Implementing Public Key Infrastructure Using Microsoft Windows Certificate Services
By Michael Naish
Public Key Infrastructure (PKI) can be distilled into two critical parts: a public and a private key. Keys use asymmetric encryption algorithms to ensure that the encryption only works ‘one way’ (Hirsch). Each key in a public/private pair can be used to encrypt (or decrypt) data that only the corresponding key in the pair can decrypt (or encrypt) (Hirsch). Asymmetric encryption is considered to be slower than symmetric encryption, but it is more secure (Microsoft, 2007). The same key cannot be used to reverse the encryption (Hirsch). By contrast, asymmetrical encryption is often used in the exchange of symmetrical keys (The SANS Institute, 2013).