Public-key cryptography underlies virtually all e-commerce, online banking, and telecommunications systems.
In a nutshell, public key cryptography works like this:
A large random number is generated.
That number is used to derive two mathematically-related but different keys. Each key is also a large number.
Data can be encrypted by processing one of the keys and the data to be encrypted using an encryption algorithm. Once encrypted, the data appears to be a meaningless stream of numbers.
The encrypted data cannot be decrypted using the original key, yielding the original data. However, it can be decrypted using the other key, and vice-versa.
To use public key cryptography:
One key is designated as the “public key” and one is designated as the “private key”.
The public key is distributed to all of the parties with whom you will be communicating. In fact, it can be communicated to anyone in the world.
The private key is never shared with anyone.
Messages encrypted with your private key can only be decrypted with your public key, proving that the message came from you (authentication)
Messages encrypted with your public key can only be decrypted with your private key, ensuring that only you can read them (privacy).
To provide both privacy and authentication on messages between you and another party, encrypt the message twice: once with your private key and once with their public key.