Using public key encryption to provide confidentiality
Let us take an example where User_B wants to send a message to User_A. User_B encrypts the message with User_A’s public key, and User_A decrypts the message using his or her private key. Since the key pairs are complementary, only User_A’s private key can decrypt this file. If someone else intercepts the ciphertext, they will be unable to decrypt it, because only User_A’s private key can be used for decryption. This method does not provide any authentication that the message is coming from User_B, because User_A’s public key is known to the world. However, it does provide confidentiality to the message, as only User_A can decrypt the message.
This method very clearly indicates that the data you send to a user can only be encrypted by the public key of the recipient if confidentiality is required. Similarly, the decryption can be done only by the private key, which is supplied by the recipient of the data. Therefore, messages can be exchanged securely. The sender and receiver do not need to share a key, as required for symmetric encryption. All communications involve only public keys, and no private key is ever transmitted or shared.
Using public key encryption to provide authentication
To provide authentication, User_A must encrypt the message with his or her private key and User_B will decrypt the message with User_A’s public key. This method will provide authentication that the message is coming from User_A but it does not provide confidentiality, because User_A’s public key is known to all. Hence, anybody possessing User_A’s public key could decrypt the message.
Using public key encryption to provide authentication and confidentiality
To provide both confidentiality and authentication, User_B will need to encrypt the plaintext first with his or her private key, which will provide authenticity. Then, User_B will use User_A’s public key to encrypt the message, which will provide confidentiality.
The disadvantage of the system is that it will be very time consuming and complex as public key encryption and decryption has to be done four times, and the key length of the public key is large (1024 bits to 4094 bits).