Modern cryptosystems are based on keys which consist of a series of binary digits - bits. In effect, a key is a number. In asymmetric or "public key" cryptography every user has two keys, a public one and a private one. The public one, as its name suggests, is freely available to everyone. The private key is known only to the user.
In mathematical terms, the private key is the inverse of the public key, and can be used to unlock data that has been encrypted with it. So if Mr A wants to send a message to Ms B, he takes her freely available public key, encrypts his message with it and sends it to her. As Ms A is the only one with access to her private key, she is the only one who can decrypt it.
It's that simple, but if the private key is the mathematical inverse of the public key, surely the private key can be deduced from the public one? This is true, but the process involves the factorisation of a very large number into its prime factors, and this involves enormous processing power.
It is reckoned that if all the computers currently in the world devoted all their processing power 24 hours a day for 50 years they would succeed in cracking a 2048-bit modulus. Once users of the cryptosystem feel that processing power is increasing to the point of being a threat to the key security, the size of the key can be increased. This moves the goalposts for the code breakers, and unless somebody comes up with a new factorisation algorithm, public key cryptosystems look uncrackable for the foreseeable future.
Links
http://developer.netscape.com/docs/manuals/security/pkin/index.htm
www.pgpi.com
www.crypto.com/key_study
http://mail.utep.edu/~provenci/escrow.html