Unlike some encryption technologies that use the same key to encrypt and decrypt data, public key encryption technology uses a pair of matching keys to encrypt and decrypt data. Each key performs one-way data processing, and the function of each key is just the opposite of the other. When one key is used for encryption, the other key is used for decryption. The public key is made public by its owner, while the private key must be kept secret. In order to send a confidential message, the sender must use the public key of the receiver to encrypt the data. Once encrypted, only the receiver can decrypt it with his own private key. Conversely, users can also process data with their own private keys. In other words, the key pair can work in any direction. This provides the basis of "digital signature". If a user uses his own private key to process data, others can use the public key he provides to process data. Because only the owner knows the private key, the processed message forms an electronic signature-a file that no one else can generate. A digital certificate contains public key information to confirm the identity of the user who owns the key pair.