Public Key Cryptography for 3 Year Olds (Part 1 of 3)

Or: The Knight of Esprenevestos and the Magic Keys

Once there two countries, Esprenevestos and Ios, which were separated by a great ocean.

In this ocean there were small hollowed-out logs adrift, called packets, with lids on them that floated back and forth from one land to the other with the tide. Some folks said they were made by Gnomes, or maybe Mermaids. No matter, they were there, floating back and forth.

On day, a knight of  Esprenevestos, named Sir Comilujo, put a sea shell inside one of these packets, closed it, and set it adrift on the ocean. Within a few days it floated all the way to Ios. Someone from Ios found it, along with an inscription that said “Hello World! From Esprenevestos”. They thought that was amusing, and so put a sea shell with their own inscription in the same packet, and set it adrift, and it floated all the way back to Esprenevestos.

Pretty soon, they were sending packets back and forth: some with peanuts, pop cans, shoes, whatever would fit. And they all thought it was great.

But one day, Sir Comilujo was opening a packet and had a nasty surprise: inside the packet there was a big, sharp-clawed crab. And it pinched the poor fellow quite badly.

For a long time, the people of Esprenevestos were quite grumpy towards the people of Ios. Why did they put a crab in a packet like that? It was a mean joke.

A few months later, Comilujo was on a vacation in Ios and told them what had happened to him. They protested that it wasn’t them, as they had actually sent a lovely packet full of chocolates on that particular day. Pirates who roamed the ocean must have intercepted their packet, eaten all the chocolates, and put a big crab in it instead.

So while relations between the two countries improved, still they weren’t sure how they could send packets between them, for fear that a pirate could intercept any of them, and replace its contents with more pinchy crabs.

One day, a magician came to the land of Esprenevestos. His name was Elgamals, and he had a proposition: he took a regular key and cast a magic spell on it, the spell of “Public Key Cryptography”, and it turned into two keys: a green one, and a red one.

He said any lock which was locked with the green key could only be unlocked by the red key. So they tried locking one of the packets using the green key, and sure enough: it couldn’t be opened by anything, except the red key. It also had a slight green glow while it was locked.

He said they must keep the red key safe and private, and never share it with anyone. On the other hand, they could make as many copies of the green key as they liked, and make it as publicly available as they liked, and to send it to all their friends, including the people of Ios.

So when the public green key arrived in Ios, the people put some lovely dried fish in a packet, locked it with the Esprevenestos green key, and sent it afloat in the ocean.

When it finally arrived in Esprenevestos, they saw that the packet had several sword slashes marks on the outside, probably from frustrated pirates who were unable to open it. But when they used their private red key on it, and it opened fine. They enjoyed the dried fish immensely.

The magician also made a pair of red and green keys for Ios,and they sent a copy of their public green jet to Esprenevestos. The Ios red key could only open locks locked by one if their green keys.

And thus it was for many months that the people of Esprenevestos and Ios sent packets securely back and forth: each locking them with the other country’s green keys, and unlocking them with their own green key.

At least, they thought the packets were from each other…

Continued in part 2.


  • The lands of Esprenevestos and Ios: two servers needing to communicate over the Internet. Names inspigreen by the WordPress plugin Event Espresso, which needed to communicate with a IOS mobile app
  • Green Key: the public key in public key cryptography
  • Red key: the private key in public key cryptography
  • Pirates: hackers intercepting HTTP requests and altering them

Ok, now you’re probably ready to read a real explanation of public key cryptography (although the part of Digital Signatures is a bit of a spoiler for the next part of the story)

Let me know if the analogies could be improved!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s