gen-define-public-key-infrastructure-and-give-one-short-worked-e-8015

Define public-key infrastructure and give one short worked example.

# Public-Key Infrastructure (PKI) ## Definition **Public-Key Infrastructure (PKI)** is a framework of policies, technologies, and procedures used to create, manage, distribute, and revoke digital certificates. It enables secure electronic communication by binding public keys to entities (people, organizations, devices) through trusted Certificate Authorities (CAs). **Key components:** - **Certificate Authority (CA)**: Trusted entity that issues digital certificates - **Digital certificates**: Electronic documents that verify identity and bind public keys to entities - **Public/Private key pairs**: Cryptographic keys for encryption and digital signatures - **Certificate repository**: Storage for issued certificates - **Certificate Revocation List (CRL)**: List of invalidated certificates ## Worked Example **Scenario**: Alice wants to send an encrypted email to Bob 1. **Bob obtains a certificate**: - Bob generates a key pair (public key: `PubB`, private key: `PrivB`) - Bob requests a certificate from CA - CA verifies Bob's identity and issues a certificate containing `PubB` and Bob's identity, signed by CA 2. **Alice sends encrypted message**: - Alice retrieves Bob's certificate from a directory - Alice verifies the CA's signature on the certificate (confirms it's really Bob's public key) - Alice encrypts her message with `PubB`: `Ciphertext = Encrypt(Message, PubB)` - Alice sends the ciphertext to Bob 3. **Bob decrypts**: - Bob uses his private key: `Message = Decrypt(Ciphertext, PrivB)` - Only Bob can read it because only he possesses `PrivB` **Result**: Secure communication established with verified identities.