I am working on a chat application, and I am trying to secure the communication by using asymmetric encryption. I am able to encrypt a message with the receiver's public key and decrypt a message with the receiver's private key.
However, how can a client be sure that the sender is the real sender?
Example: We have Alice and Bob. Alice encrypts a message with Bob's public key, and Bob decrypts the message with his own private key. However, how can he be sure that the sender of the message is Alice?
I have read about adding a nonce, but I am not sure how that will help. What I understand is that Alice will add a random number to the message she sends. Bob will be, somehow, able to identify the sender of the message as Alice by looking at this number?.
Let us say that the message is: "Hello Bob" and the nonce is "6". The message gets encrypted with Bob's public key, but what about the nonce?