Public keys and private keys are the working parts of Public-key cryptography. Together, they encrypt and decrypt data that resides or moves in a network. The public key is truly public and can be shared widely while the private key should be known only to the owner. In order for a client to establish a secure connection with a server, it first checks the serverâs digital certificate. Then, the client generates a session key that it encrypts with the serverâs public key. The server decrypts this session key with its private key (thatâs known only to the server), and the session key is used by the client-server duo to encrypt and decrypt messages in that session. In case of email communication, the senderâs private key signs the message while the recipientâs public key verifies the senderâs signature. This is why the private key should be kept secret– exposing it will pave the way for hackers to intercept and decrypt data and messages.
Due to their importance in safeguarding critical data, public-private key pairs or the PKI in general has to be managed with utmost diligence.