Public-key cryptography refers to a cryptographic system requiring two separate keys, one to lock or encrypt plaintext, and one to unlock or decrypt cyphertext. One of these keys is published or public (a public key) and the other is kept private (a private key). If the lock/encryption key is the one published then the system enables private communication from the public to the unlocking key's owner. If the unlock/decryption key is the one published then the system serves as a signature verifier of documents locked by the owner of the private key.
Several different public-key primitives can be used to provide a digital signature. Some are based on a discrete logarithm problem and are referred to as discrete logarithm-based public-key cryptosystem. A public-key cryptosystem can be employed in various schemes for providing confidentiality, integrity, authentication or non-repudiation function. Non-repudiation or authentication can be achieved through a digital certificate such as a public key digital certificate. A public key digital certificate can include two parts: the data and a signature of the data. The data can include the public-key and a unique identifier of a subscriber to a trusted third party: the certificate authority (CA). A signature of the CA on the subscriber's public-key conveys an authentic binding between the subscriber public key and the subscriber's identity (ID).