ś9:00â€ť position, the box is locked, and its contents are inaccessible.
2. When the lock is at the â€ś12:00â€ť position, the box is unlocked, which means you can open it and view its contents.
3. When the lock is at the â€ś3:00â€ť position, the box is locked, and its contents are inaccessible.

In order to avoid wandering into endless â€śWhat if...?â€ť tangents, assume that itâ€™s prohibitively costly to pick the lock or break the box.