# PKI means Public Key Infrastructure

# There are two types of securing data

1. Securing data at rest - Like data on hard drive as it is stored in memory ,RAM , floppy , DVD are data at rest 2. Securing data in transit - Like data moving from one place to another , examples are email , downloading a file , VoIP devices are data in transit

# So for securing data in transit PKI is invented

# PKI is based on three morals Authentication , Confidentiality and Integrity

# Authentication means before you start transmitting confidential information to a remote device , you want assurances that an imposter isn't spoofing that device. That device must send you something about itself that is trustworthy and verifiable.

# There are two methods to do the above verification.

1. Shared Secret Passwords. 2. Digital Certificates.

# Confidentiality is maintained through encryption of data. Keys are used to encrypt/decrypt data.

# These keys comes in two forms and needs to be exchanged.

1. Symmetric Keys - It has a same shared key from both ends. But the problem with symmetric key is it is less secure and easily hackable. Symmetric keys are computationally inexpensive and fast. 2. Asymmetric keys - PKI works on Asymmetric key form only. It has a public key and private (secret) key. These two public and private keys are mathematically derived from each other. So if it encrypted with public key , it can be decrypted only with the respective private key and the process can be done vice-versa when you send the data to others. Like I will encrypt it with my private key and it can be decrypted only with my public key ( Example - PGP Mail Encryption/Decryption Methodology )

# These symmetric or Asymmetric keys can be exchanged from one source to another securely by following methods.

1. Manual Configuration - Symmetric Key encryption 2. Token Generators - Like Google Authenticator also a symmetric key encryption method 3. IKE (Internet Key Exchange) 4. PKI - Developed for Asymmetric key encryption

# Integrity of data implemented through hashing algorithms.

# Hash Digest / Digital Fingerprints verify integrity.

1.png

2.png

#   PKI is a collection of technology , protocols , services , standards , and policies that control the issuing and management of public and private keys using digital certificates.

# Utilized with applications that implement Asymmetric keys.

# Information received from a device used for authentication is trusted because :