From the dWb website
Archived Article

Now is the time to start looking at this technology in more detail. As the tentacles of e-Commerce begins to expand into our lives, the protection of the information becomes vital.

Understanding Public Key Infrastructure

The way the business world is changing requires that corporate security adapts to provides the necessary information protection.

What is PKI? This seems to be a simple and obvious question. The answer is neither simple nor obvious. To provide a basic understanding to the technology a simplified definition is the framework to provide security through cryptography.

Cryptography uses mathematical algorithms and processes to convert machine readable data into non-machine readable data. Thus making the contents of the data unusable. This is the protection - unusable data.

This is just the beginning of the problem. Now that the data has been encrypted and sent the receiver must be able to decrypt it. They also need the key. How do they get it? Now we enter the world of secret agents and military style security because we need to know who to give the key.

There are two main kinds of cryptography: shared secret (sender and recipient have the same key) and public key. The recipient makes his public key known to the sender, the sender uses this to encrypt then the recipient uses his private key to decrypt. The sender uses his private key to generate a certificate which can be verified by the recipient using the senders public key. As everybody has access to the public key it is vital that only the correct recipient receives the message. How is this done?

A certificate of authentication is issued by a trusted Certificate Authority (CA), to bind a public key to a person, application or service.

The basic functions that need to be handled by PKI are:

  • Registering users
  • Issuing certificates
  • Revoking certificates
  • Time-stamping
  • Key lifecycle management
  • Certificate repository
  • Cross certification
  • Key backup / recovery

So PKI is not just about encryption it is about the management and usage of cryptography. It will change our future. It will change the way we handle security. It is important to understand it.
This document maintained by dwb@dwb.co.uk. -------- Material Copyright © 1999-2002 dWb