Public Key Infrastructure: Security Standards, Threats, and Mitigation

Verified

Added on 2022/11/18

AI Summary

This discussion post examines Public Key Infrastructure (PKI), a crucial technology for securing digital interactions. It highlights how PKI, through certificate authorities and encryption, protects communication between servers and clients, including web browsers using protocols like SSL and HTTPS. The post discusses various security threats, such as certificate authority hijacking, DDoS attacks, man-in-the-browser attacks, and certificate theft, which can compromise PKI's effectiveness. It also explores PKI standards, including X.509, and how they are implemented to ensure secure communication and authentication. The post references academic sources to support its analysis of PKI's functionality, vulnerabilities, and the importance of its continued development in a constantly evolving threat landscape. The discussion emphasizes the role of PKI in verifying identities and securing digital transactions.

Running head: PUBLIC KEY INFRASTRUCTURE
PUBLIC KEY INFRASTRUCTURE
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1PUBLIC KEY INFRASTRUCTURE
Discussion 1
The standards that are set by the Infrastructure of public key are developed and
maintained by a number of organizations (Spies 2017). Today the standards are created by
one industry and are accepted by anther by the procedure of cross-fertilization. Many
applications exist that is used to protect the interaction between the servers of the internet and
the clients that are based on browsers. When a browser is opened during the web interaction,
the certificate authority must sign a certificate. This authority is used in the encryption of
data. However, there are several attacks in spite of the encryption and the digital signatures.
The scenarios of attack on the infrastructure of public key are:
 Hijacking of the certificate authority
 Distributed Denial Of Service attack
 Man in the browser attack, and
 Theft of the certificates of the websites
These attacks can cause harm to the public key infrastructure in spite of the signature
by the Certificate Authority and encryption.
Discussion 2
The infrastructure of public key is an authentication of the digital world to the
consumers and the devices. The certificate authority is used to sign the signatures during the
interaction between the clients and the servers. The applications also use these certificates for
its security. The web browsers use the Secure Socket layer in order to encode the information
between the servers and the clients (Das and Govardhan 2015). They protect the information
that are private for instance data on social security and the information of the credit cards.
Google Chrome uses JIT hardening. This feature is used to decrease the effect of the other
software weaknesses. A man in the middle attack can be used to hack the computer in this

2PUBLIC KEY INFRASTRUCTURE
kind of situation. In this attack, the hacker modifies the communication between the two
parties.
Discussion 3
The infrastructure of public key is a technology for the identification of entities,
programs and the applications (Hofheinz and Jager 2016). The main aim is to have party that
is trusted and that certifies that a public key belongs to a certain entity. There are several PKI
standards that are available are trust models, certificate content and the certificate revocation.
There are different standards that are used to make communication that are secure. X.509
defines a format for the certificate of public key. SSL layer is used to secure the web
browsers with the help of HTTPs. SSH are used to secure the emails by specifying the format
of the message. The HTTPs protocol protects the communication between the browsers and
that is accomplished through the public key encryption.
Discussion 4
The infrastructure of public key is a methodology that uses the encryption by
asymmetric key and it supports various activities like distribution of public keys, verification
and revocation of public keys and many more tasks. As the NIST says that, a certain key
standard is followed in the procedure of PKI. In this, the issuer signs the certificates digitally.
It collects all the details of the clients (Pooja and Yadav 2018). The implementation of PKI
by the browsers is increasing day by day. The digital certificate will be sent along with data
of the client to validate the identity of the sender.

3PUBLIC KEY INFRASTRUCTURE
References
Das, M.S. and Govardhan, A., 2015, September. QoS web service Security Access Control
case study using HTTP Secured Socket Layer Approach. In Proceedings of the The
International Conference on Engineering & MIS 2015 (p. 59). ACM.
Hofheinz, D. and Jager, T., 2016. Tightly secure signatures and public-key
encryption. Designs, Codes and Cryptography, 80(1), pp.29-61.
Pooja, M. and Yadav, M., 2018. Digital Signature.
Spies, T., 2017. Public Key Infrastructure. In Computer and Information Security
Handbook (pp. 691-711). Morgan Kaufmann.