Public Key Infrastructure

Topics: Public key infrastructure, Public-key cryptography, Certificate authority Pages: 9 (2320 words) Published: October 11, 2013


Public Key Infrastructure
(PKI)

TS5130 System Development Theory and Practice

June 16, 2007

Table of Contents

Purpose and Function:7
How PKI Works:9

Table of Figures

Figure 1: Required Key and Certificate Management Services 8 Figure 2: How PKI Works10

Abstract

This paper is intended to show the importance using a Public Key Infrastructure (PKI). PKI is a broad subject matter and is constantly evolving to meet the growing demands of the business world. This paper will address PKI at a relatively high-level and will not include details regarding the underlying cryptography (Weise, 2001). This paper will cover the history behind PKI, why we should us PKI, its purposes and functions how PKI works.

Introduction

With today’s security threat of hackers, spammers and viruses infecting computers, PKI is an essential component of an overall security strategy that must work in concert with other security mechanisms, business practices, and risk management efforts to help protect vital information (Weise, 2001). The Internet isn’t the only area of security that needs PKI, e-mail systems need to incorporate a higher level of security through digital signatures and e-mail encryption within the work environment to ensure business information is exchanged between validated and trusted recipients.

History

Public Key Infrastructure (PKI) is simply the single most effective method for securing a public communications networks, and is used throughout the world for the transmission of sensitive data. Government agencies, the U.S. Army, Navy, Air force, financial and medical institutions use PKI to ensure their communications are protected and safe from unwanted hackers and accidental transmission of sensitive communications to others.

The notion and concept of PKI dates back to the original paper on public key cryptography (Whitfield Diffie and Martin Hellman, 1976). What you might know about Diffie and Hellman is that they invented the concept of asymmetric ciphers, ones where there are two related keys, as opposed to symmetric ciphers, where there is only one key used. In their proposal, they suggested using two values that were related via some very slow to compute mathematical function, but where one value could be used to encrypt a message and the other to decrypt the enciphered message. Because the relationship between the two values would be non-trivial to compute, one of the key pair could be made public with no loss in the security of other, private, and key (Farrow, n.d.).

With the invention of PKI by Diffie and Hellman, they inevitably changed secure communications entirely and how we use it today. With the further development of high speed digital electronic communications the Internet and its predecessors, a need became evident for ways in which users could securely communicate with each other, and as a further consequence of that, for ways in which users could be sure with whom they were actually interacting. The idea of cryptographically protected certificates binding user identities to public keys was eagerly developed (Wikipedia, n.d.).

Vendors and entrepreneurs saw the possibility of a large market, started companies (or new projects at existing companies), and began to agitate for legal recognition and protection from liability. An American Bar Association technology project published an extensive analysis of some of the foreseeable legal aspects of PKI operations (see ABA digital signature guidelines), and shortly thereafter, several US states (Utah being the first

in 1995) and other jurisdictions throughout the world, began to enact laws and adopt regulations....

References: Farrow, Rik. Private Key Infrastructure; or, why there is no Public Key Infrastructure. Retrieved May 1, 2007 from: http://www.spinit.com/Network/net0903.html
Miller, Jason. GCN Staff (2006, November). PKI gets shot in the arm from HSPD-12. Government Computer News, page 7.
Entrust. (2006). Securing Digital Identities & Information. What is a PKI? Retrieved May 1, 2007 from: http://www.entrust.com/pki.htm?source=overture
Weise, Joel. Sun Microsystems (August 2001) Public Key Infrastructure Overview. Retrieved May 28, 2007 from: www.sun.com/blueprints
Unknown Author. Public Key Encryption and Public key Infrastructure – Explained. Retrieved May 1, 2007 from: https://www.safe-mail.net/support/eng/help/protectsecure/pki.html
Wikipedia, the free encyclopedia. (2007). Public Key Infrastructure. Retrieved May 1, 2007 from: http://en.wikipedia.org/wiki/Public_key_infrastructure

Wikipedia, the free encyclopedia. (2007). Digital Signature. Retrieved May 1, 2007 from: http://en.wikipedia.org/wiki/Digital_signature

Unknown Author. Public Key Encryption and Public key Infrastructure – Explained. Retrieved May 1, 2007 from: https://www.safe-mail.net/support/eng/help/protectsecure/pki.html
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Public Key Infrastructure Essay
  • Public Key Cryptography Essay
  • Essay on Public Key Encription
  • Essay about Public-key Cryptography and Access Control
  • Public Key Infrastructure Essay
  • Essay about Public Key Infrastructure
  • Pretty Good Privacy and Public Key Infrastructure Essay
  • Public Key Cryptography Essay

Become a StudyMode Member

Sign Up - It's Free