Public Key Infrastructure (PKI)
allows users to information securely over an insecure network. This can be done through the use of public
key (known to all) and private key (will not be transferred over the network) (Brayton,
Finneman, Turajski, & Wiltsey, 2006) . PKI provides digital
certificate that can identify an individual or an organization. In some cases, revocation
of certification will be necessary (Brayton, Finneman, Turajski,
& Wiltsey, 2006) .
Previous cryptography involves
the use of single key to encrypt and decrypt the data (symmetric cryptography).
However such method is not as secure because if the key is intercepted by
unauthorized user, the message can be decrypted by them (Brayton,
Finneman, Turajski, & Wiltsey, 2006) . Hence PKI is such
more preferred. It is because it provides an additional layer of protection to
prevent unauthorized user from decrypting the message upon intercepting the key (Khan, n.d.) . PKI is also known
as the asymmetric cryptography.
The following image will be
showing the details about digital certificate:
.jpg)
Figure
1 (Digital Certificate showing the public key)
It must comprise certain
component In order for PKI to work. This includes:
- Certificate Authority, one that issue and verify
the authenticity of the digital certificate. This certificate will include or provide
information about public key
- Registration Authority, one that verify the authenticity
of the certificate authority before issuing digital certificate to individual
or organization that requests it
There are two ways to send data
across the network, either ensuring high confidentiality or high integrity. In order
to ensure high confidentiality of the message, the sender will be encrypting
the message using the receiver’s public key. The receiver will then be
decrypting the data using his/her private key (Temasek
Polytechinc, 2012) .
To ensure high integrity of the
message, the sender will be encrypting the message using his/her private key. The
receiver will then be decrypting the data using the sender public key (Temasek
Polytechinc, 2012) .
Reference
Brayton, J., Finneman, A., Turajski, N., &
Wiltsey, S. (2006, October). PKI (public key infrastructure). Retrieved
May 25, 2012, from SearchSecurity:
http://searchsecurity.techtarget.com/definition/PKI
Khan, S. (n.d.). What Is PKI? Retrieved May
25, 2012, from eHow: http://www.ehow.com/about_6693189_pki_.html
Temasek Polytechinc. (2012, May 25). Cryptography.
Singapore, Singapore, Singapore.
Hi,
ReplyDeleteI read your post “Public Key Infrastructure (Digital Cert)” and I find it’s very useful!
Although it reminds me of BITS, I learnt something new apart from my post.
Your explanation is straight to point and I believe most of the readers can easily understand what you are trying to say. I like the way you put references in every paragraph and it makes your post looks more formal and standard! ^ ^
Good job! Well done!
Hi,
ReplyDeleteI feel that the Public Key Infrastructure (PKI) allows users to information securely over an insecure network. This can be done through the use of public key (known to all) and private key (will not be transferred over the network). Wow upon reading your post, it seems we have the same opinion. What a great coincidence, don't you think? Hmm how did that happen. Anyway great job and goodbye
Hi Kim Chye,
ReplyDeleteonce again, you have impressed me with your post about the Public Key Infrastructure and Digital Certs.
I feel that your use of pictures, especially your figure 1, illustrates your point clearly and makes it easier to understand the concept.
The paragraph explaining the use of public private key pair is another excellent thing. How you link that back to digital certificates and PKI in general is easy to learn too.
Keep up the good work!
Winston Ho
This comment has been removed by the author.
ReplyDeleteI read this complete article and find a wonderful information about public key infrastructure. This article defines the meaning and how public key infrastructure helps over network.
ReplyDeletepublic key infrastructure