Another useful part of public-key encryption is authentication in digital communication. "Normal" public key encryption of a message from Albert to Betty might go something like this:
|<--Albert's computer -->|<--transmission-->|<--Betty's Computer----->|
source --> encryption ---------------------> decryption --> plaintext
algorithm algorithm
^ ^
| |
| |
Betty's Public Betty's Private
Key Key
However, there is a problem with this sequence: when Betty recieves the message, she knows that she's the only one who could read it but she can't be sure that Albert is the one who sent it. So what's a couple of paranoids to do? Use the other feature of public-key encryption -- digital signatures. It could go like this:
|<-------------Albert's computer -->|<--transmission-->|<--Betty's Computer---------------->|
source --> encryption --> encryption ----------------> decryption --> decryption--> plaintext
algorithm algorithm algorithm algorithm
^ ^ ^ ^
| | | |
| | | |
Betty's Public Albert's Private Albert's Public Betty's Private
Key Key Key Key
So, Betty recieves an encrypted message claiming to be from Albert; to prove this, she attempts to decrypt the message with the public key she has for Albert. She then decrypts the message using her private key, sees his message, and knows for sure that he's the one who sent it1.
1: That is, she knows for sure if and only if she can trust her public key for Albert. If that was somehow compromised (for instance, if the authority from which she acquired his public key was hacked), it is concievable that she could be using a public key for, say, Colin the opponent, who signed the message using a private key after planting the matching public key in the authority's database. This also depends on the algorithm used to generate the keys and the one used in the encryption/decryption. If the key generation isn't random, an opponent may be able to guess the private key that matches the freely available public key, and impersonate anyone. Additionally, if the encryption/decryption process isn't completely infeasible to attack, a naughty person could snoop on the encrypted messages during the transmission phase.