What is public key infrastructure used for?
Public key infrastructure or PKI is the governing body behind issuing digital certificates. It helps to protect confidential data and gives unique identities to users and systems. Thus, it ensures security in communications. Show
The public key infrastructure uses a pair of keys: the public key and the private key to achieve security. The public keys are prone to attacks and thus an intact infrastructure is needed to maintain them. Managing Keys in the Cryptosystem:The security of a cryptosystem relies on its keys. Thus, it is important that we have a solid key management system in place. The 3 main areas of key management are as follows:
PKI or public key infrastructure aims at achieving the assurance of public key. Public Key Infrastructure:Public key infrastructure affirms the usage of a public key. PKI identifies a public key along with its purpose. It usually consists of the following components:
Working on a PKI:Let us understand the working of PKI in steps.
Classes of a Digital Certificate:A digital certificate can be divided into four broad categories. These are :
Process of creation of certificate:The creation of a certificate takes place as follows:
Creation of Trust layers among CA Hierarchies:Each CA has its own certificate. Thus, trust is built hierarchically where one CA issues certificates to other CAs. Moreover, there is a root certificate that is self-signed. For a root CA, the issuer and the subject are not two separate parties but a single party. Security of Root CA:As you saw above, the ultimate authority is the root CA. Hence, the security of root CA is of huge importance. If the private key of a root CA is not taken care of, then it might turn into a catastrophe. This is because anyone disguised as the root CA can then issue certificates. To meet security standards, a root CA should be offline 99.9% of the time. However, it does need to come online to create public and private keys and to issue new certificates. Ideally, these activities should be performed 2-4 times a year. Use of PKI in Today’s Digital Age:Today, there are an enormous number of applications that need require authentication. Certifications are needed at millions of places. This can not be done without a Public key infrastructure. The importance of PKI, depending on the use case and needs, has evolved over time. Here is a part of that track.
Challenges that a PKI Solves:PKI owes its popularity to the various problems its solves. Some use cases of PKI are:
Other than these, one of the most important use cases of PKI is based around IoT(Internet of Things). Here are two industries that are using PKI for IoT devices:
Disadvantages of PKI:
What is public key infrastructure and how does it work?Public key infrastructure uses asymmetric encryption methods to ensure that messages remain private and also to authenticate the device or user sending the transmission. Asymmetric encryption involves the use of a public and private key. A cryptographic key is a long string of bits used to encrypt data.
Which is the best use of PKI?PKI is great for securing email for the same reason that it's great for securing web traffic: because data flowing over the open internet can be easily intercepted and read if it isn't encrypted, and because it can be difficult to trust that a sender is who they claim to be if there isn't some way to authenticate their ...
What can a public key certificate be used for?A public key certificate provides a safe way for an entity to pass on its public key to be used in asymmetric cryptography.
How is PKI used in authentication?PKI authentication uses a certificate to validate data being sent from one point to another. Each individual has a public key and a private key. Under PKI certificate-based authentication, this public key is shared and used to validate the identity of the person transmitting the data and to decrypt the data itself.
|