Public-key cryptography, also known as asymmetric cryptography, is a form of cryptography in which the key used to encrypt a message differs from the key used to decrypt it. In public key cryptography, each user has a pair of cryptographic keys–a public key and a private key. The private key is kept secret, while the public key may be widely distributed and used by other users. Incoming messages would have been encrypted with the recipient's public key and can only be decrypted with his corresponding private key. The keys are related mathematically, but the user's private key cannot be easily derived from the widely used public key.
On the other hand, secret key cryptography, also known as symmetric cryptography, uses a single secret cryptographic key for both encryption and decryption. To use symmetric cryptography for communication, both the sender and receiver need to know the key earlier, or the key would have to be sent along with the message.
The two main branches of public key cryptography are:
- Public key encryption – a message encrypted with a recipient's public key cannot be decrypted except by the recipient private key. This is used to ensure confidentiality.
- Digital signatures – a message signed with a sender's private key can be verified by anyone who has access to the sender's public key, so if the sender signed the message no one can alter it. This is used to ensure authenticity.