- have separate private key and public key, for decryption and encryption respectively - public key shared among all parties for encryption (so every can encrypt sends) - but only holders of private key can decrypt the messages - higher compute overhead compared to [[Symmetric Encryption]]