Public and private keys are used to verify that the entity requesting access to a system is who or what it claims to be.