SAMARA UNIVERSITY

COLLEGE OF ENGINNERING AND TECHNOLOGY

DEPARTMENT COMPUTER SCIENCE

COMPUTER SECURITY GROUP ASSIGNMENT

Prepared By: Group 7

NAME ID
1. Hamza Ilayas----------------------------------------1522
2. Fukiso Fulasa----------------------------------------1441
3. Abdela Awol -----------------------------------------1434
4 . Foziya Endiras ------------------------------------1513
5 .Jemal Rauf--------------------------------------------1521
6 .Hasen Muhumed ---------------------------------1581

06/03/2021 1
 What is PKI?
 is the framework of encryption and cyber security that protects
communications between the server (your website) and the client
(the users).
 a technology for authenticating users and devices in the digital
world.
 A public key infrastructure relies on digital signature
technology, which uses public key cryptography
06/03/2021 2
 How Does Public Key Infrastructure Work?

 PKI authenticates you and your server. It allows your site users’ web
browsers to authenticate your server before connecting with it (so they can
verify that they’re connecting to a legitimate server).

 PKI facilitates encryption and decryption. PKI enables you to use digital
certificates and public encryption key pairs to encrypt and decrypt data or the
transmission channels you use to send it using the secure SSL/TLS protocol.

 PKI ensures the integrity of your data. PKI lets users, their browsers or their
devices know whether the data you send has been tampered with.

06/03/2021 3
 The Components Of Public key infrastracture

06/03/2021 4
  Registration Authority:- is authorized by the Certificate
Authority to provide digital certificates to users on a case-by-
case basis.
• All of the certificates that are requested, received, and revoked
by both the Certificate Authority and the Registration
Authority are stored in an encrypted certificate database.

06/03/2021 5
 The Role of Digital Certificates in PKI
• Is an electronic equivalent of a driver's license or passport 
• Contains information about an individual or entity 
• Is issued from a trusted third party 
• Is tamper resistant 
• Contains information that can prove its authenticity 
• Can be traced back to the issuer 
• Has an expiration date 
• Is presented to someone (or something) for validation
06/03/2021 6
What Is PKI Authentication?
• is a framework for two-key asymmetric encryption and decryption of
confidential electronic data.
 There are two things PKI does to secure communications:
• Authentication :-This ensures that the other party is the legitimate
server/individual that you’re trying to communicate with.
• Encryption :- This makes sure that no other parties can read your
communications

06/03/2021 7
 What Type of Encryption Does PKI Use?
 PKI merges the use of both asymmetric and symmetric
encryption.
• Symmetrical encryption protects the single private key that is
generated upon the initial exchange between parties, the digital
handshake, if you will.
• Asymmetric encryption is fairly new to the game and you may
know it better as “public key cryptography.

06/03/2021 8
 Public Key Cryptography/ Asymmetric encryption

 Public-Key Cryptography is an encryption scheme that

uses mathematically related, but not identical keys.

 Each user has a key pair (public key/private key).

 Information encrypted with the public key can only be

decrypted using the private key.

06/03/2021 9
How Encryption Works?
Encryption is a method of encoding data (messages or files) so that only
authorized parties can read or access that data. Encryption uses complex
algorithms to scramble the data being sent. Once received, the data can be
decrypted using a key provided by the originator of the message
 An easy-to-understand encryption is an old-fashioned shift cipher
(substitution cipher), or what’s more commonly known as the Caesar cipher.
 For example, the word “CERTIFICATE” becomes the ciphertext
“IKXZOLOIGZK” if your key is “6” because you’ve shifted each letter six
spaces.
06/03/2021 10
  What are Common Use Cases for PKI?
Some of the most common PKI use cases include:
• SSL/TLS certificates to secure web browsing experiences and
communications 
• Digital signatures on software 
• Restricted access to enterprise intranets and VPNs 
• Password-free Wi fi access based on device ownership 
• Email and data encryption

06/03/2021 11
 Security Limitations Of PKI
• As it currently stands, PKIs rely heavily on the
integrity of the associated Certificate Authority and
Registration Authority, which aren’t always
functioning at the ideal level of diligence and
scrutiny.
• PKI management mistakes are another weak link
that needs to be addressed.
06/03/2021 12
What Are Some PKI Algorithms?
 DIFFIE HELLMAN:-a method of encryption that uses
numbers raised to specific powers that produce decryption keys
on the basis of components that are never directly shared,
making it overwhelming for potential threats to penetrate.

06/03/2021 13
 RSA KEY EXCHANGE:- is much like the Diffie Hellman algorithm and factors
large integers that are the product of two large prime numbers.

 DSA:The DSA, or digital signature algorithm, is used to create digital signatures.

• The pitfall of the DSA algorithm is that it can only do digital signatures and not
public key encryption.

06/03/2021 14
 Why is PKI so Important in Today’s Digital
Age?
• because there are now millions of applications
and connected devices that require certification.
• Properly authenticating and maintaining
certificates for these technologies is essential to
keeping our highly connected world secure

06/03/2021 15