I've spent the last 5 days trying to fully understand Public and Private key, with little luck. I don't think anybody fully understands the concept of keys, nobody. But I will try and explain what I know via wikipedia etc.

I will be using the simple email example. Anyway, lets say we have two people. Joe and John. Joe wants to send John a secret file that has bank account information and such that he wants nobody else to see. So what does he do? Encrypts it. Joe runs Arch Linux so he uses GPG(GNU Privacy Guard) which implements PGP(Pretty Good Privacy). First, Joe generates a pair of asymmetrical keys. Public and private keys. The public key is as the name implies, public. The public key is distributed to anybody. But as the private keys name implies, private keys are meant for one person and one person only. You. You wouldn't normally give people private possesions would you(Unless privates == sexual organs). But anyway, Joe runs Arch Linux so he fires up a terminal, creates a pair of keys(public and private), and then gives John his public key. John also generates his own public / private key pair. Joe take his secret bank account file and encrypts it. He then emails the encrypted file to John, along with his PGP public key. John imports Joes public key and proceeds to decrypt the secret bank information.

So how can we go about doing all this? Well it's simple(In windows, just download a PGP or GPG program).
First, lets go ahead and generate our keys.

This will take you along a couple steps. First, select what type of key you want. The first is a pretty good one. Then select the key size. The stronger the key size, the stronger it is. But 2048 is pretty good. Now we can select when the keys expire. Expiring keys can be good and bad. Lets say the key is comprimised by a malicious attacker, it will only be comprimised until the key is expired.
After that, we need to input some info. Our name, email and the comment for these keys. After this is done it asks for a passphrase. This should be a pretty strong one to prevent brute force attacks.

After all information for the keys are created, the OS needs to gather some entropy to generate the keys. Just move around the mouse, press keys etc until enough is gathered to generate the key. After that, we can see our keys:

You can list private keys with

Now we need to export the public key to a public.key file.

This will export the key for "Your Name" to public.key. For me, I supplement Your Name with Chronic Command.
Now lets encrypt the file with gpg and send it.

Now we have our encrypted file :)

So we have our keys set up and the ecrypted file. Now we send the encrypted file to John who has our public key.
Once John gets it, John just imports the key and decrypts the data.
To import:


Done :D

Anyway, I don't fully understand it but I understand enough to write this simple tutorial on it. So I hope you enjoyed it and learned something. I suggest googling it and reading up on wikipedia some more, maybe you can understand it better :P

--chroniccommand