The public-key system requires that each party have a public and a private key. These keys must be generated by a trusted source. A few companies offer this service, the largest of which is VeriSign Inc.
Intranets have just as much reason to protect their data. The National Computer Security Association (NCSA) estimates that 80% of an organization's security breaches occur within that organization. For private database information, all the authentication in the world won't prevent packet sniffers from intercepting data that is sent across the network. For this reason, organizations have started to set up their own public-key …show more content…
Most of the focus is on digital signatures, digital certificates, or digital IDs. A digital signature is just the public key of a public-key system. There is a standard called X.509 for the format of the digital certificates. E.g. a user can use his private key to encrypt a textbook. The user can then send the encrypted book as well as his or her public key to another user. The public key or digital signature contains the ID of the trusted party that generated the key. The receiver of the document verifies that the key used to generate it was created by a trusted party and then decodes the information. Only that user's private key could have encoded the document.
A Certificate Server enables a company to become its own trusted key generator. Rather than having Verisign generate the public/private key pair, a Certificate Server within the company creates the keys and stamps its creator name on each key.
The public keys are kept on file on the server. A user can request the public key of John Doyle to decode a document supposedly sent by John Doyle. If the document wasn't encrypted with Doyle's private key, the public key on the Certificate Server will not decode it