PKI infrastructure is a set of technology that provides encryption and authentication that is used in digital communication. It is what ensures safe communications between endpoints. Its main components are certificate authority, registration authority, certificate database, central directory, certificate policy, and certificate management system. The PKI infrastructure includes everything from hardware/software to policies that enables the capability to create, manage, distribute, use, store, and revoke certificates and public keys.
Public key infrastructure is based on public key cryptography, also known as asymmetric cryptography. Asymmetric cryptography uses two keys, public and private to encrypt and decrypt data. Public key is known to everyone and is used for verifying signatures (authentication) while private keys are used for signing. Since you have two keys, you use one to encrypt and use the other corresponding key to decrypt. This increases security since private keys don’t have to be revealed to anyone and you don’t need to share one keys, fixing scalability issue. Also, this key system ensures verification of a message sender, allowing for nonrepudiation.
Certificate authority is the entity that issues certificate and is a trusted party. Certificate is a digital document that has information like public key and other data of the respective private key. Registration authority is the middle man for certificate. Certificate is simply a data file that is used to encrypt data and identify users who request it. There are different types of certificates like SSL/TLS website security certificates, S/MIME certificates, document signing certificates, and even code signing certificates.
HansITAcademy 