US Federal PKI: Part I - Getting Started and the Value of Validation
Understanding the Basics: Bare Necessities In order to understand Federal PKI systems, it is first imperative to understand the concepts, components, and challenges around it. The following are high level overviews of these topics. What is PKE? Public Key Encryption is a type of asymmetric encryption, used to ensure confidentiality, integrity, and nonrepudiation of a message. In Public Key Cryptography, the user has a private key , which only they will ever have, and a public certificate that is published for external use. The private key and public key work in opposites to encrypt and decrypt data. Anything encrypted by the public key can only be decrypted by the private key, and visa versa. The benefit here is that anything a user signs with their private key proves that they did in fact sign it, as only they have that key. Anything encrypted with the user’s public key, can then only be decrypted by them. What is PKI? Public Key Infrastructure is the underlying