Abstract
Cryptographic algorithms are used for important tasks such as data encryption, authentication, and digital signatures, but one problem has to be solved to enable these algorithms: binding cryptographic keys to machine or user identities. Public key infrastructure (PKI) systems are built to bridge useful identities (email addresses, Domain Name System addresses, etc.) and the cryptographic keys used to authenticate or encrypt data passing among these identities. This chapter will explain the cryptographic background that forms the foundation of PKI systems, the mechanics of the X.509 PKI system (as elaborated by a number of standards bodies), practical issues surrounding the implementation of PKI systems, a number of alternative PKI standards, and alternative cryptographic strategies for solving the problem of secure public key distribution. PKI systems are complex systems that have proven to be difficult to implement properly. This chapter aims to survey the basic architecture of PKI systems and some of the mechanisms used to implement them. It does not aim to be a comprehensive guide to all PKI standards or to contain sufficient technical detail to allow implementation of a PKI system. These systems are continually evolving, and the reader interested in building or operating a PKI is advised to consult the current work of standards bodies referenced in this chapter.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
