PKI Flashcards
Public key infrastructure (PKI)
Public key infrastructure (PKI) consists of programs, data formats, procedures, communication protocols, security policies, and public key cryptographic mechanisms working in a comprehensive manner to enable a wide range of dispersed people to communicate in a secure and predictable fashion.
Public key infrastructure (PKI) Provides
PKI provides authentication, confidentiality, nonrepudiation, and integrity of the messages exchanged.
What type of system is Public key infrastructure (PKI)
PKI is a hybrid system of symmetric and asymmetric key algorithms and methods, which were discussed in earlier sections.
Public key infrastructure (PKI) Person
Each person who wants to participate in a PKI requires a digital certificate, which is a credential that contains the public key for that individual along with other identifying information.
PKI Certificate
The certificate is created and signed (digital signature) by a trusted third party, which is a certificate authority (CA).
PKI Signs Cert
When the CA signs the certificate, it binds the individuals identity to the public key, and the CA takes liability for the authenticity of that individual.
Trusted Third Party
It is this trusted third party (the CA) that allows people who have never met to authenticate to each other and to communicate in a secure method.
CA
If Kevin has never met Dave, but would like to communicate securely with him, and they both trust the same CA, then Kevin could retrieve Dave?s digital certificate and start the process.
The email message is encrypted using a symmetric algorithm with a key size of, say, 128 bits.
KEY
That key is then encrypted asymmetrically using the recipient’s public key with, say 2048 bits, and the entire message (symmetrically encrypted body and asymmetrically encrypted key) is sent together to the recipient. The message may additionally be digitally signed.