Public Key Infrastructure (PKI) - benjamin-s-hobbs/reading-notes GitHub Wiki
Public Key Infrastructure (PKI)
From: What is Public Key Infrastructure (PKI) (accessed by Benjamin Hobbs on 7/15/2023)
What is PKI?
-
Public Key Infrastructure (PKI) is a technology for authentication for users and devices.
- Basic Idea:
- A trusted party digitally signs a "document" to certify that a certain cryptological key (used for access) belongs to a particular user or device.
- The key (with the signed document) can then be used as an identity for the user on a digital network
- The purpose of PKI is to securely associate a key with an entity (user/device/program/process/component/etc.)
- Basic Idea:
-
The aforementioned Trusted Party is called a Certificate Authority (CA). A CA has a key that is used to sign these "documents" called certificates.
Common Use Cases for Certificates
-
Secure Web Sites - HTTPS
-
Authenticating Users and Computers - SSH
-
Email Signing and Encryption
Questions for Understanding
- Name the three main components which make up PKI.
- Public Key
- Private Key
- Public Key Cryptography
- How would you explain, to a non-technical friend, the role PKI plays in protecting traffic between your browser and a web server.
- Well, for one PKI is how HTTPS (secure websites) stay secure (and prevent others from listening in)
- Also- digital signatures is possible becuase of this technology
- What is the main weakness of the PKI architecture?
- any Certificate Authority can sign a certficate for any person or computer.