Introduction

Imagine you want to send a message to someone, the message could be something private like your passwords and bank documents or something highly sensitive like corporate or government files. The message is propagated into free space through radio waves and then optical fibers, it may also go through multiple servers before reaching your recipient. How can we make sure no one eavesdrops on your communications? There is nothing stopping someone from digging up the cables underground, breaking into the servers or listening in to the radio waves to capture the data and steal your information.

Is there a way to mix up the message in a very special way before sending it, so that, to anybody other than the recipient, it looks like a load of junk ?

Yes, and this, is called encryption.

If the recipient knows exactly how we messed up the data, they can reverse the operations that we did to get back our original message.

There are two ways to do this: symmetric encryption and asymmetric encryption. In symmetric encryption, at the senders end some operations are performed to encrypt the data and at the receivers end these same operations are reversed to decrypt the data. However, this is not very secure, because the information on the exact mathematical operations have to be known to both sender and receiver, in other words, they share the same secret key. Sending this key securely is a challenge in itself, and at any point if an attacker gets ahold of this key, they can decrypt all future and past messages.

In the modern world we use something called asymmetric key cryptography also known as Public-key Cryptography.

Public-key Cryptography (PKI)

In public key cryptography, also known as Public Key Infrastructure, Alice and Bob each have two keys: a public key and a private key. The public key can be shared to anybody without security risk. But the private key should be kept secret. The public key and private key are generated together and are mathematically related, they are hence called key pairs. For example, Alice generates her public-private keypair and Bob can do the same. The public key contains information on how to encrypt the message and only it’s corresponding private key can decrypt the message.

If Alice and Bob wish to communicate using PKI, first both of them generate their own public-private keypairs. Then both Alice and Bob share their public-keys to each other so that they can encrypt messages. Since the public keys can do nothing other than encrypt messages and contain no information about the related private key, they can be transferred over unsecured networks without risk. Just by knowing the public key, an attacker gets no closer to decrypting the message. One of the key security principles that make PKI so advantageous is that the private keys never have to leave Alice/Bobs devices.

A nice graphical overview. Credit: William Dawson

Now with this hand-wavy introduction to PKI, we are ready to move on to the next section to get a feel for where PKI schemes come into play in the modern world, so that in the forthcoming section on Quantum Computers the consequences of vulnerabilities in todays cryptosystems are more obvious. This will also add to the relevance of Post Quantum Encryption schemes in later sections.

---

Continue reading, Chapter 2: PKI in Practice

Description:
Overview of some of the real-world applications of Public Key Infrastructure (PKI). Explore how PKI frameworks enable secure communication, digital signatures, and authentication in modern systems.

---