From the course: Writing Secure Code for Android by Infosec

Unlock this course with a free trial

Join today to access over 25,100 courses taught by industry experts.

Understanding PKI

Understanding PKI

From the course: Writing Secure Code for Android by Infosec

Start my 1-month free trial Buy for my team

Understanding PKI

- Now that we have some background on asymmetric encryption, let's talk about PKI, the public key infrastructure. This is how we distribute pairs of keys, asymmetric keys. PKI is used to create, distribute, manage, store, use, and revoke something called digital certificates. A digital certificate is simply a public key on a document, on a file, and it's accompanied by some metadata, just some information about it. The private key is stored in a separate little file, and it's usually encrypted. So when we get a certificate, we're usually getting, I mean, if we ask for a certificate that we can use, we are getting both the public key on basically a text file and the associated private key. The PKI system has these components. There will be some kind of certificate management system. There will be digital certificates in the X.509 format. There will be a validation authority, a certificate authority, the end user, and the registration authority. If I go to Verisign, GoDaddy, Microsoft…

Contents