A

Case Study Report on

Topic Title: Public Key authority and Public Key

Certificates

Submitted
As a part of Assignment
For
Subject : Cryptography 18CS744

Submitted By
Sanjay Shetty 4SF19CS141
Shresht Subhash Chowta 4SF19CS153
Shreesha Rao P 4SF19CS152
Akarsh C Shetty 4SF19CS015
Srijan Kumar Shetty 4SF19CS164
A Jithesh Nikhil 4SF19CS001
Deekshith 4SF19CS053

Under the Guidance of

Ms. Vanishree B S
Assistant Professor
 Department of Computer Science and Engineering

Course Outcome
Discuss the classical encryption techniques and block ciphers and the data CL3
CO1
encryption standard

Describe the public key cryptography and RSA and the other Public Key CL3
CO2 Cryptosystems

Solve the Elliptic curve arithmetic, abelian groups, elliptic curves over real numbers, CL3
CO3
Illustrate the need of the key management and distribution

Describe the User Authentication, Electronic Mail Security CL3

CO4

Illustrate the IP security, transport and tunnel modes CL2

CO5

Module number : 5
Assessment Criteria
Si.No Assessment Criteria Marks Allotted

1 Assessment Criteria 1

2 Assessment Criteria 2

3 Assessment Criteria 3

4 Assessment Criteria 4

5 Assessment Criteria 5

Signature
Course Faculty
 TABLE OF CONTENTS

Chapter No. Title Page No.

1 Introduction 1

2 Technology 2

3 Case Study 3

4 Conclusion 5

5 References 6
1. Introduction:

 It is similar to the directory but, improves security by tightening control

over the distribution of keys from the directory.
 It requires users to know the public key for the directory.
 In addition, each participant reliably knows a public key for the authority,
with only the authority knowing the corresponding private key.
 When a user sends a message, the message is encrypted using the
recipient's encryption key, and when the recipient receives the message,
they use their own encryption key to decrypt it.
 A public key certificate is a digitally signed document that serves to
validate the sender's authorization and name.
 It uses a cryptographic structure that binds a public key to an entity, such
as a user or organization.
 The digital document is generated and issued by a trusted third party
called a certification authority.

 Public key authority is the governing body behind issuing digital

certificates.

 It helps to protect confidential data and gives unique identities to users

and systems. Thus, it ensures security in communications.

 The public key authority uses a pair of keys: the public key and the
private key to achieve security.

 The public keys are prone to attacks and thus an intact infrastructure is
needed to maintain them.

1
2. Technology:

PUBLIC KEY AUTHORITY:

 Stronger security for public-key distribution can be achieved by
providing tighter control over the distribution of public keys from the
directory.
 As before, the scenario assumes that a central authority maintains a
dynamic directory of public keys of all participants.
 In addition, each participant reliably knows a public key for the
authority, with only the authority knowing the corresponding private key.

PUBLIC KEY CERTIFICATE:

 A public key certificate is a digitally signed document that serves to
validate the sender's authorization and name.
 It uses a cryptographic structure that binds a public key to an entity, such
as a user or organization.

2
 The digital document is generated and issued by a trusted third party
called a certification authority.
 A public key certificate uses a pair of encryption keys, one public and one
private.
 ´The public key is made available to anyone who wants to verify the
identity of the certificate holder, while the private key is a unique key that
is kept secret.
 Certificates allow key exchange without real-time access to public key
authority
 All contents signed by a trusted public- key or certificate authority (CA)
 Can be verified by anyone who knows the public key authority's public
key

3
3.Case Study:

X.509 CERTIFICATE:

 An X.509 certificate is a digital certificate based on the widely accepted

International Telecommunications Union (ITU) X.509 standard, which
defines the format of public key infrastructure (PKI) certificates.
 They are used to manage identity and security in internet communications
and computer networking.
 They are unobtrusive and ubiquitous, and we encounter them every day
when using websites, mobile apps, online documents, and connected
devices.

Trust - Digital certificates allow individuals, organizations, and even devices to

establish trust in the digital world

Scalability - An additional benefit of this certificate-based approach to identity

is scalability.

4
4. Conclusion:

 Stronger security for public-key distribution can be achieved by

providing tighter control over the distribution of public keys from the
directory.
 A public key certificate is a digitally signed document that serves to
validate the sender's authorization and name.
 An SSL certificate is a digital certificate that authenticates a website's
identity and enables an encrypted connection.

5
5. References:

 V K Pachghare: Cryptography and Information Security, PHI 2nd

Edition.
 William Stallings: Cryptography and Network Security, Pearson 6th
edition