Uses a public-private key pair. As the name implies, public key is shared and private key is kept secret.

These keys are generated at the same time using an algorithm and are mathematically linked. The keys are used together in one of the following ways:

**Encrypting with public key**

Used for sending messages only the intended recipient can read.

Bob *encrypts* a plaintext message with Alice’s public key, then Alice *decrypts* the ciphertext message with her private key. Since Alice is the only one with access to the private key, the encrypted message cannot be read by anyone besides Alice.

**Signing with private key**

Verifying the authenticity of message.

Simply put, verify that you’re the one who sent the message.
Alice *encrypts* a plaintext message with her private key, then sends the ciphertext to Bob. Bob tries to *decrypt* the ciphertext with Alice’s public key.

A successful *decryption* confirms the authenticity of the message since the public key with Bob can decrypt only the messages that was signed using Alice’s private key.