In asymmetric encryption, data encrypted with one key of a key pair can only be decrypted with the other key of that same pair.
Keeping one key of the pair secret and allowing the other to be public enables you to do two very interesting things:
- If you know someone’s public key (click here to see an example PGP key), you can encrypt data using that key, thus guaranteeing that only the person who holds the secret key can decrypt the data. This becomes a secure way to send digital data only to that person.
- You can verify that data encrypted with a private key originated from a specific person by successfully decrypting it with their public key. The decryption would only be successful if it had been encrypted with the matching private key. This actually forms the basis for digital signatures.