Public key encryption refers to a type of cypher architecture known as public key cryptography that utilizes two keys, or a key pair), to encrypt and decrypt data. One of the two keys is a public key, which anyone can use to encrypt a message for the owner of that key. The encrypted message is sent and the recipient uses his or her private key to decrypt it. This is the basis of public key encryption.

Public key encryption is considered very secure because it does not require a secret shared key between the sender and receiver. Other encryption technologies that use a single shared key to both encrypt and decrypt data rely on both parties deciding on a key ahead of time without other parties finding out what that key is. However, the fact that it must be shared between both parties opens the door to third parties intercepting the key. This type of encryption technology is called symmetric encryption, while public key encryption is known as asymmetric encryption.

A "key" is simply a small bit of text code that triggers the associated algorithm to encode or decode text. In public key encryption, a key pair is generated using an encryption program and the pair is associated with a name or email address. The public key can then be made public by posting it to a key server, a computer that hosts a database of public keys. Alternately, the public key can be discriminately shared by emailing it to friends and associates. Those that possess your public key can use it to encrypt messages to you. Upon receiving the encrypted message, your private key will decrypt it.

Public key encryption is especially useful for keeping email private. Any stored messages on mail servers, which can persist for years, will be unreadable, and messages in transit will also be unreadable. This degree of privacy may sound excessive until one realizes the open nature of the Internet. Sending email unencrypted is akin to making it public for anyone to read now or at some future date. United States law does not recognize email as a protected or private form of communication, unlike a telephone call or letter.

Unarguably, the most widely known and respected public key encryption program is PGP (Pretty Good Privacy), which offers military-grade encryption. PGP has plug-ins for most major email clients so that the clients work in concert with PGP to encrypt outgoing messages and decrypt incoming messages automatically. PGP maintains a "key ring" or file of collected public keys. An email address can be associated with a key so that the email client will automatically pick out the proper public key from the PGP key ring to encrypt the message upon sending. It will also automatically use your private key to decrypt incoming mail. To use public key encryption for email, both the sender and receiver must have encryption software installed.

Public key encryption programs like PGP have digital signature capability built in. With this feature, messages sent can be digitally signed with the click of a button, so that the receiver knows the message was not tampered with en route and is authentic, or from the stated sender.

Public key encryption can also be used for secure storage of data files. In this case, your public key is used to encrypt files while your private key decrypts them.