diff --git a/DigitalData.Core.Abstractions/Security/IAsymCryptHandler.cs b/DigitalData.Core.Abstractions/Security/IAsymCryptHandler.cs
index daacb47..20bf192 100644
--- a/DigitalData.Core.Abstractions/Security/IAsymCryptHandler.cs
+++ b/DigitalData.Core.Abstractions/Security/IAsymCryptHandler.cs
@@ -2,9 +2,9 @@
 {
     public interface IAsymCryptHandler : IRSAFactory
     {
-        IEnumerable<IRSADecryptor> Decryptors { get; }
+        IEnumerable<IAsymmetricPrivateKey> PrivateKeys { get; }
 
-        IRSADecryptor Vault { get; }
+        IAsymmetricPrivateKey VaultPrivateKey { get; }
 
         IEnumerable<IRSAEncryptor> Encryptors { get; }
     }
diff --git a/DigitalData.Core.Abstractions/Security/IRSADecryptor.cs b/DigitalData.Core.Abstractions/Security/IAsymmetricPrivateKey.cs
similarity index 86%
rename from DigitalData.Core.Abstractions/Security/IRSADecryptor.cs
rename to DigitalData.Core.Abstractions/Security/IAsymmetricPrivateKey.cs
index e36c288..27364f8 100644
--- a/DigitalData.Core.Abstractions/Security/IRSADecryptor.cs
+++ b/DigitalData.Core.Abstractions/Security/IAsymmetricPrivateKey.cs
@@ -2,7 +2,7 @@
 
 namespace DigitalData.Core.Abstractions.Security
 {
-    public interface IRSADecryptor : IAsymmetricKey
+    public interface IAsymmetricPrivateKey : IAsymmetricKey
     {
         public bool IsEncrypted { get; init; }
 
diff --git a/DigitalData.Core.Abstractions/Security/IRSAFactory.cs b/DigitalData.Core.Abstractions/Security/IRSAFactory.cs
index a1e4bb9..214b072 100644
--- a/DigitalData.Core.Abstractions/Security/IRSAFactory.cs
+++ b/DigitalData.Core.Abstractions/Security/IRSAFactory.cs
@@ -18,6 +18,6 @@ namespace DigitalData.Core.Abstractions.Security
             int? keySizeInBits = null,
             string? password = null);
 
-        IRSADecryptor CreateDecryptor(string pem, string? issuer = null, string? audience = null, bool encrypt = false, RSAEncryptionPadding? padding = null);
+        IAsymmetricPrivateKey CreatePrivateKey(string pem, string? issuer = null, string? audience = null, bool encrypt = false, RSAEncryptionPadding? padding = null);
     }
 }
\ No newline at end of file
diff --git a/DigitalData.Core.Security/AsymCryptHandler.cs b/DigitalData.Core.Security/AsymCryptHandler.cs
index a70c1f8..95445a8 100644
--- a/DigitalData.Core.Security/AsymCryptHandler.cs
+++ b/DigitalData.Core.Security/AsymCryptHandler.cs
@@ -8,12 +8,12 @@ namespace DigitalData.Core.Security
 {
     public class AsymCryptHandler : RSAFactory<AsymCryptParams>, IAsymCryptHandler, IRSAFactory
     {
-        public IEnumerable<IRSADecryptor> Decryptors { get; }
+        public IEnumerable<IAsymmetricPrivateKey> PrivateKeys { get; }
         
         /// <summary>
         /// It is a separate decryptor for permanently stored encrypted data. It is assigned to the first Default decryptor by default.
         /// </summary>
-        public IRSADecryptor Vault { get; }
+        public IAsymmetricPrivateKey VaultPrivateKey { get; }
 
         private readonly Lazy<IEnumerable<IRSAEncryptor>> _lazyEncryptors;
 
@@ -25,18 +25,18 @@ namespace DigitalData.Core.Security
         {
             logger?.LogInformation("Core.Secrets version: {Version}, Created on: {CreationDate}.", Secrets.Version, Secrets.CreationDate.ToString("dd.MM.yyyy"));
 
-            if (!_params.Decryptors.Any())
+            if (!_params.PrivateKeys.Any())
                 throw new InvalidOperationException(
                     "Any decryptor is not found. Ensure that at least one decryptor is configured in the provided parameters. " +
                     "This issue typically arises if the configuration for decryptors is incomplete or missing. " +
                     "Check the 'Decryptors' collection in the configuration and verify that it contains valid entries."
                 );
 
-            Decryptors = _params.Decryptors;
+            PrivateKeys = _params.PrivateKeys;
 
-            Vault = _params.Vault ?? Decryptors.First();
+            VaultPrivateKey = _params.Vault ?? PrivateKeys.First();
 
-            _lazyEncryptors = new(Decryptors.Select(decryptor => decryptor.Encryptor));
+            _lazyEncryptors = new(PrivateKeys.Select(decryptor => decryptor.Encryptor));
         }
     }
 }
\ No newline at end of file
diff --git a/DigitalData.Core.Security/Config/AsymCryptParams.cs b/DigitalData.Core.Security/Config/AsymCryptParams.cs
index 219ef9a..0e77636 100644
--- a/DigitalData.Core.Security/Config/AsymCryptParams.cs
+++ b/DigitalData.Core.Security/Config/AsymCryptParams.cs
@@ -40,7 +40,7 @@ namespace DigitalData.Core.Security.Config
         /// </summary>
         public string DateTagFormat { get; init; } = "MM//2";
 
-        public IEnumerable<RSADecryptor> Decryptors { get; init; } = new List<RSADecryptor>();
+        public IEnumerable<RSADecryptor> PrivateKeys { get; init; } = new List<RSADecryptor>();
 
         public RSADecryptor? Vault { get; init; }
 
@@ -53,7 +53,7 @@ namespace DigitalData.Core.Security.Config
                 if (!Directory.Exists(PemDirectory))
                     Directory.CreateDirectory(PemDirectory);
 
-                foreach (var decryptor in Decryptors)
+                foreach (var decryptor in PrivateKeys)
                 {
                     // set default path
                     if (decryptor.IsPemNull)
diff --git a/DigitalData.Core.Security/Cryptographer/RSADecryptor.cs b/DigitalData.Core.Security/Cryptographer/RSADecryptor.cs
index 12fe75f..a2f1ede 100644
--- a/DigitalData.Core.Security/Cryptographer/RSADecryptor.cs
+++ b/DigitalData.Core.Security/Cryptographer/RSADecryptor.cs
@@ -4,7 +4,7 @@ using System.Security.Cryptography;
 
 namespace DigitalData.Core.Security.Cryptographer
 {
-    public class RSADecryptor : RSACryptographer, IRSADecryptor, IAsymmetricKey
+    public class RSADecryptor : RSAKeyBase, IAsymmetricPrivateKey, IAsymmetricKey
     {
         private string? _pem;
 
diff --git a/DigitalData.Core.Security/Cryptographer/RSAEncryptor.cs b/DigitalData.Core.Security/Cryptographer/RSAEncryptor.cs
index b0e57bb..b2fab17 100644
--- a/DigitalData.Core.Security/Cryptographer/RSAEncryptor.cs
+++ b/DigitalData.Core.Security/Cryptographer/RSAEncryptor.cs
@@ -2,7 +2,7 @@
 
 namespace DigitalData.Core.Security.Cryptographer
 {
-    public class RSAEncryptor : RSACryptographer, IRSAEncryptor, IAsymmetricKey
+    public class RSAEncryptor : RSAKeyBase, IRSAEncryptor, IAsymmetricKey
     {
         public override string Pem 
         {
diff --git a/DigitalData.Core.Security/Cryptographer/RSAFactory.cs b/DigitalData.Core.Security/Cryptographer/RSAFactory.cs
index 299035a..c779660 100644
--- a/DigitalData.Core.Security/Cryptographer/RSAFactory.cs
+++ b/DigitalData.Core.Security/Cryptographer/RSAFactory.cs
@@ -56,7 +56,7 @@ namespace DigitalData.Core.Security.Cryptographer
             return new string(pemChars);
         }
 
-        public IRSADecryptor CreateDecryptor(string pem, string? issuer = null, string? audience = null, bool encrypt = false, RSAEncryptionPadding? padding = null) => new RSADecryptor()
+        public IAsymmetricPrivateKey CreatePrivateKey(string pem, string? issuer = null, string? audience = null, bool encrypt = false, RSAEncryptionPadding? padding = null) => new RSADecryptor()
         {
             Pem = pem,
             Issuer = issuer ?? string.Empty,
diff --git a/DigitalData.Core.Security/Cryptographer/RSACryptographer.cs b/DigitalData.Core.Security/Cryptographer/RSAKeyBase.cs
similarity index 88%
rename from DigitalData.Core.Security/Cryptographer/RSACryptographer.cs
rename to DigitalData.Core.Security/Cryptographer/RSAKeyBase.cs
index 515638f..ad08117 100644
--- a/DigitalData.Core.Security/Cryptographer/RSACryptographer.cs
+++ b/DigitalData.Core.Security/Cryptographer/RSAKeyBase.cs
@@ -5,8 +5,7 @@ using System.Security.Cryptography;
 
 namespace DigitalData.Core.Security.Cryptographer
 {
-    //TODO: Abstract RSA for future updates (using ECC, El Gamal or Lattice-based Cryptography)
-    public class RSACryptographer : IAsymmetricKey
+    public class RSAKeyBase : IAsymmetricKey
     {
         public virtual string Pem { get; init; }
                 
@@ -30,7 +29,7 @@ namespace DigitalData.Core.Security.Cryptographer
         public RsaSecurityKey RsaSecurityKey => _lazyRsaSecurityKey.Value;
 
 #pragma warning disable CS8618 // Non-nullable field must contain a non-null value when exiting constructor. Consider declaring as nullable.
-        internal RSACryptographer()
+        internal RSAKeyBase()
         {
             _lazyRsaSecurityKey = new(() => new RsaSecurityKey(RSA));
         }
diff --git a/DigitalData.Core.Security/JwtSignatureHandler.cs b/DigitalData.Core.Security/JwtSignatureHandler.cs
index 8da999d..0c83002 100644
--- a/DigitalData.Core.Security/JwtSignatureHandler.cs
+++ b/DigitalData.Core.Security/JwtSignatureHandler.cs
@@ -38,7 +38,7 @@ namespace DigitalData.Core.Security
             var description = _params.Descriptions?.Get(issuer: issuer, audience: audience)
                 ?? throw new InvalidOperationException($"No or multiple token description found for issuer '{issuer}' and audience '{audience}'.");
 
-            description.SigningCredentials = _cryptHandler.Decryptors
+            description.SigningCredentials = _cryptHandler.PrivateKeys
                 .Get(issuer: issuer, audience: audience)
                 .CreateSigningCredentials(algorithm: description.SigningAlgorithm, digest: description.SigningDigest);
 
@@ -50,7 +50,7 @@ namespace DigitalData.Core.Security
             var description = _params.Descriptions.SingleOrDefault(description => description.ApiRoute == apiRoute)
                 ?? throw new InvalidOperationException($"No or multiple token description found for api route '{apiRoute}'.");
 
-            description.SigningCredentials = _cryptHandler.Decryptors
+            description.SigningCredentials = _cryptHandler.PrivateKeys
                 .Get(issuer: description.Issuer, audience: description.Audience)
                 .CreateSigningCredentials(algorithm: description.SigningAlgorithm, digest: description.SigningDigest);