The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke Digital Certificates. A Public Key Infrastructure (PKI) enables users of a basically unsecure public network such as the Internet to securely and privately exchange data through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.
The following are the major functions of Public Key Infrastructure (PKI).
Confidentiality: The privacy of user transactions is protected by encrypting data streams and messages. The confidentiality function may be intended to prevent the unauthorized disclosure of information locally or across a network. By using Public Key Infrastructure (PKI), users are able to ensure that only an intended recipient can “unlock” (decrypt) an encrypted message.
Authentication: Authentication is the process of verifying that the user is who they say they are. PKI provides a means for senders and recipients to validate each other's identities.
Integrity: Guaranteeing message integrity is another important function of Public Key Infrastructure (PKI). Public Key Infrastructure (PKI) has built-in ways to validate that all the outputs are equivalent to the inputs. Any alter of the data can be immediately detected and prevented.
Non-Repudiation: Public Key Infrastructure (PKI) ensures that an author cannot refute that they signed or encrypted a particular message once it has been sent, assuming the private key is secured. Here Digital signatures link senders to their messages. Only the sender of the message could sign messages with their private key and therefore, all messages signed with the sender's private key originated with that specific individual.