Oddbean

well, it's a pretty dense subject, but the keys (pair - secret and public keys) are mainly used to prove identity (authentication) using signatures, which are codes that give a "true" value when compared with the public key corresponding to a user's secret key but you can use one secret and one public, from two separate key pairs - eg my secret and your public, to generate a secret that the opposite also generates, ie, your secret, and my public key, this is called Elliptic Curve Diffie Hellman, and is used in DMs and is used by TLS/SSL for HTTPS that's the short version of how they work the part about security has to do with bits... they say that a 256 bit encryption secret (like the one you can make with ECDH) has ~128 bits of security because you have to try 2^128 numbers, on average, to find that secret by brute force 256 bits, or 2^256 - even with the Webb telescope's new view of how much bigger the universe is, is still more than the number of atoms in the known universe it's basically impossible even with all the computers in the world trying options, to either break the 256 bit encryption key or steal someone's secret key, in a thousand years at current rates of increase in capacity