Dartmouth College
PKI Outreach







space picture

PKI Overview


Public Key Infrastructure encompasses comprehensive security technologies and policies using cryptography and standards to provide fundamental computing infrastructure improvement.  PKI features:

  • User authentication stronger than traditional “passwords on servers” mechanisms,
  • Digital signing of email and other documents proving the originator’s identity and faster, more efficient, paper free business processes, and
  • Encryption to protect critical email and other data in user-focused manner.
 
Point solutions exist for each feature, but only PKI addresses them all well with standards and broad industry support.  Robust services and commercial and open source tools provide a sound PKI foundation.  Browsers, Web servers and services, email readers and list servers, database servers, PDF readers, VPN appliances, WPA wireless authentication, USB keys, and smart cards all have integrated PKI support. Because PKI is standards-based, these all can interoperate with each other.
 
PKI uses asymmetric key pair encryption. One key of the pair is the only way to decrypt data encrypted with the other.  Users and servers have industry standard certificates to associate their key pairs with their identity and information such as the authority that issued the certificate and designated uses for the certificate.  Certificate Authorities (CAs) issue PKI certificates and attest to the validity of the identity specified by the certificate.  Operating systems, applications, hardware add-ons, and servers use PKI certificates and keys for authentication, digital signing, authorization and encryption.  PKI enables trust between two or more parties (possibly from different organizations or nations) without prior knowledge of each other.

Slides Introducing PKI Technology

PKI uses X.509 certificates associated with asymmetric keys accessed by applications in a key store.

Slides About Certificates
Slides About Key Stores