🔐

Overview of PKI and Encryption Techniques

Apr 15, 2025

Public Key Infrastructure (PKI) and Cryptography Lecture

Introduction to Public Key Infrastructure (PKI)

  • Definition: PKI is a broad term in cryptography usually referring to policies, procedures, hardware, and software responsible for creating, distributing, managing, storing, revoking, and performing processes associated with digital certificates.
  • Importance: Requires substantial planning and decisions about encryption methods within a company.
  • Association: PKI is used to associate certificates to people or devices, generally with a Certificate Authority (CA).
    • Trust is based on verifying the identity of users or devices.

Symmetric Encryption

  • Concept: Uses the same key for encryption and decryption.
    • Often depicted in movies as a secret key in a suitcase, secured by handcuffs.
  • Terminology: Sometimes called a "secret key algorithm" or "shared secret".
    • The same key is shared for encryption and decryption, which can create scalability issues.
    • Difficult to manage and share keys beyond a small group (e.g., 10 people/devices).
  • Usage: Despite drawbacks, it's used extensively due to speed and low overhead compared to asymmetric encryption.

Asymmetric Encryption

  • Concept: Uses two different keys—one for encryption (public key) and another for decryption (private key).
    • Both keys are mathematically related and created simultaneously.
  • Key Management:
    • Private Key: Only accessible to one person or device.
    • Public Key: Available to the public and used by anyone to encrypt data.
  • Process:
    • Data encrypted with a public key can only be decrypted with the corresponding private key.
  • Security: Public and private keys are mathematically related, but it's impossible to derive one from the other.

Key Generation and Use

  • Tools: Applications like PGP or GPG facilitate asymmetric encryption.
  • Creation: Involves randomization, prime numbers, and cryptography, generating a public-private key pair.
    • Public Key: Distributed widely.
    • Private Key: Stored securely, often with a password for extra protection.

Example Scenario: Alice and Bob

  • Scenario:
    • Alice creates a public-private key pair.
    • Bob uses Alice's public key to encrypt a message and sends the cipher text to Alice.
    • Alice uses her private key to decrypt the message, reverting it to plain text.
  • Security: Only Alice’s private key can decrypt Bob's encrypted message, ensuring security.

Managing Keys in Large Environments

  • Challenges: Managing numerous public and private key pairs for hundreds or thousands of users.
  • Solutions:
    • Key escrow: Third parties manage private keys.
    • Storing keys locally for continued access even if a user leaves.
    • Providing access to encrypted data for organizational continuity.

Conclusion

  • Asymmetric encryption provides robust security by utilizing mathematically related public and private keys.
  • Effective key management is crucial in large organizations to maintain data access and security.

Full transcript