Security Encyclopedia

Private Key

A private key (or “secret key”) is a variable that is used with an algorithm for encrypting messages between parties to a private conversation. 

In symmetric cryptography, also called secret key cryptography, the same closely-held key is used by both parties to encrypt and decrypt messages. The two share knowledge of the encryption scheme, for example ROT13, and they use this to decipher messages that have had the plaintext rotated 13 characters forward in the alphabet. 

In public-key cryptography (PKC), also called asymmetric cryptography, there are two different but mathematically-related keys. The public key is made widely available to both parties, and a private key is held only by a user—only one of them. The public key is used for encryption and the private key is used for decryption. Key sharing that is simple makes PKC a sensible system for modern applications since it is scalable, although PKC is more computing resource-intensive than symmetric cryptosystems.


“In symmetric cryptography, where the users both have a private key for encryption and decryption, the private key is a closely-held mutual secret. These kinds of systems are fast and efficient, however, the requirements for distributing keys securely is challenge that sometimes calls for a key-distribution method that is different than the encryption scheme used for the actual conversations.”