(

Since the public key is common knowledge anyone can send a confidential message to a known recipient. Integrity is achieved in the same way. To obtain authentication of origin a second transformation needs to be applied. Since the recipient's public key can be used by anyone it does not prove who the sender is; to do this we need a secret from the sender. To provide this component the sender's secret key is used in a separate transformation of the data.

which is then transmitted and deciphered by

at the recipient end. Note that the actual secret used by the sender is not sent, only the effect of the secret which can be checked. This is an important advantage in using public keys for authentication (the distribution of the public keys apart). If authentication and confidentiality are required then the two transformations are carried out on the data, the sender would do:

and the recipient would reverse both of these as:

For this to work the mathematical function must be chosen so that

which is currently only true of the RSA algorithms as stated above. Public key algorithms appear to have the advantage over secret key algorithms in that the secret key does not have to be known by every party in a communication. It also means the computer system can apply protection using the public key. In the above examples the secret key only needs to be known by one entity, all the others use the public key. In practice the algorithms for public keys take a lot longer to transform the same amount of data as a symmetric algorithm, consequently they are not used on large items of data. This limits their use in general communications support.