Every one of the four use cases rests on one idea: a number you can share with the world, paired with a secret only you hold — linked by math that's easy one way and practically impossible to reverse.
We'll build it with numbers small enough to check on paper. By the end you'll have generated a real key pair, encrypted a message, and signed one.
Imagine you mail open padlocks to everyone. Anyone can snap one shut on a box and send it to you — but only you hold the key that opens them. The padlock is your public key; the key is your private key.
That's the whole trick. The two are mathematically linked, but knowing the padlock tells you nothing useful about the key. Everything else on this page is just how to build that padlock out of numbers.
Same pair of keys, used in opposite directions, gives you both secrecy and proof of identity. Hold onto that — it's the part most people never quite see clearly.
A 12-hour clock already does modular arithmetic. 5 hours after 9 o'clock isn't 14 o'clock — it's 2. You wrapped around 12. We write that 14 mod 12 = 2.
Cryptography uses this constantly: pick a modulus n, and every number wraps back into the range 0…n−1. Wrapping is what throws away information — and that's exactly what makes the math hard to reverse. Spin the clock and feel it.
Multiply two primes: 17 × 11 = 187 — trivial. Now reverse it: given just 187, find the two primes. You'd have to try candidates. With 187 that's quick; with a 600-digit number it would outlast the universe.
That gap — cheap one way, hopeless the other — is a one-way function. RSA's is "multiply two big primes." The "trapdoor" is that if you happen to know the primes, a shortcut opens up. The private key is that secret knowledge.
Forward is instant. Try the reverse: can you factor it before the timer?
Factoring difficulty doesn't grow gently — it explodes with the size of the number. This is the single fact that keeps your wallet safe. Drag the key size and watch the estimated work.
This is the actual RSA algorithm — just with tiny primes so you can follow it. Pick two primes and walk through it. The math is identical to what secures real keys; only the size differs.
Real keys use two primes each hundreds of digits long. The steps you just did are exactly the same — RSA is this, scaled up until factoring n is impossible.
Using the key pair you just built, encryption is one formula: raise the message to the power e, mod n. Decryption raises the result to the power d, mod n. The wrapping makes them cancel out — but only with the right d.
Swap the order. If you raise a message to your private d, anyone can raise the result to your public e and recover the message. Since only you know d, a result that checks out could only have come from you. That's a digital signature — the basis of every blockchain transaction.
Now the use cases click into place. A wallet is a key pair. Your address is derived from the public key — safe to share. "Signing a transaction" means running the private-key direction over the transaction details. Nodes verify with your public key. No password sits on a server to be stolen; control is knowledge of the private number.
Lose the private key and the funds are gone forever. There's no reset, because there's no authority — only math.
Bitcoin and Ethereum use elliptic-curve cryptography (ECC), not RSA. The reason is efficiency: ECC gives the same security as RSA with far smaller keys (a 256-bit ECC key ≈ a 3072-bit RSA key). The hard "one-way" problem is different — adding points on a curve instead of multiplying primes — but the structure you learned is exactly the same: a public value freely shared, a private scalar kept secret, easy one way and infeasible to reverse.
A looming caveat worth telling students: large quantum computers would break both RSA and today's ECC. "Post-quantum" cryptography — based on still-harder problems — is already being standardised in anticipation.
A key pair is two numbers tied together by a one-way function. The public one is a padlock you give away; the private one is the only key. Run the math one direction for secrecy, the other for proof of identity. Scale the numbers until reversing them is impossible, and you have the foundation under every wallet, signature, and transaction in the four cases.
You generated a key pair, encrypted a message, and signed one — by hand-sized math.
Jan Erik Meidell