PGP is a collection of different cryptography technologies that can provide a number of functions.

One of these is known as public key cryptography, which is a form of asymmetric cryptography where the key you use to encrypt something is different than the key used to decrypt it. So there are, in fact, *two* PGP keys: the public key (which you share and can be used to let other people send encrypted messages to you) and the private key (which you don’t share and is used to decrypt messages sent to you). They can also be used in the reverse fashion to provide digital signatures to prove something was sent by you.

PGP is an encryption protocol.

There are two kinds of encryption — symmetric and asymmetric. Symmetric encryption is one where you can encrypt and decrypt something with the same key. Asymmetric encryption is one where you have a key that encrypts and another key that decrypts (or vice versa).

One very big difference between the two is that asymmetric encryption is *slow* compared to symmetric. However, the main benefit is that if (for example) I were to encrypt something with my private key, by decrypting it with my public key, you know that it came from me. Similarly, if you encrypt something with my public key, you know that only I can decrypt it with my private key.

PGP is a protocol wherein you use the public/private key cryptography asymmetric cryptography, but you use it to encrypt a randomly generated *symmetric* key. You use that symmetric key to actually encrypt/decrypt the payload data, which gives you a lot of performance improvement.