I am reading a book named PKI Uncovered (Cisco Press) that gives an intro Security.
The book states two facts:
1. In Authentication - the message is encrypted using the sender's private key and unencrypted using the sender's public key.
2. In Encryption - the message is encrypted using the recipients public key and unencrypted using the recipient's private key.
Is this correct?
Also, let me give an example for the encryption:
Bob wants to send a message to Alice.
Bob encrypts the message using Alice's public key and she unencrypts using her private key. But how does Bob know what Alice's public key is? Do they both need to have the same software that works this out? Is Alice's public key always the same, or changes each time a message is sent?