Encryption using both keys protects the exchange of the identity-verifying certificates.
The private key on the server side encrypts the opening handshake, and the client’s matching public key decrypts it. This action (called asymmetric cryptography) protects the exchange of certificates used to establish identity.
-
The advantage of using asymmetric keys, is that they can be larger (more secure) than symmetric keys (the same key used at both ends).
-
The disadvantage of using asymmetric keys is that their size and complexity can make encryption slow. This is why they are used only to establish the connection.