Symmetric Key Algorithms

You already learned about symmetric key ciphers and the major issue with symmetric keys. Read the section in this article on symmetric key encryptions to learn more about the advantages and disadvantages of symmetric keys. There is more information about symmetric key ciphers in this article that will be covered in more detail later in this unit, but this article will give you a preview of 3DES, IDEA, and AES ciphers. View the flashcard tool as well to better understand and to learn the terms used in cryptography such as plaintext, ciphertext, key, encryption, decryption, countermeasure, symmetric key encryption, and block cipher.

13. Public Key Infrastructure (PKI)

In the previous section, the use of public keys in symmetric and asymmetric cryptographic systems was discussed. One of the issues with using public keys is validating their integrity. Digital certificates can be used when passing public keys between two separate entities which can be people, hardware, software, or a department. Digital certificates have become the standard mode of public key transmission because it contains information about the user of the key. With the information gained by using digital certificates, a public key infrastructure (PKI) can be established which can perform various functions that make disturbing keys and maintaining their integrity easier. PKI vendors provide methods to make this process easier.

The video, What are certificates (15:10), discusses what a digital certificate is and how a certificate works to secure communication.


The primary elements of PKI are Certificate Authority, Digital Certificates, Policies, Certificate Management and Registration Authority as illustrated in Figure 5.


Figure 5 – The primary elements of PKI

  • A Digital Certificate is a standard format for passing public keys that uses a digital signature to bind entities to keys.
  • A Certificate Authority (CA) is a third-party that ensures users are who they say they are.
  • The Registration Authority (RA) accepts the enroll request from users, authenticates users, and then passes the request to the Certificate Authority so that the CA can issue the digital certificate.