To authenticate the receiver (B), the sender (A) e-mails a challenge message to B. B will use her ___________ key to encrypt the challenge message and send it to A. If A is able to use B's ___________ key to decrypt and get the plaintext of the challenge message, A has authenticated B successfully.