5.4 Asymmetric Cryptography

Unit 5 — Securing Applications and Data | Topic 5.4

Asymmetric Cryptography

Public/private key pairs, RSA and ECC, key-length security, keyspace mathematics, and OpenSSL asymmetric commands.

Lesson 4 of 6 ~45 min LO 5.4.A – 5.4.C Skills: Mitigate Risk
★ AP Exam Focus — Topic 5.4

• The sender encrypts with the RECEIVER'S public key; only the receiver's private key can decrypt it — this is the single most-tested concept in 5.4

• Private key rules: never share it; if compromised or exposed, delete the entire key pair and generate a new one

• Keyspace: n-bit key → keyspace 2n; average brute-force guesses = 2n-1; longer key = more secure but slower

• Key-length comparison is ONLY valid within the same algorithm: AES-128 vs AES-256 ✓ valid; AES-128 vs RSA-2048 ✗ invalid

• Common asymmetric algorithms: RSA and ECC (elliptic curve cryptography)

• OpenSSL asymmetric commands: genrsa generates the key pair; rsa -pubout extracts the public key; pkeyutl -encrypt -pubin encrypts; pkeyutl -decrypt decrypts

College Board Essential Knowledge Coverage

Topic 5.4 — What Is Testable

CED Ref Essential Knowledge Covered In
5.4.A.1 Asymmetric encryption allows secure communication without pre-arranging a shared secret key Section 2 — Key Pairs
5.4.A.2 Key pairs: generated together through a mathematical process; one designated public, one private; mathematical inverses of each other; either key can encrypt, only the partner key can decrypt Section 2 — Key Pairs
5.4.A.3 Private key must be stored securely; if compromised/exposed/stolen/corrupted, delete the entire key pair and generate a new one; public key is published for anyone to use Section 2 — Private Key Security
5.4.A.4 To send information securely: sender uses RECEIVER'S public key to encrypt; only receiver's private key can decrypt Section 2 — Encryption Direction
5.4.B.1 Longer keys → larger keyspaces; n-bit key has keyspace 2n Section 3 — Keyspace
5.4.B.2 Average brute-force guesses to find correct key = 2n/2 = 2n-1 Section 3 — Keyspace
5.4.B.3 Longer keys are more secure but require more time to encrypt/decrypt Section 3 — Security vs Speed
5.4.B.4 Computing power continues to improve; key-length recommendations are periodically increased to account for this Section 3 — Future-Proofing
5.4.B.5 Key-length comparison only valid within the same algorithm (AES-128 vs AES-256 valid; RSA vs AES invalid) Section 3 — Comparison Rule
5.4.C.1 Common asymmetric algorithms: RSA and ECC; used in digital signatures and certificates Section 4 — Algorithms
5.4.C.2 Can use CLI (OpenSSL), specialized software, or web tools for asymmetric encryption Section 4 — Tools
5.4.C.3 OpenSSL commands: genrsa to generate key pair; rsa -pubout to extract public key; pkeyutl -encrypt to encrypt; pkeyutl -decrypt to decrypt Section 4 — OpenSSL Commands
♡ Bellringer — 3 Questions, 5 Minutes

Answer independently. No notes.

  1. Alice wants to send Bob a secret message using asymmetric encryption. Whose key does Alice use to encrypt, and whose key does Bob use to decrypt? Why can this work without Alice and Bob ever meeting to share a secret?
  2. Bob generates an RSA key pair. His laptop is stolen and the thief finds his private key. What must Bob do, and why can't he just generate a new public key and keep the old private key?
  3. An algorithm uses a 10-bit key. What is the keyspace? On average, how many guesses does a brute-force attack need to find the correct key?

Q1: Alice encrypts with BOB'S public key. Bob decrypts with HIS OWN private key. This works without meeting because the public key is publicly distributed — Alice does not need a pre-shared secret. Only Bob's matching private key can reverse the encryption.

Q2: Bob must delete the ENTIRE key pair (both public and private key) and generate a completely new pair. The two keys are mathematically linked — keeping the old private key means the old public key remains exploitable. Security rests entirely on the private key remaining secret.

Q3: Keyspace: 210 = 1,024 possible keys. Average brute-force guesses: 210/2 = 29 = 512 guesses (half the keyspace on average).

In This Lesson

  1. 5.4.1 — Learning Objectives
  2. 5.4.2 — Asymmetric Key Pairs (5.4.A)
  3. 5.4.3 — Key Length and Security (5.4.B)
  4. 5.4.4 — RSA, ECC, and OpenSSL Commands (5.4.C)
  5. 5.4.5 — Check for Understanding (10 Questions)
  6. 5.4.6 — Common AP Exam Mistakes
  7. 5.4.7 — Key Terms & FAQ

1 5.4.1 — Learning Objectives

  • Explain how asymmetric key pairs work and determine the correct key to use when sending or receiving encrypted data (5.4.A)
  • Explain why private key security is critical and what must happen if a private key is compromised (5.4.A)
  • Calculate keyspace size (2n) and average brute-force guesses (2n-1); explain the security-speed trade-off for key length (5.4.B)
  • Identify RSA and ECC as common asymmetric algorithms and interpret/write OpenSSL asymmetric commands (5.4.C)
Key Terms
Asymmetric encryption
Encryption using a mathematically linked key pair. Either key can encrypt; only the partner key can decrypt.
Public key
The half of the key pair that is published openly for anyone to use for encryption.
Private key
The half of the key pair kept secret by the owner, used to decrypt data encrypted with the corresponding public key.
Key pair
A public key and private key generated together as mathematical inverses; must be treated as a single unit.
RSA
Rivest-Shamir-Adleman. Common asymmetric algorithm used for encryption and digital signatures.
ECC
Elliptic Curve Cryptography. Asymmetric algorithm providing strong security with shorter keys than RSA.
Digital signature
A use of asymmetric cryptography to verify that a message or document came from the claimed sender and was not altered.
Digital certificate
A credential that binds a public key to an identity, issued by a trusted certificate authority.

2 5.4.2 — Asymmetric Key Pairs (5.4.A)

Asymmetric encryption solves the fundamental weakness of symmetric encryption: the key-sharing problem. With symmetric encryption, both parties must somehow securely exchange a secret key before communicating. Asymmetric encryption eliminates this requirement.

How Key Pairs Work (5.4.A.2)
  • A key pair consists of a public key and a private key generated simultaneously through a mathematical process.
  • The two keys are mathematical inverses: each key can reverse the operation performed by its partner.
  • Either key can encrypt data, but only the partner key can decrypt it.
  • The public key is shared openly with the world. The private key is stored securely by the owner and never shared.

Encryption Direction — The Most-Tested Concept

Who Encrypts With What? (5.4.A.4)

Alice wants to send Bob a secret message:

  1. Alice obtains Bob's public key (publicly available).
  2. Alice encrypts the message using Bob's public key.
  3. Alice sends the ciphertext to Bob.
  4. Bob decrypts with his own private key — the only key in the world that can reverse the encryption done with his public key.

Eve intercepts the ciphertext. Eve has Bob's public key too (it's public). But Eve cannot decrypt because she does not have Bob's private key.

Private Key Security (5.4.A.3)

Private Key Compromise Rule

If a private key is exposed, shared, stolen, corrupted, or compromised in any way, the entire key pair becomes unusable and must be:

  1. Deleted completely (both public and private key).
  2. Replaced with a new key pair generated from scratch.

Why both keys? The public and private keys are mathematically linked. If the private key is known, the security of anything encrypted with the corresponding public key is broken. The public key alone cannot be "reused" with a new private key.

3 5.4.3 — Key Length and Security (5.4.B)

All cryptographic security ultimately rests on making brute-force key-guessing computationally infeasible. Key length determines keyspace size, which determines how long an exhaustive search would take.

Key Length Keyspace Avg Brute-Force Guesses
8-bit 28 = 256 128
16-bit 216 = 65,536 32,768
128-bit 2128 ≈ 3.4 × 1038 2127 ≈ 1.7 × 1038
256-bit 2256 ≈ 1.2 × 1077 2255 ≈ 5.8 × 1076
Key-Length Comparison Rule (5.4.B.5 — CED Exact)
  • ✓ Valid: AES-128 vs AES-256 (same algorithm)
  • ✓ Valid: RSA-2048 vs RSA-4096 (same algorithm)
  • ✗ Invalid: AES-128 vs RSA-2048 (different algorithms — different mathematical structures)

The CED uses these exact three examples. An RSA-2048 key is not "more secure" than an AES-128 key just because 2048 > 128. They cannot be compared.

Why Key Recommendations Change Over Time (5.4.B.4)

Computing power doubles roughly every 18–24 months. As hardware improves, the time needed to brute-force a given key length shrinks. Key-length recommendations (from NIST and other standards bodies) are periodically increased to stay ahead of improvements in processing speed. A key length that is secure today may become breakable in 20 years.

4 5.4.4 — RSA, ECC, and OpenSSL Commands (5.4.C)

The two asymmetric algorithms on the AP exam are RSA and ECC. Both generate key pairs and use the public-key-encrypts / private-key-decrypts model from 5.4.A. They differ in their mathematical foundations and key-length efficiency.

Algorithm Full Name Used For Key Strength
RSA Rivest-Shamir-Adleman Encryption, digital signatures, certificates Requires longer keys (2048–4096 bit) for strong security
ECC Elliptic Curve Cryptography Encryption, digital signatures, TLS Shorter keys provide equivalent security (256-bit ECC ≈ 3072-bit RSA)
OpenSSL Asymmetric Commands (5.4.C.3 — CED Exact) 
# Step 1: Generate a 2048-bit RSA key pair, save to rsa.pem
openssl genrsa -out rsa.pem 2048

# Step 2: Extract the public key from rsa.pem into public.pem
openssl rsa -pubout -in rsa.pem -outform PEM -out public.pem

# Step 3: Encrypt the file "test" using the public key
openssl pkeyutl -encrypt -pubin -inkey public.pem -in test -out test.enc

# Step 4: Decrypt test.enc using the private key (rsa.pem)
openssl pkeyutl -decrypt -inkey rsa.pem -in test.enc -out test

Command breakdown:

  • genrsa -out rsa.pem 2048 — generates RSA key pair (both keys), saves to rsa.pem
  • rsa -pubout -in rsa.pem -out public.pem — extracts only the public key
  • pkeyutl -encrypt -pubin -inkey public.pem — encrypts with public key (-pubin = public key input)
  • pkeyutl -decrypt -inkey rsa.pem — decrypts with private key (no -pubin)
AP FRQ Connection

The free-response question may give you an OpenSSL command and ask whether it is encrypting or decrypting, and what key file is being used. Key questions: (1) Is it -encrypt or -decrypt? (2) Does it use -pubin (public key) or no flag (private key)? (3) What is the -inkey file — is it a public key file or a private key pair file?

Check for Understanding — Topic 5.4

1. Alice wants to send a confidential message to Bob using asymmetric encryption. Alice has Bob's public key. Which of the following correctly describes the encryption and decryption process?

2. Bob discovers that his RSA private key was accidentally included in a code commit that was pushed to a public GitHub repository. What must Bob do?

3. A security team compares RSA-2048 to AES-128 and argues that RSA-2048 must be more secure because 2048 > 128. What is wrong with this reasoning?

4. An analyst examines this OpenSSL command:
openssl pkeyutl -encrypt -pubin -inkey public.pem -in secret.txt -out secret.enc
Which of the following BEST describes what this command does?

5. Which of the following OpenSSL commands correctly generates a 2048-bit RSA key pair and saves it to a file named mykey.pem?

6. A 16-bit RSA key has keyspace 216. An adversary brute-forces it after 28,000 guesses. A 17-bit key has keyspace 217. On average, how many guesses would the adversary need for the 17-bit key?

7. Which of the following statements about asymmetric vs. symmetric encryption is TRUE?

8. An organization uses RSA for all encrypted communications. Their cryptography policy states that key-length recommendations must be reviewed every 3 years. Why is this review cycle necessary?

9. Consider these three statements about asymmetric encryption:
I. Either key in a key pair can be used to encrypt data.
II. The private key can be shared with trusted parties for efficiency.
III. If data is encrypted with the public key, only the private key can decrypt it.
Which statements are TRUE?

10. An OpenSSL command is: openssl pkeyutl -decrypt -inkey rsa.pem -in message.enc -out message.txt. What role does rsa.pem play, and what does the absence of -pubin indicate?

Score:

⚠ Common AP Exam Mistakes — Topic 5.4

Common Mistake Why It's Wrong Correct Thinking
Encrypting with the sender's key Students say Alice encrypts with her own private key. Wrong: Alice encrypts with the RECEIVER'S (Bob's) public key. The point is that only Bob can decrypt with his private key. Encrypt with RECIPIENT'S public key. Decrypt with YOUR OWN private key. The encryption protects data so only the intended recipient can read it.
Thinking only one key can encrypt Both keys in a pair can encrypt. But only the PARTNER key can decrypt. If encrypted with public key, only private can decrypt. If encrypted with private key (e.g., for signatures), only public can verify. Either key encrypts. Only the other key decrypts. The AP exam tests sender/receiver scenarios, which always use: public key encrypts, private key decrypts.
Replacing only the private key after compromise If the private key is compromised, students think they can keep the public key and generate a new private key. Wrong: the two keys are mathematically linked. The public key cannot be reused with a different private key. Compromise = delete BOTH keys. Generate a completely new pair. The mathematical link means you cannot mix keys from different generation events.
Comparing RSA key length to AES key length Students think RSA-2048 and AES-128 can be directly compared and that RSA-2048 is stronger because 2048 > 128. The CED explicitly states cross-algorithm comparison is invalid. Valid: RSA-2048 vs RSA-4096. Valid: AES-128 vs AES-256. Invalid: RSA-2048 vs AES-128. Different math, different structures, different security models.
Thinking keyspace doubles when key length doubles Doubling from 128 to 256 bits does not double the keyspace; it squares it. 2256 = (2128)2. This is an exponential, not linear, relationship. Each additional bit doubles the keyspace. 128→129 bits: keyspace doubles. 128→256 bits: keyspace is multiplied by 2128. Never just "doubled."

8 5.4.7 — Key Terms & FAQ

Frequently Asked Questions

Q: Can the private key be used to encrypt and the public key to decrypt?
A: Technically yes — either key can encrypt, only the partner decrypts. When a private key is used to encrypt (as in digital signatures), the public key is used to verify/decrypt. But in standard confidential messaging (the AP exam focus), the convention is: public key encrypts, private key decrypts.

Q: What is a digital signature and how does it relate to 5.4?
A: A digital signature uses the private key to sign (encrypt a hash of) a document. Anyone with the public key can verify the signature. This proves: (1) the document came from the private key holder, and (2) it was not altered after signing. Digital signatures are listed in 5.4.C.1 as an application of asymmetric cryptography.

Q: Why does ECC achieve the same security with shorter keys than RSA?
A: RSA security depends on the difficulty of factoring large numbers. ECC security depends on the difficulty of the elliptic curve discrete logarithm problem, which is mathematically harder to crack at equivalent key lengths. This is why a 256-bit ECC key provides roughly the same protection as a 3072-bit RSA key.

Q: In the OpenSSL command, what is stored in rsa.pem vs public.pem?
A: rsa.pem (generated by genrsa) contains BOTH the public and private key. public.pem (extracted by rsa -pubout) contains ONLY the public key. You share public.pem freely; you protect rsa.pem at all costs.

📋 Exit Ticket — Topic 5.4 | 5 Questions | Ready for Canvas / Google Classroom

Students submit before leaving.

  1. Explain the asymmetric encryption process for confidential messaging: who generates what, which key is used to encrypt, which key is used to decrypt, and why this eliminates the key-sharing problem of symmetric encryption. (AP Skill: Explain Mechanisms)
  2. A company's private RSA key was discovered in a publicly accessible configuration file. List the two steps the company must take and explain why keeping the existing public key is not an option. (AP Skill: Determine Response)
  3. For a 256-bit key, calculate: (a) the keyspace size (express as 2n), and (b) the average number of brute-force guesses required. Then explain why doubling the key length from 128 to 256 bits does not merely double the security. (AP Skill: Analyze Key Length)
  4. Write the four OpenSSL commands needed to: (1) generate a 2048-bit RSA key pair saved to key.pem, (2) extract the public key to pub.pem, (3) encrypt data.txt using the public key to produce data.enc, and (4) decrypt data.enc back to data.txt. (AP Skill: Write Commands)
  5. RSA-4096 and AES-128 are both strong encryption choices. Can you say one is "more secure" than the other based on key length alone? Justify your answer using the CED comparison rule. (AP Skill: Evaluate Algorithms)

Q1: The receiver (Bob) generates a key pair. The public key is shared openly. Alice (sender) encrypts with Bob's public key. Bob decrypts with his own private key. This eliminates the key-sharing problem because the public key can be sent over any channel — knowing it does not allow decryption.

Q2: Step 1: Delete the entire key pair (both public and private keys). Step 2: Generate a completely new key pair. Keeping the existing public key is impossible because public and private keys are mathematically linked — a new private key cannot be generated to work with the old public key.

Q3: (a) Keyspace = 2256. (b) Average guesses = 2255. Doubling key length from 128 to 256 does not double security — it squares the keyspace. 2256 = (2128)2, making the keyspace 2128 times larger, an astronomically larger improvement than 2x.

Q4: 1. openssl genrsa -out key.pem 2048 2. openssl rsa -pubout -in key.pem -outform PEM -out pub.pem 3. openssl pkeyutl -encrypt -pubin -inkey pub.pem -in data.txt -out data.enc 4. openssl pkeyutl -decrypt -inkey key.pem -in data.enc -out data.txt

Q5: No. Key-length comparison is only valid within the same algorithm (CED 5.4.B.5). RSA and AES use fundamentally different mathematical structures. RSA-4096 cannot be said to be more or less secure than AES-128 based on the numbers 4096 and 128 alone.

Struggling with asymmetric cryptography and OpenSSL commands?

Tanner Crow — AP CS teacher, 5.0 Wyzant rating, 2,067+ tutoring hours. Book a session and nail the exam.

Book a Session →

Tanner Crow

AP Computer Science Teacher — Blue Valley North High School, Overland Park KS

11+ years teaching AP CS. 5.0 Wyzant rating, 2,067+ tutoring hours, 499+ reviews.

11+ Years Teaching2,067+ Tutoring Hours499+ Five-Star Reviews

Continue Learning

Next →
5.5: Protecting Applications
Review
5.3: Symmetric Cryptography and AES
Practice
AP Cybersecurity Practice Exam
← Lesson 5.3 QuizExercise 1 →

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]