ZyWALL 5 Support Notes
All contents copyright (c) 2006 ZyXEL Communications Corporation.
299
L07. What are public and private keys, and what is their relationship?
A PKI uses asymmetric cryptography to encrypt and decrypt information. In asymmetric cryptography,
encryption is done by a freely available public key, and decryption is done by a closely guarded
private key. Although the public and private keys in a particular key pair are mathematically related, it
is impossible to determine one key from the other. Each key in an asymmetric key pair performs a
function that only the other can undo.
L08. What are Certificate Policies (CPs)?
Certification Authorities issue digital certificates that are appropriate to specific purposes or
applications. For example, in the Government of Canada Public Key Infrastructure, digital certificates
for data confidentiality are different from those used for digital signatures. Certificate Policies
describe the rules governing the different uses of these certificates.
L09. How does a PKI ensure data confidentiality?
Users' public keys are published in an accessible directory. A person wishing to send an encrypted
message uses the recipient's public key to scramble the information in the message. Only the
recipient's private key can decrypt the message.
So, if Bob wants to send a confidential message to Alice, his PKI software finds Alice's public key in
the directory where it is published, and he uses it to encrypt his message. When Alice receives the
encrypted message, she uses her private key to decrypt it. Because Alice keeps her private key secret,
Bob can be assured that, even if his message were to be intercepted, only Alice can read it.
To Next Page
Loading...
