Q. What do you understand by cryptography? Explain in detail the Public Key Infrastructure (PKI). (3+7 marks)
answer:
The study of protecting communications from outsiders is called encryption. In other words, the technology that secures information and communication through code so that only the person who intended it can understand and process the information is called encryption.
Cryptography focuses on four different objectives:
- Confidentiality
- Non-repudiation
- Integrity
- Authenticity
Crptography is further subdivided into following:
- Secret Key Cryptography for eg: AES, DES, Caesar Cipher
- Public Key Cryptography for eg: ECC, Diffie-Hellman , DSS
- Hash Function for eg: MD5, SHA-1, SHA-256, SHA-512, Whirlpool, Blake 2
Public Key Infrastructure
Public Key Infrastructure is the framework of encryption and cybersecurity that protects communications between the server (your website) and the client (the users). PKI provides assurance of public key, identification of public keys and their distribution.
Major components of PKI are:
a) digital certificate
A form of electronic identification for websites and organizations. A secure connection between two communicating devices can be used through a PKI because certificates can be used to verify the identity of one party. Digital certificates are not only issued to people, but can also be issued to computers, software packages, or anything else that proves identity in the electronic world.
B) Certification center
Issue certificates to clients and help other users verify certificates. The CA is responsible for correctly identifying the client requesting the certificate, verifying that the information in the certificate is correct, and digitally signing it.
c) The registration authority
Issue digital certificates to users on a case-by-case basis. All certificates requested, received and revoked by CAs and registrars are stored in an encrypted certificate database. Google Wallet is a good example.
d) Certificate management system
A system by which certificates are issued, suspended, renewed or revoked. We generally do not revoke certificates as we may need to prove our status at some point for legal reasons.
e) private key symbol
The client's public key is stored in the certificate, but the private secret key can be stored on the key owner's computer. If an attacker gains access to your computer, they can easily access your private key.
Some of the PKI algorithms are:
- AES 256 Certificate
- Diffie Hellman
- RSA key exchange
- RSA Diffie Hellman
- DSA
No comments:
Post a Comment