Better Security
Newsletter
Enter your e-mail address below to sign up for our newsletter!
The two keys
The method is based on each user having two keys in the form of series of thousands of characters with a complex mathematical relationship. The open key is available to all. The sender encrypts a message using the receiver's open key, not his or her private one. The private key, which decrypts the message, is available only to the receiver. The private key is normally unknown even to the receiver, but it is not necessary to know the key to use it. Messages cannot be decrypted using the open key.
PKI requires trusted certification authorities - government agencies, businesses or other organizations - that issue and manage certificates. A certificate is a data format and a method of distributing open keys.
A certification authority guarantees that a specific person has a specific key pair, with one open and one private key. Certification authorities must therefore have secure routines for confirming the identities of the persons to which they issue certificates. Equally important are routines for revoking certificates and listing them for certificate revocation when, for example, someone leaves a company.