Public and private keys are used to verify that the entity that requests access to a system is who or what it claims to be.