Shared and public keys are two different types of cryptographic functions that digital certificates use to provide security.

Cryptography is the science of keeping data secure. Cryptography allows you to store information or to communicate with other parties while preventing non involved parties from understanding the stored information or understanding the communication. Encryption transforms understandable text into an unintelligible piece of data (ciphertext). Decrypting restores the understandable text from the unintelligible data. Both processes involve a mathematical formula or algorithm and a secret sequence of data (the key).

There are two types of cryptography:

  • In shared or secret key (symmetric) cryptography, one key is a shared secret between two communicating parties. Encryption and decryption both use the same key.
  • In public key (asymmetric) cryptography, keys are generated in pairs with each being the cryptographic inverse of the other. One key is used in signing and the other is used in verification. In the case of the RSA, if one key is used for encryption, the data can be recovered only by using the other key. A party has a pair of keys that consist of a public key and a private key. The public key is freely distributed, typically within a digital certificate, while the private key is securely held by the owner. The two keys are mathematically related, but it is virtually impossible to derive the private key from the public key. An object, such as a message, that is encrypted with someone's RSA public key can be decrypted only with associated RSA private key. Alternatively, a server or user can use a private key to "sign" an object and the receiver can use the corresponding public key to verify the digital signature, which verifies the objects source and integrity.