Authentication studies methods for the verification of the signatory of a message. These methods are based on cryptography, but involve additional considerations. An authentic message, then, is one that is signed in a cryptographically secure way; otherwise, it is not acceptable. An authentic message need not be secret, and a secret message need not be authentic. This is sometimes referred to as the separation principle of secrecy and authentication. Of course, a message can be both secret and authentic, but each must be assured individually. A message can be encrypted after it is signed, or it can be signed after it is encrypted, or both, depending on the needs of the application. A signed message may even contain one or more embedded subsections that are themselves independently signed or encrypted by a third party, or are to be decrypted by yet another party.

Authentication is not the same as identfication. Identfication is a topic that studies methods for verifying or determining the identity of the transmitter of a message. While authentication verfies that the message did indeed come from the indicated sender, identification verifies that the sender does have a recognized position in the appropriate community. Authentication is studied in this chapter, and identfication is studied in Chapter 14.

Ownership protection is another topic based on, and related to, the topic of cryptography. Ownership protection studies methods for the control of who owns a message or document, and of how the owner can control the use of the document.