In an asymmetric cryptographic system two separate keys are created—one private key which is kept secret, and one public key which is shareable with anyone who may want it. These keys are mathematically related, but to a party who knows only the public key in a pair, there is no way to calculate the private key.
The keys can be used in two different ways.
A public key can encrypt a message which only its corresponding private key can decrypt. This allows for secure communication. For example, if Alice wants to send Bob a secret message, she asks him for his public key, uses it to encrypt her message and sends it to Bob. Only the holder of the corresponding private key, Bob, can then decrypt the message.
A private key can also encrypt a message, and anyone with the public key and the plaintext message can then decrypt it, proving that only the holder of the private key could have encrypted the message. This is what’s called a digital signature, which exists to assure a recipient that a message is authentic and from a certain specified source.