Public Key Infrastructure (PKI) - Confused :(

Discussion in 'Windows Server 2003 / 2008 / 2012 / 2016' started by swatto, Sep 4, 2012.

  1. swatto

    swatto Byte Poster

    168
    3
    22
    Hi All,

    I have just been reading about this and I am a little confused about how it actually works, please could somebody explain? - I know you have a private key assigned to users or services etc but how does that fit in with the public key?

    Thanks for any help :)
     
    Certifications: BTEC Nat Dip: Software Dev, A+
    WIP: None Yet
  2. Spidey76

    Spidey76 Bit Poster

    37
    4
    8
    In simple terms...

    A public key is used to encrypt and distributed publicaly while a private key is used to decrypt and held privately

    So If I want to send a message to you confidentialy, you would supply me with your public key. I would encrypt the message with your public key and send it to you. The only person capable of decrypting the message would be you because you hold the private key. If you want to send me a message confidentialy then I would supply you with my public key which you use to encrypt and I will decrypt it with my private key.

    As an analogy, think of the public key as a padlock and the private key as the key to that lock. You can distribute the lock to as many people as you like. If I wanted to send you a important package, I would put it in a secure box and lock it with your padlock. No one can open it, not me nor the courier. Only you have the padlock key - the private key.
     
    Last edited: Sep 4, 2012
    Sparky and swatto like this.
  3. swatto

    swatto Byte Poster

    168
    3
    22
    Thank-you very much Spidey76, that analogy explains it very well. :)
     
    Certifications: BTEC Nat Dip: Software Dev, A+
    WIP: None Yet
  4. Monkeychops

    Monkeychops Kilobyte Poster

    301
    22
    25
    Also remember that keys can be used the other way around for digital signatures.

    If you sign something with your private key, it can only be verified successfully by your public key.

    Seeing as you are the only person who should ever have your private key (always keep your privates private!) then it proves that it was really you who digitally signed something.
     
  5. Coupe2T

    Coupe2T Megabyte Poster

    590
    43
    67
    Certifications: ECDL, Does that Count!?!
  6. dmarsh
    Honorary Member 500 Likes Award

    dmarsh Petabyte Poster

    4,305
    503
    259
    You can also read up on One Way Functions and Prime Factorization for a more in depth understanding.
     
  7. swatto

    swatto Byte Poster

    168
    3
    22
    Thanks all :D
     
    Certifications: BTEC Nat Dip: Software Dev, A+
    WIP: None Yet

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.