There are two types of encryption – symmetric and asymmetric. Symmetric encryption is when a simple key (of letters, numbers, words, etc.) is applied to a text of a message to change it in a particular way (turning letters into their corresponding numbers of places in the alphabet). Everybody that knows the key can decrypt the message which is the main issue with symmetric encryption.
As a solution came to the asymmetric encryption which uses two separate keys at once – private and public (that is why the asymmetric encryption is also called public-key encryption). The private key is familiar only to your computer, hence no one else can use it. The public key is common for you and the computer you try to communicate with. The main advantage of this type of encryption is that no message can be read without a private key, no matter the public one is no secret. When a text is encrypted by the public key, it can only be decrypted using the same algorithm but by the private key. When a message is encrypted by the private key, it can only be decrypted by the provided public key. That’s because the two keys are mathematically paired and that’s the reason why there is no problem sharing public keys over the Internet.
When a secure connection should be implemented on a large scale, then the way to verify the user or the server is by so-called digital certificates or just certificates. They hold the information proving the other side is trusted by an independent authority (CA) that is itself trusted by both communicating sides. The certificate assures each computer is who it claims to be and then provides the public keys of each computer to the other.