7.4. Using Public Key Infrastructure

The Public Key Infrastructure (PKI) is a first attempt to provide all the aspects of security to messages and transactions that have been previously discussed. The need for universal systems to support e-commerce, secure transactions, and information privacy is one aspect of the issues being addressed with PKI.

PKI is a two-key—asymmetric—system with four key components: Certificate Authority (CA), Registration Authority (RA), RSA, and digital certificates. Messages are encrypted with a public key and decrypted with a private key. As an example, take the following scenario:

  1. You want to send an encrypted message to Jordan, so you request his public key.

  2. Jordan responds by sending you that key.

  3. You use the public ...

Get CompTIA Security+™: Study Guide, Fourth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.