A type of cryptography where one of a pair of keys is used to encrypt a message and the other is used to decrypt it. It does not matter which key is used to encrypt and which to decrypt: both combinations will work; however, attempting to encrypt and decrypt with the same key will not work. The two keys are integers that are related mathematically, but – crucially – it must not be viable to deduce the other key if only one is known. In computational terms this means that it must be proven that there does not exist an algorithm to calculate the second key efficiently from the first, and that the range of possible integers must be large enough to make a brute force attack impractical.
In usage, a given key pair belongs to a specific person or organization. One key of the pair, the public key, can be distributed freely; the other, the private key, must be kept secret by the owner. The keys can then be used in one of two ways: