What common products use Public-key cryptography?
Public/Private key crypto is used in a wide variety of protocols and data formats, which are implemented by a huge range of application and system software:
- SSL (https) protocol
- SSH (secure remote login, tunneling, etc) (public/private authn/authz is optional)
- Digitally signed PDF files (including attachments within the PDF)
- Signed Applets and jar archive files for Java
- Digital signatures in the packaging infrastructure for Debian, Ubuntu and Red Hat Linux distributions, etc.
- PGP/GPG for signed and/or encrypted files and email (perhaps the first widely used non-military public/private key crypto?)
- S/MIME for signed and/or encrypted email
- DNSSEC for securing the DNS
- Internet Key Exchange (IKE) in IPsec for secure low-level TCP/UDP networking
- RFC 3161 for authenticated timestamps
- Most other encryption or signature schemes which don't require prior out-of-band secure communication between the parties. Many are described at http://www.apps.ietf.org/rfc/seclist.html
- A variety of other uses, like digital cash and secure transparent voting (see e.g. the trustee keys for Helios)
Let's start with, you keep the Private key for your use only, and the Public key for anyone else ;)
Generally speaking, there are two main situations where you would use these:
Assymetric Encryption
You use Tom's public key to encrypt a message for him only; He would use his matching private key to decrypt it.
He would then respond using your public key, and so you'd be able to read it only using your private key.
Encrypt with public, decrypt with private.
Digital signature
You sign a public message using your private key. Anyone else freely validate the signature on your message using your public key, and thus be ensured that it was you who wrote this message (and combined with a secure hash, that it was not changed).
Sign with private, validate with public.