Asymmetric cryptography

Unlike symmetric-key algorithms, asymmetric cryptography or public-key algorithms that utilize two keys for protection of data. One key to encrypt the data is known as the public key, and it can be shared safely with other parties. Another key to decrypt the data is known as the private key, and it must not be shared. 

The public key can be used by any person to encrypt data. However, only the person with the private key that corresponds to the public key can decrypt the data back to its original human-readable form. The public and private keys are generated using complex computational algorithms.

In a typical scenario, a person who owns a pair of public and private keys would share the public key with other people that they want to communicate with. The other people would then use the public key to encrypt the data being sent to the key owner. The key owner, in turn, can use their private key to decrypt this data back to its original content.

Consider a good example—courtesy of Wikipedia—that showcases the idea. Let's say Alice want to communicate with her friends securely over the internet. For that, she uses an application that generates a pair of public-private keys.

Alice's public-private key

Now, a friend of Alice called Bob would like to send her a secure message over the internet. The message is simply Hello Alice! Alice first needs to send Bob a copy of her public key so that Bob can use it to encrypt his message before sending it to Alice. Then, when Alice receives the message, she can use her private key, which is not shared with anyone, to decrypt the message back to the human-readable text and see that Bob said hello. 

Asymmetric cryptography between Alice and Bob

With this, you should have enough practical understanding of public-key algorithms. However, how is this utilized in the HTTPS protocol?