Introduction: – In this tutorial you will learn about some distinct properties and uses of some security services. Yes, I’m talking about the PKI and Digital Certificates. So, let us dig deep into it.
PKI (Public Key Infrastructure): –
PKI is a service that allows internet users and other public networks in having a secured communication, data or monetary exchange, or even files exchanging. This is done through a key pair combination, public and private keys sanctioned by any certificate authority. It helps in facilitating a secured electronic transfer of information for a set of network activities like: the e-commerce, online-banking, sending of confidential mails etc.
Types of PKI (Public Key Infrastructure): –
i) Symmetric Encryption System: In such types of PKI systems, only a single key is used for both encrypting as well as decrypting.
ii) Asymmetric Encryption System: In such types of PKI systems, two different keys are used (one is the public key while the other – private key). This means when encrypting is done using the public key, the same can be decrypted using the private key and vice versa.
iii) Both Public & Private Key system: In such types of PKI systems, it uses both public systems, that is the asymmetric cryptography (most commonly used) as well as private systems that is the symmetric cryptography.
Managing the Key: –
The main goal and wow-factor of cryptosystem is how to securely manage the keys. A improper handling of keys results in weak security irrespective of the fact that how strong your algorithm is, or how powerful cryptographic schemes are used, results will go in vain. According to researches, it has been found that the cryptographic systems fall under the prey of attackers not because of weak design and less strong algorithms, but mostly because of fragile key management techniques. So to deal with it effectively, you must follow certain pre-designed measures and key management life-cycle as mentioned below –
Digital Certificates: –
Basically a certificate is a proof of hard copy issued to a person like a ID card. It can be considered as an electronic or e-passport that allows an user, software packages, any system or organisation or any other thing that needs to prove its identity in the digital world, in exchanging data or classified information over the internet with the help of PKI (Public Key Infrastructure). Public key certificate is another name form digital certificate. Digital certificates are dependent on the ITU standard X.509 that characterises a typical certificate layout for public key certificates & certification validation. The CA (Certificate Authority) electronically signs this complete set of information that includes digital signature within that certificate.