1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Public Key Infrastructure (PKI) - Confused :(

Discussion in 'Windows Server 2003 / 2008 / 2012 / 2016' started by swatto, Sep 4, 2012.

Click here to banish ads and support Certforums by becoming a Premium Member
  1. swatto

    swatto Byte Poster

    Hi All,

    I have just been reading about this and I am a little confused about how it actually works, please could somebody explain? - I know you have a private key assigned to users or services etc but how does that fit in with the public key?

    Thanks for any help :)
    Certifications: BTEC Nat Dip: Software Dev, A+
    WIP: None Yet
  2. Spidey76

    Spidey76 Bit Poster

    In simple terms...

    A public key is used to encrypt and distributed publicaly while a private key is used to decrypt and held privately

    So If I want to send a message to you confidentialy, you would supply me with your public key. I would encrypt the message with your public key and send it to you. The only person capable of decrypting the message would be you because you hold the private key. If you want to send me a message confidentialy then I would supply you with my public key which you use to encrypt and I will decrypt it with my private key.

    As an analogy, think of the public key as a padlock and the private key as the key to that lock. You can distribute the lock to as many people as you like. If I wanted to send you a important package, I would put it in a secure box and lock it with your padlock. No one can open it, not me nor the courier. Only you have the padlock key - the private key.
    Last edited: Sep 4, 2012
    Sparky and swatto like this.
  3. swatto

    swatto Byte Poster

    Thank-you very much Spidey76, that analogy explains it very well. :)
    Certifications: BTEC Nat Dip: Software Dev, A+
    WIP: None Yet
  4. Monkeychops

    Monkeychops Kilobyte Poster

    Also remember that keys can be used the other way around for digital signatures.

    If you sign something with your private key, it can only be verified successfully by your public key.

    Seeing as you are the only person who should ever have your private key (always keep your privates private!) then it proves that it was really you who digitally signed something.
  5. Coupe2T

    Coupe2T Megabyte Poster

    Certifications: ECDL, Does that Count!?!
  6. dmarsh

    dmarsh Terabyte Poster

    You can also read up on One Way Functions and Prime Factorization for a more in depth understanding.
  7. swatto

    swatto Byte Poster

    Thanks all :D
    Certifications: BTEC Nat Dip: Software Dev, A+
    WIP: None Yet

Share This Page