Private Key: A block of data (a large binary number) generated using one of the PKI algorithms. Each party taking part in secure communications should keep its Private Key securely. This key should never be transferred between communication parties.
Public Key: A block of data (a large binary number) generated together with the Private Key. Each party taking part in secure communications can and should distribute its Public key openly. It is assumed that Public Key can be learned by anyone, including hostile entities. Public Keys are usually distributed in the form of Certificates.
Data Digest: A relatively small block of data calculated by applying a special digest function to the original (usually larger) data block.
Data Signature: A Digest of the Data block encrypted using the Private Key of the Signer.
Signed Data: A data block with attached Signature of that block. A party receiving Signed Data can verify that the data block has not been modified in transit by using the Public Key of the Signer to decrypt the Signature and to compare the resulting Data Digest with the Data Digest it calculated itself.
Certificate: A data block with containing the name of the Certificate owner (called Certificate Subject), the Public Key of the owner, the name of the Certificate Issuer, the serial number of the Certificate, and some additional data elements. This data block is signed by the Issuer. Certificates play the role of Digital ID cards.
Issuer: A party that issues Certificates for other parties, signing them with the Private Key of the Issuer. Issuers are also called Certificate Authorities. Each certificate generated by a certain Issuer has a unique serial number.
Trusted Authorities: A list individually maintained by a communication party. Each list element contains the name of a "trusted authority" and its Public Key. When a party receives any Certificate, it can check if the Certificate Issuer is included into the "trusted authority" list, and that the Certificate Signature can be verified using that "trusted authority" Public Key. Modern operating systems allow users to securely maintain Trusted Authorities databases on their desktops.
Root Authorities: Globally recognized Certificate Authorities. Most modern operating systems pre-insert several Root Authorities into the client Trusted Authorities databases, making Root Authorities trusted by all client computers running these operating systems.
Authority Chain: A set of Issuer Certificates for a certain Certificate. Some Authority X may be not widely accepted as a "trusted one", but its Certificate may be issued by a more widely trusted Authority Y. In this case Certificates issued by X won't be widely accepted, but if those Certificates are sent together with the X own Certificate, issued by Y, then these Certificates may be accepted by all parties that trust Y.
Self-Signed Certificate: A Certificate issued by a party for itself. The Subject and Issuer of such a Certificate are the same. The Self-Signed Certificate contains the party Public Key and is signed using the Private Key of the same party. Self-Signed Certificates can be trusted only if other parties explicitly include them into their lists of "trusted authorities".
Multiparty Encryption: An encryption method used to send data to parties with known Certificates. A single encrypted messages can be independently decrypted by any party that possesses a Private Key matching one of the Certificates used for encryption.