There are 2 lock cylinders, as can be found on normal doors, located in a padlock style device. It allows to close a box, envelope or be attached to items.
The first trials with a prototype were a success. People are amazed.
* IMPORTANT: show on a separate lock that there is a one-way function on the lock. It only turns one way around. This is the whole secret behind asymetric encryption systems. With one key you can only go in one direction, and never back.
* Chose kids (or groups of kids) who play Alice and Bob
* There are 3 Alice padlocks and 3 Bob padlocks
* The exercise can be done 6 times, by sending 3 messages from Alice to Bob and 3 from Bob to Alice. But this may complicate the explanations. In the following, only the direction Alice to Bob will be detailed.
* He veryfies the signature by opening the lock with alice's public key. It works! So that proves that the message comes from her.
* One could explain that it's technically possible to sign, making the message unreadable (but easily made readable with the public key) or to sign by leaving the message in clear text.
* But where does this public key of Alice come from? How do we know it's Alice? Can be anyone...
* You can verify a signature, but for that you need a public key. Anyone in the world coud say "I am Alice, here is my key". So we are back to starting square.
* Web browsers come with built-in certification authorities which the browser trusts. That's how the websites prove that they are who they say. Show a webbrowser's CA list.