Public Key Infrastructure (PKI)

A public key infrastructure (PKI) allows users of the Internet and other public networks to engage in secure communication, data exchange and money exchange. This is done through public and private cryptographic key pairs provided by a certificate authority.

There are different types of systems in a PKI:

  1. Private and Public Key Systems: Private systems are symmetric cryptography and a public systems are asymmetric cryptography. Currently, public key systems are the most common.
  2. Symmetric Encryption Systems: The same key is used for both the processes of encryption and decryption.
  3. Asymmetric Encryption Systems: A different key is used for each process. One key is the public key and the other key is the private key. If something is encrypted with the public key, then decryption can only be done with the private key. Alternatively, if something is encrypted with the private key, then decryption must be done only with the public key.

A certificate authority (CA) is the entity providing the keys. The private key will be given to the person requesting the key. The public key is made public in a directory for users. No one can ever find out what someone’s private key is, never being available on the Internet. The private key is used for proving user identity and encrypting the digital certificate. The digital certificate will be decrypted by the public key, which is used by the message receiver.

There are several companies enabling a PKI. The registration process for a digital certificate begins with a registration authority (RA). This refistration must take place before the CA knows whether or not the user will be issued a certificate.

There are many pieces involved in PKI. Properly enabled, these provide smooth, transparent and secure communications.

Post a Comment

0 Comments