Public Key Infrastructure

1. Public Key Infrastructure By Rahul R Shelar Rajani Muraleedharan Sreekumaridevi

2. Public Key Infrastructure • Project Roles Rajani: • Research on Architecture , Implementation and Issues Associated. Rahul: • Research on Cryptography Design Issues,Trade Offs. • DOCUMENTATION

3. Public Key Infrastructure • PROJECT DESCRIPTION • The project deals with the Architecture of PKI , its Implementation and Issues Associated with it. • Design Issues of PK Cryptography and PK Infrastructure Architecture • Architecture • Public Key Cryptography • Digital Signatures & Certificate • Certificate Authorities • Registration Authorities • Repositories • Cryptography • Algorithm • Rivest-Shamir-Adlemann (RSA Algorithm) • Pretty Good Privacy (PGP) • Types of PKI Closed PKI , Open PKI , Hierarchically oriented PKI , Network oriented PKI , Browser oriented PKI

4. Public Key Infrastructure • Applications of PKI • Advantages • Disadvantages • Progress • Conclusion

5. Public Key Infrastructure FOCUS AREAS • Public key infrastructure • Encryption Algorithms • Advantages and Disadvantages • Standard specification

6. Public Key Infrastructure • PROJECT DESCRIPTION • What is PKI ? Public-key infrastructure (PKI) is the combination of software, encryption technologies, and services that integrates digital certificates, public-key cryptography, and certificate authorities into a total, enterprise-wide network security architecture.

7. Principal Security Functions PUBLIC KEY CRYPTOGRAPHY • Confidentiality - to keep information private  • Integrity - to prove that information has not been manipulated  • Authentication - to prove the identity of an individual or application  • Non-repudiation - to ensure that information cannot be disowned

8. PrincipalSecurity Functions

9. Public Key Infrastructure DIGITAL SIGNATURES •  A Digital Signature is a block of data created by applying a cryptographic signing algorithm to some data using the signer's private key.

10. Public Key Infrastructure CERTIFICATE AUTHORITY ( CA ) The CA system is the trust basis of a PKI as it manages public key certificates for their whole life cycle. The CA will: • Issue certificates by binding the identity of a user or system to a public key with a • digital signature • Schedule expiry dates for certificates • Ensure certificates are revoked when necessary by publishing Certificate Revocation • Lists (CRLs) REGISTRATION AUTHORITY (RA) The Registration Authority (RA) is to evaluate the credentials and relevant evidence that a person requesting a certificate is as claimed, certify for the association of an electronic identification, public key and approves the request for issuance of a certificate by a CA.

11. Public Key Infrastructure • PKI-ENABLED APPLICATIONS • A PKI is a means to an end, providing the security framework by which PKI-enabled applications can be confidently deployed to achieve the end benefits. • Communications between web servers and browsers • E-mail • Electronic Data Interchange (EDI) • Credit card transactions over the Internet

12. Public Key Infrastructure CONCLUSION • A main driver of PKI technology is the world’s ever-growing dependence on the Internet and all it has to offer is securing all types of e-business activities • Regrettably, four years into the PKI development process, policy-makers and technology-providers have still failed abysmally to appreciate the privacy risks inherent in PKI

13. Public Key Infrastructure • Research Databases • www.networkmagazine.com • http://www.infosyssec.net/infosyssec/pkibib1.htm • http://www.rsasecurity.com/rsalabs/faq/3-1.html • http://grouper.ieee.org/groups/1363/P1363/ • http://jitc.fhu.disa.mil/pki/intro.htm • http://www.infosecuritymag.com/articles/march01/columns_executive_view.shtml • http://www.afb.org.uk/ • http://csrc.nist.gov/publications/nistpubs/800-25/sp800-25.pdf • http://www.pkilaw.com/#basics_1 • http://www.pkilaw.com/9902issp-Book/sld002.htm

14. QUESTION…………..

15. Thank U…….