How PKI Works

For electronic government to work, agencies and individuals must be convinced

that transactions can be carried out privately and that documents are authentic.

The paper world relies on signatures. The computer world needs an electronic

equivalent.

Personal identification numbers and passwords have proven to be relatively

insecure. Smart cards and biometrics (retina, iris and fingerprint scans,

for example) are possibilities, but expensive. For now, the federal government

is promoting PKI — public-key infrastructure.

PKI is a system for encrypting, decrypting, signing and verifying the

authenticity of information that is transmitted over the Internet.

It works by providing each Internet user with two "keys" — one that

is public and one that is private. The private key is available only to

the user. The public key is available to anyone — a bank, an agency case

worker, a sales clerk — on a publicly accessible World Wide Web site.

When an individual transmit a document that he or she wants to remain

private, such as a sales contract, tax information or a bank statement,

he or she encrypts it with the public key of the recipient. That way, only

the recipient has the correct private key to decrypt it.

PKI includes functions that enable message recipients to verify that

documents have not been changed and to determine which keys have been used

to encrypt and decrypt documents. Another PKI feature is a digital signature

to positively identify the sender. Thus, PKI ensures that documents are

authentic and that the people involved in a transaction really are who they

say they are.

Federal security experts believe PKI will provide the level of confidence

needed for the public to widely accept electronic government, according

to the General Accounting Office.

Featured

  • Defense
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    DOD CIO hits pause on JEDI cloud acquisition

    Dana Deasy set cloud as his office's top priority. But when it comes to the JEDI request for proposal, he's directed staff to "pause" to compile a comprehensive review.

  • Cybersecurity
    By Gorodenkoff shutterstock ID 761940757

    Waging cyber war without a rulebook

    As the U.S. looks to go on the offense in the cyber domain, critical questions remain unanswered around who will take the lead and how clearly to draw the rules of engagement.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Deadline extended for Rising Star nominations

    You now have until July 18 to help us identify the early-career innovators and change agents in government IT.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.