Definition
Public-key cryptography — also called asymmetric cryptography — is the family of algorithms in which each party holds a mathematically paired key pair: a public key that may be shared freely and a private key that must be kept secret. Operations performed with one key of the pair are reversed only by the other. Encrypting a message with someone's public key produces ciphertext that only the matching private key can decrypt. Signing a message with one's private key produces a signature that anyone with the corresponding public key can verify. Symmetric ciphers, by contrast, use a single shared key for both directions — secure but with the bootstrapping problem of how to establish that shared key in the first place.
Public-key cryptography, introduced by Diffie and Hellman in 1976 and made practical by RSA shortly after, solves the key-distribution problem and is the mathematical foundation of every secure connection on the modern Internet — TLS for the web, SSH for shell access, S/MIME and PGP for email, signatures on software packages, and authentication in cryptocurrency.
Why it matters
How it works
Two operations sit at the heart of every public-key scheme. Encryption lets anyone send a confidential message to a key-holder: the sender encrypts with the recipient's public key, and only the recipient's private key can decrypt. Signing lets a key-holder prove authorship: the signer computes a hash of the message and operates on that hash with their private key, producing a signature anyone can check against the public key. The two operations rest on the same underlying trapdoor function — easy to compute in one direction, computationally infeasible to reverse without the private key.
In day-to-day Unix use, SSH key authentication is the most visible application. ssh-keygen produces a key pair on the client; the public key is copied into the server's ~/.ssh/authorized_keys file. When the client connects, the server sends a challenge that only the matching private key can answer, proving the client's identity without ever transmitting a password. The same machinery underlies TLS certificate verification (the certificate authority's signature on a server's public key) and software-package signing (the maintainer's signature on a release tarball).