Without the key, the message is
relatively secure, since nobody can read it without resorting to some form of brute force
key attack that could take months, if not years, to yield useful results.
A public key infrastructure (PKI) encrypts and decrypts data using digital keys that
are applied to data to generate ciphertext (the encrypted form of the data) that can then
be freely transmitted anywhere in the world. You need not be concerned about potential
interceptions, because the data is useless without the appropriate key to convert the
ciphertext back to plain text (unencrypted data). PKI actually uses two keys to encrypt
and decrypt data: a public key and a private key. The public key can be made available
to anyone and can be used to encrypt data. However, the data can be decrypted only by
someone who has the private key.
Throughout this book, we??™ve discussed a number of services that utilize digital certificates
to perform encryption and authentication services. Certificates are simply keys
generated by the PKI system, in this case a certification authority (CA). Whether you
realize it or not, you interact with PKI on a daily basis. For example, when you make an
online purchase, you are typically redirected to a section of the seller??™s Web site that is
secured using Secured Socket Layer (SSL), which uses digital certificates generated by
a PKI system to guarantee the server??™s identity and to establish a secure encrypted connection
between the client and server.
Pages:
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434