A visual guide to public-key cryptography

How Airlines Prove Your Ticket Is Real

Every boarding pass you've ever used was secured by a pair of mathematical keys. Here's how that works.

Scroll

The problem

What Stops a Fake Ticket?

When you buy a plane ticket, the airline sends you a digital boarding pass. It contains your name, flight number, seat assignment, and a barcode.[1]

But a boarding pass is just data. Without cryptographic protection, anyone with a text editor could forge one. In fact, before airlines adopted digital signatures, boarding pass fraud was a documented security concern raised by the U.S. Government Accountability Office.[2]

The answer is public-key cryptography — a system where the airline can prove it created the ticket, and anyone can verify that proof, without sharing any secrets.[3]

The foundation

Two Keys, One Identity

The airline generates a key pair — two mathematically linked numbers. One is kept secret; the other is published openly. Together, they form the basis of all digital signatures.[4]

🔑

Private Key

Known only to the airline. Stored in tamper-resistant hardware security modules (HSMs).[5] Used to sign tickets.

🔓

Public Key

Shared openly — with airports, TSA, and verification systems worldwide. Used to verify signatures.

The mathematical relationship is a one-way function: knowing the public key reveals nothing about the private key. This property, based on the difficulty of factoring large numbers (RSA) or computing discrete logarithms on elliptic curves (ECDSA), is what makes the entire system secure.[6]

Step by step

Signing the Ticket

When the airline issues your boarding pass, it creates a digital signature — a mathematical stamp that proves origin and integrity.[7]

Assemble the ticket data

Passenger name, flight number, date, seat — all fields that define the ticket.

Hash the data

A hash function (SHA-256) compresses all the ticket data into a fixed-length fingerprint — 256 bits, regardless of input size.[8]

Encrypt the hash with the private key

The hash is mathematically transformed using the airline's private key. The result is the digital signature.

Attach the signature

The signature is embedded in the boarding pass barcode alongside the original data.[9]

Ticket Data

→

SHA-256

→

Hash

Private Key

→

Signature

ATLAS AIRWAYS ✈

Passenger

DOE / JANE

Flight

AA-1234

Date

13 MAR 2026

From

SFO

✈

JFK

Gate

B42

Seat

14A

■ Digital Signature

3045022100b4f2c8e1a7d9024f8b6e3c1d5a9f7028e4b6d1c3a5e7f9021b4d6a8c0e2f4168022047a1c3e5d7f9b2d4e6a8c0f2b4d6e8a1c3f5d7e9b1d3a5c7e9f1b3d5a7c9e1

At the gate

Verifying the Ticket

When you scan your boarding pass at security or the gate, the system runs the verification process in milliseconds.[10]

Read the ticket data and signature

The scanner extracts both the original data and the attached signature from the barcode.

Re-hash the ticket data

The same SHA-256 function produces Hash A from the ticket data.

Decrypt the signature with the public key

The airline's public key reverses the signature back into Hash B.

Compare the hashes

If Hash A equals Hash B, the ticket is authentic and unmodified. If they differ, the ticket has been forged or tampered with.

✓

Valid Ticket

Hash A = Hash B
Data is untouched. Signature was created by the airline's private key. Board the plane.

✗

Tampered Ticket

Hash A ≠ Hash B
Even changing one character breaks the signature. The forgery is instantly detected.

The math

Why Forgery Is Impossible

∞

One-way functions

The public key is derived from the private key through a mathematical operation that's easy to compute forward but computationally infeasible to reverse. For RSA, this relies on the difficulty of factoring the product of two large primes. For ECDSA, it relies on the elliptic curve discrete logarithm problem.[6]

Collision resistance

SHA-256 produces a unique fingerprint for every input. Finding two different inputs that produce the same hash would require approximately 2¹²⁸ operations — more than all the computers on Earth could perform before the heat death of the universe.[8]

☑

Public Key Infrastructure (PKI)

Airlines distribute their public keys through trusted certificate authorities, the same infrastructure that secures HTTPS. Airports and government agencies maintain registries of airline public keys, ensuring you're verifying against the real airline, not an impostor.[11]

Hands on

Try It Yourself

This demo uses the Web Crypto API — real ECDSA cryptography running in your browser.[12] Generate a key pair, sign a ticket, verify it, then try tampering.

Passenger

Flight

Route

Seat

> Waiting for you to generate a key pair...

Takeaway

The Private Key Signs. The Public Key Verifies.

This same principle — a secret key that creates proofs, and a public key that checks them — secures far more than airline tickets.

🌐

HTTPS

Every padlock in your browser uses the same key-pair system to prove a website is who it claims to be.[13]

₿

Cryptocurrency

Bitcoin transactions are authorized by signing with a private key, verifiable by anyone on the network.[14]

📦

Software Updates

Your operating system verifies that updates were signed by the vendor before installing them.[15]

Sources & References

[1]

IATA Resolution 792 defines the BCBP (Bar Coded Boarding Pass) standard, which specifies the data fields and format used in airline boarding passes worldwide. See IATA Common Use Standards.

[2]

U.S. Government Accountability Office, Aviation Security: TSA Should Limit Future Funding for Behavior Detection Activities (GAO-14-159), November 2013. The report documented vulnerabilities in boarding pass verification systems. gao.gov/products/gao-14-159.

[3]

Diffie, W. and Hellman, M. "New Directions in Cryptography," IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644-654, November 1976. The foundational paper introducing the concept of public-key cryptography. doi.org/10.1109/TIT.1976.1055638.

[4]

NIST Special Publication 800-57 Part 1, Rev. 5, Recommendation for Key Management: Part 1 — General, May 2020. Defines best practices for cryptographic key generation and management. doi.org/10.6028/NIST.SP.800-57pt1r5.

[5]

NIST FIPS 140-3, Security Requirements for Cryptographic Modules, March 2019. Specifies security standards for hardware security modules (HSMs) used to protect private keys. doi.org/10.6028/NIST.FIPS.140-3.

[6]

Rivest, R., Shamir, A., and Adleman, L. "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Communications of the ACM, vol. 21, no. 2, pp. 120-126, February 1978. The RSA paper. For ECDSA: NIST FIPS 186-5, Digital Signature Standard (DSS), February 2023. doi.org/10.6028/NIST.FIPS.186-5.

[7]

NIST FIPS 186-5, Digital Signature Standard (DSS), February 2023. The authoritative U.S. federal standard specifying approved digital signature algorithms (RSA, ECDSA, EdDSA). doi.org/10.6028/NIST.FIPS.186-5.

[8]

NIST FIPS 180-4, Secure Hash Standard (SHS), August 2015. Defines SHA-256 and its family. The collision resistance of SHA-256 is bounded at approximately 2¹²⁸ operations by the birthday paradox. doi.org/10.6028/NIST.FIPS.180-4.

[9]

IATA BCBP Implementation Guide, Version 6. Digital signatures in boarding passes are embedded in the 2D barcode (typically Aztec or PDF417 format) as defined in IATA Resolution 792. Airlines including Lufthansa and British Airways have implemented signed BCBP. See IATA BCBP Implementation Guide.

[10]

TSA Secure Flight Program. TSA verifies passenger identity and boarding pass authenticity at security checkpoints. Modern ECDSA verification on P-256 curves completes in under 1 millisecond on standard hardware. See TSA Security Screening.

[11]

RFC 5280, Internet X.509 Public Key Infrastructure Certificate and CRL Profile, May 2008. Defines the certificate structure used to distribute and validate public keys in PKI systems. datatracker.ietf.org/doc/html/rfc5280.

[12]

W3C Web Cryptography API Recommendation, January 2017. Provides a JavaScript API for performing cryptographic operations in the browser, including ECDSA key generation, signing, and verification. w3.org/TR/WebCryptoAPI.

[13]

RFC 8446, The Transport Layer Security (TLS) Protocol Version 1.3, August 2018. TLS uses public-key cryptography for server authentication and key exchange. datatracker.ietf.org/doc/html/rfc8446.

[14]

Nakamoto, S. "Bitcoin: A Peer-to-Peer Electronic Cash System," 2008. Section 2 describes how digital signatures using ECDSA form the basis of Bitcoin's transaction authorization. bitcoin.org/bitcoin.pdf.

[15]

Microsoft, Introduction to Code Signing. Both Windows (Authenticode) and macOS (codesign) require software updates to be digitally signed by the vendor. See also Apple's Code Signing Services documentation.