File Encryption Using Public-Key Cryptography

October 6, 20253 Minutes
Photo by sq lim on Unsplash

During an interview, I completely blanked when asked a basic question:
Which key is used to encrypt a file in public-key cryptography?

I blurted out “private key” — wrong!
Deep down I knew it wasn’t right, but my brain just wouldn’t compute in that moment.

So, I’m writing this post as a personal reminder (and maybe to help someone else too) on the practical use of public and private keys in file encryption.

Quick Recap: Public vs Private Keys

In public-key cryptography (often part of Public Key Infrastructure, or PKI), two keys are generated:

  • Public Key – As the name suggests, it can be shared with anyone.
  • Private Key – Must be kept secure and never shared. This key stays on the server or with the entity who owns the key pair.

These keys are mathematically linked. That means:

Anything encrypted with the public key can only be decrypted with the corresponding private key.

(And vice versa, but for encryption purposes, we’re sticking to this direction.)

I’m skipping the math, key generation, and algorithms for now — maybe for a future post.

The Scenario

Let’s say you need to securely transfer a sensitive file from your organization’s internal app server to your external partner’s server.

  • Internal App Server: Server A
  • External Partner Server: Server B

The requirement is to encrypt the file before sending, using SFTP.

Step-by-Step Flow

1. Key Generation (One-Time Setup)
Your partner (Server B) generates a public-private key pair:

  • The private key is securely stored on Server B.
  • The public key is shared with you (Server A).

2. File Encryption (You)
On Server A, you use Server B’s public key to encrypt the file.

3. File Transfer
You transfer the encrypted file over to Server B using HTTPS or SFTP.

4. File Decryption (Partner)
Server B uses its private key to decrypt the file.

That’s it!

I end with  a simple sequence diagram that illustrates the step flows.

That interview question was a learning moment. Public-key cryptography can feel abstract, but when you map it to real-world scenarios like file transfers, it makes a lot more sense.

If you’re ever in doubt:
To securely send data to someone, encrypt it using their public key. Only their private key can decrypt it.

Keep it simple. Keep it secure. Keep learning.

Public Key Cryptography
TechE2E

A diverse group of technologists—ranging from beginners to experienced professionals—sharing insights, simplifying complex tech topics, and fostering meaningful discussions for readers at all stages of their journey.

All author posts

Related articles

TechE2E - Technology End-to-End

Home to ideas, experiences and perspectives.

Are you a technologist, architect, or industry expert? Share your real-world experiences, lessons learned, and innovations with a wider tech community.

For enterprises with high-quality content looking to reach a wider audience, TechE2E welcomes contributions that align with our editorial standards and end-to-end technology focus.

Partner with us to amplify your brand and thought leadership.

Contact

Editorial – editorial@teche2e.com
Advertising – advertise@teche2e.com
General enquiries – contact@teche2e.com

Quick Links

About Us

Write For Us

Advertise

Topics

Privacy Statement

Privacy Preference Center

Privacy Preferences