Each party generates, for itself, two related keys: a private and a public. If there are two of them, e.g. Alice and Bob, each has their own key pair.
public (PubK) is placed in an accessible location (in the cloud, in a public directory) or is sent to the other party (e.g. via email)
simplified - the public key defines the identity of the owner (contains data about the owner) and encrypts for this owner
private (PrivK) remains stored locally (on the device, with the user), for security reasons it must not be exposed anywhere, it can (should be) protected with a password so that anyone who gains access to it cannot just use it
simplified - the private key decrypts
Encryption
If Bob wants to send Alice an encrypted message, he must have her public key (he receives it via e-mail in a digital signature, or finds it via public directory services, e.g. LDAP):
Bob uses Alice's public key to encrypt a message for Alice:
PubKAlice the result is encrypted data for Alice
Alice decrypts the message with her private key (she unlocks access to the PrivK, only for this operation, with the password she specified when creating the key pair)
PrivK Alice the result is decrypted data for Alice
Identity verification, digital signature
A pair of keys (which are mathematically related but not mutually derivable) are also used in the reverse guard to create a digital signature: PrivK is used for signature, PubK for its verification.
If Bob wants to send Alice a digitally signed message, that is, to assure her that it is really from him, he uses his private key for the signature.
In the background, the following happens: a hash/digest of the message of a fixed size is produced, e.g. 256 bits for SHA-256, it is encrypted with Bob's private key, and this is attached to the message.
PK Bob
Alice verifies his signature attached to the document by using Bob's public key, which states who the public key belongs to. She doesn't do this manually, it happens in the background, e.g. the email client performs the entire operation and if the public key matches, marks the signature as authentic.
VK Bob now it is certain that the document was signed by Bob
A public key is usually attached to a digital signature in the form of a digital certificate so that the recipient can verify the authenticity of the signature
A public key is usually attached to a digital signature in the form of a digital certificate so that the recipient can verify the authenticity of the signature