Showing posts from April, 2020

Understanding the Trusted Platform Module

“Trust” is what was the starting point of discussion on PKI. The public key infrastructure is based on the premise to enable trust between unknown parties to ensure the secure transmission of information. Another element that ensures trust is the Trusted Platform Module. The previous discussion ended on questions about key management and key security. Keys is one of the most critical components of the PKI and hence keeping them secure and maintaining their history is of paramount importance. What would you do if you have to keep a piece of information ( in this case - keys) secure? Keep it under lock and key ( pun intended). Whenever we face such difficult questions, intelligent minds have always come to our rescue. Trusted Platform Module (TPM) was conceived by a computer industry consortium called Trusted Computing Group (TCG), and was standardized by International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) in 2009 as ISO/IEC 11

The Workings of PKI

In the previous blog post, we learnt about the various pieces of the puzzle called the public key infrastructure. It’s time to learn how these pieces work after fitting together. The PKI is made up of the following different components. • Certification authority • Registration authority • Certificate repository • Certificate revocation system • Key backup and recovery system • Automatic key update • Key Management To help understand the workings of a PKI, let’s try to take a day to day example and then try to learn through it on the workings of the PKI. Let’s say that Oslo wants to get him a passport. He needs this to prove to everyone that he is Oslo when he visits another country. The passport issued by the Government will be his way to enable trust with another country’s systems and people. They may not know him, but they will trust the passport that he is carrying. Now Oslo wants to apply for the passport. So he goes to the registration authority or the passport offi

What is Public Key Infrastructure (PKI)?

Quite often in the world of cryptography will you hear the term, PKI or Public Key Infrastructure. While people often use this term loosely without understanding ( and even appreciating) the whole gamut which this word entails, it is extremely important for a security professional to understand what PKI represents. Have you ever visited a store like that of Best Buy or Big Bazaar etc? They provide you with almost everything you can imagine. Public Key Infrastructure, henceforth referred to as PKI in the blog post, is a set of programs, procedures, algorithms, communication protocols, security policies that work together to enable secure transmission of information. PKI is an ISO authentication framework that uses public-key cryptography and the X.509 standard. PKI is not just an encryption standard or a technology, it is a complex assortment of various aspects that work together. We have learnt about confidentiality, integrity, privacy, non-repudiation and PKI offers all of t