1.4-Public_Key_Infrastructure

Question 1

PKI

Answer 1

Public Key Infrastructure

Question 2

PKI

Answer 2

Policies, procedures, hardware, software, people
– Digital certificates:
create, distribute, manage, store, revoke *
Also refers to the binding of public keys to people or devices –
The certificate authority – It’s all about trust

Question 3

Symmetric encryption

Answer 3

• A single, shared key – Encrypt with the key
  – Decrypt with the same key
  – If it gets out, you’ll need another key *
• Secret key algorithm
  – A shared secret
• Doesn’t scale very well
  – Can be challenging to distribute
• Very fast to use
  – Less overhead than asymmetric encryption
  – Often combined with asymmetric encryption

Question 4

Asymmetric encryption

Answer 4

• Public key cryptography
  – Two (or more) mathematically related keys
• Private key
  – Keep this private
• Public key
  – Anyone can see this key
  – Give it away
• The private key is the only key that can decrypt data encrypted with the public key – You can’t derive the private key from the public key

Question 5

Asymmetric encryption description

Answer 5

• Asymmetric encryption
  – Public Key Cryptography
• Key generation
  – Build both the public and private key at the same time
  – Lots of randomization
  – Large prime numbers
  – Lots and lots of math
• Everyone can have the public key
  – Only Alice has the private key