Public key crypto is a special kind of crypto.

Instead of the normal crypto in which your encrypt en decrypt (opposite actions) with the same key (password), you employ the same action with inverse keys.

The keys used are called the *private* and *public* keys are are mathematiclaly related.It is not feasible to derive one key from another, both are generated at the same time.

Every entity has their own key-pair consisting of both a private and public part.

As the name suggest, the private key is only known by one entity, while the public key is known and shared to everybody involved.

If I want to *encrypt* a message to you, I use *your public key*. I am sure only you can read (decrypt) it as I assume only you have the corresponding private key.

If I want to *sign* a message (PGP signature) to you, I use *my own private key*. You can verify the signature with my public key and you trust the message comes from me as you assume only I am in possesion of that private key to create that signature.

(Most PGP signed messages use a combination and are also encrypted.)