1. In traditional cryptography, sender and recipient share a key, which they use to encrypt and decrypt the message that they want to keep secret. This key has to be secret too, because otherwise the encrypted message could be read by others.
2. In public-key cryptography, each participant has his/her own key, or to be more exact, each one has his/her own key pair.
1. Such a key pair works like a pair of twins who, growing up together, have developed a secret language: what is spoken in that secret language by one twin, only the other can understand, and what is said by the other can only be understood by the first. In our case, these twins would be even more extreme than usual twins with a secret language: each twin is not even able to understand what he (or she) himself (or herself) has said! Thus, to retranslate from the secret into the normal language it always takes the other twin.
2. If you were so lucky as to be able to employ such a peculiar pair of twins and wanted to get confidential information from others, you would send one of the twins (the more outgoing, let’s say) into the world (this would be your public twin) and let the other one (your private or secret twin) stay home with you. Then, whoever wants to send you a secure mail could speak with your public twin, have him/her translate the secure mail into their secret twin language, and then send it to his sibling at home, who would retranslate the mail into normal language for you.
3. You would guard your private twin extremely well, as you would not want to see him/her tempted or forced to work for others, telling them the secrets that were only meant for you. But you would not worry at all about your public twin, who can roam about freely: as your public twin cannot understand the secret words s/he has spoken him-/herself even if it was just a second ago (!), nobody could use him/her to get access to your secure mails once they are made confidential by translation.
4. And if you wanted to send confidential information to others, you would try to get a hold of their public twin, have him/her translate your secure mail message into their private language, and send it to their private/secret twin. You only want to be really sure that that public twin to whom you give your secrets really works for the intended recipient of your secure mails (and does not just pretend to do so, instead working for your worst enemy!)
5. You can also use your twins to “sign” a mail message, that is, give other people a way to verify that you authorized it: Just let your secret twin translate the mail into the secret language he shares only with his sibling and attach this translation as your “twintological signature” to the open version of the mail. Whoever wants to know if the mail is from you just has to get a hold of your public twin and ask him to retranslate the “signature” into normal language. If the retranslated signature and the open mail correspond, it shows that are both from you: only someone with access to your secret twin could have produced it in the first place. This is another reason why you want to guard your secret twin so well, namely to prevent others from forging your twintological signature.
1. Now that I think about it—such a pair of twins is probably pretty hard to come by in the real world. But, hey!, with a public-key encryption program you can create your own pair of keys that work just as well (and cheaper, too). You send one of them (your public key) to whomever wants to send you secret mails, and the other you keep secret, to decipher/decrypt these secret mails and to sign your own.
2. And you would collect the public keys of all your correspondents, so that you can encrypt mails to each one of them. (We call such a key collection a key ring, but actually it looks more like an address book.) When you want to send a secret mail to a friend, you pick out his/her key from the key ring (just as you would normally look up a mailing address in an address book) and use it for encryption.