PKI technology is based mainly on the asymmetric cryptography - because it involves an asymmetric key pair. This key pair is comprised of a public key and a private key. The public key, as its name suggests, may be freely disseminated. This key does not need to be kept confidential. The private key, on the other hand, must be kept secret. The owner of the key pair must guard his private key closely, as sender authenticity and non-repudiation are based on the signer having sole access to his private key. A Certification Authority, who confirms and verifies the identity of an individual before issuing a certificate, certifies the key pair. This forms the 'Digital Identity' for that individual. The certificate issued is called the 'Digital Certificate'.
There are several important characteristics of these key pairs. First, while they are mathematically related to each other, it is impossible to calculate one key from the other. Therefore, the private key cannot be compromised through knowledge of the associated public key. Second, each key in the key pair performs the inverse function of the other. What one key does, only the other can undo. The private key is used for signing and decrypting a message or a document while the public key is used to verify or encrypt.
Individual
digitally signs electronic message with Private
Key to ensure Sender Authenticity, Message Integrity
and Non-Repudiation and sends the message.
Step
5
The receiving
party receives message, verifies Digital Signature
with the individual's Public Key, and goes to
Repository to check status and validity of Individual's
Certificate.
Step
6
Repository returns results of
status check on Individual's Certificate to verifying
party.
E-Lock and E-Lock logo are trademarks or registered trademarks of Frontier Technologies Corporation or its affiliates in the US and other countries. Other names may be trademarks of their respective owners. Windows and the Windows logo are trademarks of the Microsoft group of companies.
