Site home page
(news and notices)

Get alerts when Linktionary is updated

Book updates and addendums

Get info about the Encyclopedia of Networking and Telecommunicatons, 3rd edition (2001)

Download the electronic version of the Encyclopedia of Networking, 2nd edition (1996). It's free!

Contribute to this site

Electronic licensing info



PKI (Public-Key Infrastructure)

Related Entries    Web Links    New/Updated Information

Search Linktionary (powered by FreeFind)

Note: Many topics at this site are reduced versions of the text in "The Encyclopedia of Networking and Telecommunications." Search results will not be as extensive as a search of the book's CD-ROM.

A public-key infrastructure (PKI) is a full system for creating and managing public keys used for encrypting data and exchanging those keys among users. A PKI may be installed on an enterprise network, or it may be available in the public environment. A PKI is a complete system for managing keys that includes policies and working procedures.

PKI is about distributing keys in a secure way. Whitfield Diffie and Martin Hellman developed the concept of asymmetric public-key cryptography in 1976, but it was RSA (Rivest, Shamir, Adleman) Data Systems that turned it into a workable and commercial system. Today, RSA is the most popular public-key scheme.

This topic continues in "The Encyclopedia of Networking and Telecommunications" with a discussion of the following:

  • Key distribution problems and solutions
  • PKI history and development
  • Key generation and distribution techniques
  • Diffie/Hellman techniques
  • Digital signing and certificates
  • Building trust and certificate authorities
  • PKI structure and services
  • X.509 and the IETF PKIX (Public-Key Infrastructure X.509)
  • SPKI (Simple PKI)
  • PKCS (Public-Key Cryptography Standards)


The two IETF working groups mentioned earlier (PKIX and SPKI) are developing public-key infrastructure standards. The Web sites (listed on the related entries page) provide a complete list of related drafts and RFCs. Some of the more important RFCs related to PKI are listed here.

  • RFC 2401 (Security Architecture for the Internet Protocol, November 1998)

  • RFC 2437 (PKCS #1: RSA Cryptography Specifications Version 2.0, October 1998)

  • RFC 2527 (Internet X.509 Public-Key Infrastructure Certificate Policy and Certification Practices Framework, March 1999)

  • RFC 2692 (SPKI Requirements, September 1999)

  • RFC 2693 (SPKI Certificate Theory, September 1999)

  • RFC 2898 (PKCS #5: Password-Based Cryptography Specification, Version 2.0, September 2000)

Copyright (c) 2001 Tom Sheldon and Big Sur Multimedia.
All rights reserved under Pan American and International copyright conventions.