Public Key Infrastructure (PKI) and Cryptography

Introduction to PKI

Definition: PKI refers to policies, procedures, hardware, and software responsible for managing digital certificates.
Functions: Includes creating, distributing, managing, storing, revoking, and handling digital certificates.
Importance: Essential for planning encryption methods within organizations.
Association: Used with Certificate Authority (CA) to ensure trust in users or devices.

Definition: Uses the same key for both encryption and decryption.
Characteristics:
- Often depicted as a secret key in secure transport (e.g., handcuffed suitcase).
- Known as a "secret key algorithm" or "shared secret."
Challenges:
- Scalability issues when sharing keys among many users or devices.
- Key management complexities.
Advantages:
- Fast and low overhead.
- Commonly used alongside asymmetric encryption.

Definition: Uses two different keys for encryption and decryption—public and private keys.
Key Characteristics:
- Mathematically related keys.
- Created simultaneously.
- Private Key: Only accessible by the owner.
- Public Key: Available to anyone.
Process:
- Public key encrypts data.
- Private key decrypts data.
- Security ensured as public key cannot derive the private key.
Applications:
- Used in applications like PGP or GPG.
- Involves randomization and cryptography in key generation.

Key Generation Process:
- Involves creating a public-private key pair.
- Uses large prime numbers and randomization.
Example:
- Alice generates keys and distributes the public key but keeps the private key secure.
- Bob uses Alice's public key to encrypt a message, which only Alice can decrypt with her private key.

Challenges:
- Managing keys for many users.
- Potential need for third-party key escrow.
Solutions:
- Storing keys locally with secure access.
- Handing over keys in scenarios requiring key access (e.g., departing employees, government projects).
Considerations:
- Balancing security with operational needs.
- Maintaining data availability and uptime.