Public Key Infrastructure

Ben SangsterFebruary 23, 2006

Outline

● What is Public Key Infrastructure (PKI)?● Functions and Components of PKI● How does PKI work?● Present day use of PKI● Future of PKI● Questions

What is Public Key Infrastructure?(also known as PKI)

● Technology that enables users to securely and privately exchange data over an unsecured medium without the loss of integrity or confidentiality

● Also manages how user and network resources are identified and given access to online information and services

Functions and Components of PKI

● Certification authority (CA)● Registration authority (RA)● PKI clients● Digital certificates● Certificate Distribution

System or repository● Keys (Public and Private)

Functions of PKI (cont.)

● Certificate Requests● Certificate Revocation● Client to Client

Interaction● Timestamping● Non-repudiation● Cross-certification

How does PKI work?

● Entities– Host A, B– RA, CA

● Objects– Public Keys for all entities– Private Keys for all entities– Digital Certificate– Hash Function– Message

Examples(Private Key, Certificate, Certificate Request)

● Sample Private Key (2048 bits, TXT format)● Sample CA Certificate (TXT format)● Sample Certificate Request (TXT format)

PKI Entities

Example of Certificate Request and Distro Architecture

Present Day Exampleof PKI in Use

● U. S. Department of Defense● Canadian Government● Corporate World● Academia

DOD PKI

Future of PKI

● Eventually, same distribution of PKI enabling hardware and software as we have seen in the growth of computers in homes and businesses

● The emergence and growth of e-commerce gives validity to PKI and its future (but PKI does not give e-commerce validity)

Questions