Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Computer Security > Public Key Infrastructure > Flashcards

Public Key Infrastructure Flashcards

1
Q

Define the PKI…

A

The PKI is an infrastructure that binds public keys to principals through certificates signed by certification authorities and registered by registered authorities. In essence, it enables public key authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Can CA’s in the PKI be structured in a hierarchical manner? If so, what is the root of the hierarchy?

A

Yes they can, this means CA’s can be authenticated by other CA’s and only leaf CA’s can authenticate clients.
The root of the hierarchical structure is a root CA.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define a certificate…

A

A token that binds a public key to an entity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How is a certificate created and given?

A

Client brings in physical unsigned certificate to the CA. CA runs USC through a hash function, then encrypts the digest with their private key to create a signature. This signature is then appended to the USC to create a signed certificate. The client now has a signed certificate which proves their public key belongs to them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How does someone verify a public key certificate?

A

The user can run the signed certificate (without the signature) through the hash function used. The user can then run the digest and the CA’s public key into the signature verification algorithm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the 4 PKI components? Define each…

A

Certification Authorities - Creates certificates that binds keys to identities. Publishes certificates to the directory. Maintains CRL.
Registered Authorities - Registers users and issues certificates; Ensures proper user identification.
Clients - Anyone entity who is intending to use the PKI in some way.
Directory - Lists all certificates and makes them available.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are 6 key components of an X.509 certificate?

A

Serial Number
Public Key Algorithm
Issuer Name
Period of Validity
Subject Name
Signature

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the Certification Revocation List?

A

A list of all certificates tat have been revoked by the CA before the period of validity has come to an end.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the components of each record on the CRL?

A

Name
Date of revocation
Date of next scheduled certificate
Signature of CA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is X.509

A

The most recent standard of PKI.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What 3 cryptographic components is X.509 based on?

A

Cryptography, hashes, digital signatures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How is the signature appended to the certificate created?

A

It is a hash value of the unsigned certificate which is then run through a signature algorithm with the CA’s private key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Computer Security (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions