What is a Public Key

A public key is one half of a mathematically linked key pair used in asymmetric cryptography. You share your public key with anyone. They use it to encrypt data that only you can decrypt, or to verify digital signatures that you created with your private key.

How it works

In asymmetric cryptography, keys come in pairs. The public key and private key are mathematically related — data encrypted with the public key can only be decrypted with the corresponding private key. The reverse also works: data signed with the private key can be verified with the public key.

The critical property is that you cannot derive the private key from the public key. In RSA, this relies on the difficulty of factoring large numbers. In elliptic curve cryptography, it relies on the difficulty of the discrete logarithm problem on curves.

Public keys are distributed openly through several mechanisms:

• TLS certificates — a web server's public key is embedded in its certificate, signed by a Certificate Authority
• SSH authorized_keys — you paste your public key into a server's ~/.ssh/authorized_keys file
• PGP key servers — email encryption keys are published to public directories
• Git commit signing — GPG or SSH public keys verify who made a commit

Why it matters

Public keys solved the fundamental problem of cryptography: how do two people who have never met communicate securely? Before asymmetric cryptography, both parties needed to share a secret key in advance. Public keys eliminate that requirement. You publish your public key, anyone can send you encrypted messages, and only your private key can decrypt them. This is the foundation of TLS, SSH, secure email, and digital signatures.

See How Asymmetric Encryption Works for the full walkthrough.