Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Part 1: Foundations of PKI > Cryptography Basics - Pg. 3

Chapter 1 Cryptography Basics This chapter will introduce the fundamentals of cryptography and provide a basic under- standing of the type of encryption and signing that takes place in public key infrastructure (PKI)­enabled applications. This overview is not an in-depth look at cryptographic functions. The chapter also introduces the new cryptographic options included in Windows Server 2008 and Windows Vista operating systems known as Cryptography Next Generation (CNG). More Info For more information on cryptography, see Cryptography and Network Security, Fourth Edition, by William Stallings (Prentice Hall, 2006) or Practical Cryptography, by Niels Ferguson and Bruce Schneier (Wiley, 2003), which are referenced in the Additional Information section at the end of this chapter. Encryption Types Cryptography supports symmetric encryption and asymmetric encryption for cryptographic functions. Symmetric encryption The same key is used for encryption and decryption. The key must be exchanged so that both the data sender and the recipient can access the plaintext data. Two mathematically related keys, a key pair consisting of a public key and a private key, are used in the encryption and decryption processes. Asymmetric encryption If the public key is used for encryption, the associated private key is used for decryption. If the private key is used for encryption, the associated public key is used for decryption. Note Only one person should hold the private key, but the public key can be distributed freely. The public key, as an attribute of a digital certificate, is often published in a network- accessible directory (such as Active Directory Domain Services, or AD DS) to allow easier access. 3