Planning Your Public Key Infrastructure

Previous Topic Next Topic

How PKI Works

A PKI is based on certificates. A certificate is a digitally signed statement containing a public key and the name of the subject. There can be multiple types of names in the certificate by which the subject is known, such as a directory name, e-mail name, and Domain Name Service (DNS) name. By signing the certificate, the certification authority verifies that the private key associated with the public key in the certificate is in the possession of the subject named in the certificate.

A certification authority, frequently a third-party company, issues a trusted user a certificate containing a public key. This certificate can be freely distributed. The public key can be used to encrypt data that can only be decrypted using an associated private key, which is also provided to the user. The user keeps the private key secure, so that no one else has access to it. The private key can be used to create a digital signature that can be confirmed by the public key.

The basic idea of public key cryptography is that there are two keys that are related. One key can be passed openly and freely between parties or published in a public repository; the other key must remain private. There are also different types of public key algorithms, each with its own characteristics. This means that it is not always possible to substitute one algorithm for another. If two algorithms can perform the same function, the detailed mechanism by which that result is obtained varies. With public key cryptography, the two keys are used in sequence. If the public key is used first, followed by the private key, then this is a key exchange operation. If the private key is used first, followed by the public key, this is a digital signature operation.

You can create your own certification authorities within your enterprise, and you can use third-party companies that provide commercial certification services.

PKI processes information in a way that simultaneously identifies and authenticates the source. It makes identity interception very difficult and prevents masquerading and data manipulation. Table 12.1 describes some of the ways you can use PKI in an enterprise.

Table 12.1 Leading Applications for Digital Certificates

Application Uses
Secure e-mail Secure e-mail clients use certificates to ensure the integrity of e-mail and to encrypt e-mail messages for confidentiality.
Secure Web communications Web servers can authenticate clients for Web communications (using client certificates) and provide confidential, encrypted Web communications (using server certificates).
Secure Web sites Internet Information Services (IIS) Web sites can map client certificates to authenticate users to control their rights and permissions for Web site resources.
Digital signing of software files Code-signing tools use certificates to digitally sign software files to provide proof of file origin and to ensure the integrity of data.
Local network Smart Card authentication The Kerberos logon protocol can use certificates and the private key stored on smart cards to authenticate network users when they log on to the network.
Remote access Smart Card authentication Servers that are running the Routing and Remote Access service can use certificates and the private key stored on smart cards to authenticate network users when they log on to the network.
IPSec authentication IPSec can use certificates to authenticate clients for IPSec communications.
Encrypting File System (EFS) recovery agent Recovery agent certificates enable recovery of EFS files encrypted by other users.

© 1985-2000 Microsoft Corporation. All rights reserved.