Public Key

Learn more about public keys.

A public key is half of an encryption key pair, the other being a private key. Using asymmetric encryption, whatever one key in such a pair encrypts, the other -- and only the other can decrypt, and vice-versa. In this system, what a given key encrypts, that same key cannot decrypt -- only the matching key can decrypt it. Normally one of the key pair is made public -- i.e., shared with others, while the other is kept strictly private, hence the keys are called private and pubic. The creation and management of private and public key pairs is called a public key infrastructure, or PKI for short.

Use of private and public key pairs allows for various logical functions, such as:

  • Digital signatures -- calculate a checksum of some text and encrypt it using the private key. Send the result of the calculation along with the original text. Anyone with access to the public key of the signing party can verify that it was, indeed, that party who signed the text and it was the provided that that was signed.
  • Private and tamper-proof communication -- encrypt text using the recipient's public key. That way, only the recipient can decrypt it.
  • Identification -- one party asks another party to encrypt some text using its private key and return the result. If the returned text can be decrypted using that party's public key, then it is indeed that party who encrypted it.

Return to Identity Management Concepts