A public key can be used for encryption and signature verification; if the system can use the verification key associated with the user's public key, then only this user could have created the signature. Public key cryptography could, however, also be used to encrypt messages although this is not commonly done because public key encryption schemes can only be computed about 1000 times faster than private key encryption schemes.

Figure 4: Use of the three key types for secure communication. Figure 4 shows all of this and demonstrates how a typical secure session uses all of these methods to create a secure session using a public key and private key. In this example, the sender of the message is Alice and the receiver is Bob. A secure session is an encrypted session and an encrypted message exchange. Alice uses cryptography to secure her communication using the encryption key, which she shares in secret with each recipient. Alice then encrypts the message using Bob's public key. The encrypted message and encrypted message exchange together form the secure session. Upon receipt, Bob uses the message decryption key using his private key and then reads the encrypted message. The secure session is completed in two steps. First, Alice uses the encryption algorithm of her choice; second, she encrypts the message exchange with her private key. Upon receipt of the encrypted message, Bob uses the crypto verification key provided by Alice by using the verification algorithm with Alice's public key. Bob can then use the decryption key to Alice's encrypted message, which he has now received (see secure communication). If the decrypted message is exactly the same as the message sent by Alice, then Bob knows that the message has been authenticated; if the message contents are the same, Bob should believe that the message he received is identical to the one that Alice sent.

