How does public key encryption work?
Public key encryption, also called asymmetric key encryption, is an authentication and encryption system wherein the public key verifies that only the private key a part of the pair has signed off on the message and only the private key, that is paired with the public key, can decrypt the message that the public key signed.
This Wikipedia source has a great description on the asymmetric key encryption.
In a Stanford published research article, the authors explain that,
“In public key encryption, a user generates two keys using a cipher, or encryption algorithm: a public key that is visible to those who have access to the blockchain (usually, the entire public) and a private key that is held only by the owner of the cryptocurrency. The public key is used for encryption, while the private key is used for decryption. When the user purchases or sells a cryptocurrency, the user must create a “digital signature” by processing his private key with the cipher. Holders of the public key can then check whether the digital signature is valid using the public key. If any data have been changed—for example, if an intruder attempts to change the address of the user so that purchases are sent to another address—the digital signature will be automatically invalidated, and the transaction cannot be added to the blockchain.
In turn, public-key encryption validates, secures, and creates trust in cryptocurrency transactions. Since valid digital signatures cannot be forged by an intruder, and only valid signatures result in blocks on the blockchain, a block on the blockchain will always be valid insofar as it is authorized by the appropriate owner. All members of the public also have a copy of the blockchain that they can themselves audit to verify the integrity of transactions. Moreover, transactions are secure insofar as it is unfeasible for any transaction to be entered onto the blockchain without the authorization of the owner. Only the owner can generate a valid digital signature, and any change in that signature’s data by an intruder (for example, changing the owner’s address) will immediately invalidate the signature. Those validation and security features, especially the fact that all members of the public can themselves copy and examine the blockchain, create trust in the efficient and accurate operation of the cryptocurrency markets.
More importantly, the primary security risk in cryptocurrency transactions is the private key. Transactions are solely effected by use of a user’s private key, without need for any identifying information. Thus, whoever holds the private key is effectively treated as the owner of the currency. The risk is solely on the user to safeguard that key, lest he lose his ownership rights. Moreover, if the key is intercepted and cryptocurrencies stolen, there is in most instances no effective remedy due to two factors: immutability and pseudonymity. Blockchains are immutable, such that transactions are irreversible. Thus, once a cryptocurrency is stolen, it cannot be retrieved. Ownership in most cryptocurrency blockchains is also pseudonymous, with the only piece of identifying information being the person’s address for receiving the cryptocurrency. Thus, the identities of both the rightful owner and of any offending intruder will not be generally known, so that an owner whose cryptocurrency has been stolen through hacking generally will not be able to recover his holdings from the wrongdoer."