Username / Password :   
Main Navigation
         About Dictionary
Microsoft Users

    $  .  /  0  1  2  3  4  6  8  9  A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  [  ~
The LinuxDig.Com Linux Dictionary is currently in Beta.
You can help, email Comments or Suggestions here.
I.E. users please click.
Number of Terms : 8142 Number of Definitions : 9135

PKI (Public Key Infrastructure)

1. PKI is the next wave of cryptography. Traditional cryptography (since the time of the ancient Greeks) has been based upon the concept of the "shared secret" (such as a password). This was good, but it suffered from the problem of having to communicate that secret among those people who should know it -- anybody who knew the secret could forge messages to anybody else or decrypt messages intended for other people. In 1970, a new technology called "asymmetric" cryptography was discovered in which a pair of keys could be used: one for encryption-only, and the other for decryption-only. The key used to encrypt could not decrypt, and vice versa. This peculiar mathematical property was discovered to be fantastically useful. For example, you can publish one of the keys to everyone in the world, who can then use it to encrypt a message to you that only you can decrypt. For this reason, the technology is better known as public-key cryptography. The technology works in the other direction as well. This means that you could encrypt a message with your private-key and send it out, and everyone with your public-key will know that it could only have come from you, because only you know your private-key. This authenticates that you are who you say you are. These and other properties provide solutions to a wide number of longstanding issues with cryptography. The various uses for public-keys have been bundled together in what is known as a new cryptographic infrastructure: PKI. Key point: PKI consists of: certificates A public and/or private key is stored in a file called a "certificate". It also includes identification information as to who the own of the certificate is, as well as a signature by a CA validating that the data hasn't been forged. Certificate Authorities (CA) Certificates are issued by a Certificate Authority, who usually will sign the certificate as well as provide some revocation facilities. Certificate Revocation Lists (CRLs) If the private-key is compromised (i.e. inadvertently made public), then the certificate containing that key needs to be "revoked". That essentially means the CA who assigned the certificate posts the certificate on its website. This allows people to publicly check this fact. repositories (e.g. LDAP directories) So that public-keys for people can be found. Uses: PKI (public-keys, certificates, etc.) is used in: S/MIME Secure e-mail. PGP Also secure e-mail. Smart card SSH SSL IPsec From Hacking-Lexicon
Source:
Linux Dictionary (version 0.12)
author: Binh Nguyen
linuxfilesystem(at)yahoo(dot)com(dot)au

This Linux Dictionary is distributed under the GNU
Free Documentation License. Online version is at
http://www.tldp.org/LDP/Linux-Dictionary/html/index.htm



Site Hosted By Digital Environments, Inc. This Website was Created with DE-Web Version 1.9.7.4,
The Fast, Web Based - Website Design Tool, Groupware and Web Hosting System by Digital Environments, Inc.
Groupware:Project Management, Sales Tracking, Web Site Design and News / Blogger all in one package.