While symmetric cryptography is used for the message confidentiality, asymmetric cryptography can be used not only for confidentiality, but also for authentication. Which security property the cipher provides primarily depends on the use of the public key, private key pair, and the cipher algorithm design. Let's first review how the key use can affect the security property that the system can achieve. Let's first define the parameters that we will use. As before, p corresponds to the plaintext data, while c is the ciphertext data, after the encryption cipher processing. While we used one key in symmetric cryptography, we now use two keys. For each user i, there's a private key denoted with small case sub i that is only known to that user. There's also a different but related public key, capital K sub i, which is public. Capital K is for public key. The user i typically generates the public key, private key pair before distributing the public key to other users that it wants to communicate with. Given the public key, private key pair, the cipher is designed so that the encryption using one of the key pairs reverses the encryption using the other key of the key pair, as is shown by the two equations at the bottom. These encryption decryption ciphers are typically different, depending on whether the cipher is used for confidentiality or authentication. Although there are ciphers that support both properties, such as RSA. In this lesson, we will assume that we were given such encryption decryption functions, and leave the requirement discussion for such cipher functions in the next lesson. Given the sender Alice, the receiver Bob, and the attacker Eve, let's first look at the scenario where Alice uses Bob's public key, capital K sub B. And Bob uses his private key, small k sub B. Like Alice holding Bob's public key, the attacker Eve can also access Bob's public key, capital K sub B. But she does not know Bob's private key, small k sub B. In fact, even Alice does not know Bob's private key. In this case, for any data p, the cipher text c is the result of the encryption of p using Bob's public key, capital K sub B. And then from Bob's side, the decryption processes the cipher text using Bob's private key. In other words, the decryption using the private key, small k sub B, is designed to reverse the encryption using the public key, capital K sub B. As we discussed previously, this decryption encryption reverse relationship holds true, thanks to the design of the encryption and decryption cipher algorithms, and the design of the Bob's key pair when generating them. In this case, only Bob can decrypt and retrieve the plaintext, because Bob is the only user who holds his own private key, and the encryption was done using Bob's public key. The attacker, Eve, does not know Bob's private key. Therefore the confidentiality of the plaintext p is protected when Alice, the sender, uses Bob's public key to direct the data to Bob. And Bob in turn receives the ciphertext and decrypts it with his own private key.