What is Public Key Encryption?

RSA & AD CS

Public key encryption uses a popular algorithm known as RSA ((Rivest–Shamir–Adleman). This algorithm was one of the first practical public key encryption systems used for transmitting data. RSA works with the encryption key being public but the decryption key being secret. This works by encrypting data using two large prime numbers and creating a factoring problem. This form of encryption is popular because anyone can use it to encrypt messages and only those individuals with the decryption key can access the data transmitted. This method is popular because it can be used by anyone but it is also less commonly used in situations where large volumes of data must be transmitted. The reason for this less common usage is due to the fact that RSA is a slow algorithm and is not practical for encrypting large amounts of data or decrypting it due to the slow speed.

To make encryption faster using RSA and similar algorithms, Active Directory Certificate Services (AD CS) are used to control public keys on networks. AD CS is an identity access control security feature that provides customizable services when creating and managing public key certificates. Typically, certificates need to be issued across networks for any number of reasons such as software or device security (Kroenke, 2013). This feature provides a number of benefits and should be used in the following circumstances:

· Organizations can use AD CS for security by linking the identity of a person, device, or service to a corresponding private key.

· When keys need to be distributed in a cost-effective, efficient, and secure way.

AD CS can support a variety of applications such as “Internet Mail Extensions (S/MIME), secure wireless networks, virtual private network (VPN), Internet Protocol security (IPsec), Encrypting File System (EFS), smart card logon, Secure Socket Layer/Transport Layer Security (SSL/TLS), and digital signatures” (Microsoft, 2015). Any area in which certificates are needed, AD CS can provide a secure means of providing these items.

References

Kroenke, D. (2013). Experiencing MIS (4th Edition). New Jersey: Prentice Hall.

Microsoft. (2015, October 19). BranchCache Overview. Retrieved from Tech Net Microsoft: https://technet.microsoft.com/en-us/library/hh831696.aspx