In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt. Security depends on the private key being kept secret.

**Public-key cryptography**, also called **asymmetric cryptography**, is a communication where people exchange messages that can only be read by one another.

In public key cryptography, each user has a pair of cryptographic keys:

- a public key
- a private key

The private key is kept secret, while the public key may be widely distributed and used by other users.

Incoming messages are encrypted with the *recipient's public key* and can only be decrypted with their corresponding private key. The keys are related mathematically, but the user's private key cannot be easily got from the widely used public key.

The two main branches of public key cryptography are:

**Public key encryption**: a message encrypted with a *recipient's public key* cannot be decrypted except by the *recipient private key*. This is used to ensure secrecy.
- Digital signatures: a message signed with a sender's private key can be verified by anyone who has the sender's public key. So if the sender signed the message no one can alter it. This is used to get authenticity.

## Other pages