State of Kansas Information Technology Identity Management

PKI General Information

VeriSign PKI and Authentication Services Tour and Demo's - Website

CIVICS.com - "Designing e-systems to support & reflect your strategy" - Website

Digital Signature Whitepaper "Understanding Digital Signature and Public Key Infrastructure - Word Document

"The State of Kansas Digital Certificate Implementation is a shining example of how state agencies can work together with a single focus and achieve great things."

Lisa Jones
General Manager - Kansas.gov

Glossary of Terms

PKI Related Terms

Certification Authority (CA) - A service provider that acts as a trusted third party and takes responsibility for creating, issuing, maintaining and revoking digital certificates.

Cryptography - The science of creating and identifying code systems intended to scramble information, so it cannot be understood by anyone other than the intended party.

Digital Certificate - This is the electronic component installed on a user’s computer that allows the user to digitally sign electronic documents or transactions and to encrypt information. A digital certificate gives the user a public and private key (key pair).

Digital Signature - A method of using cryptography to link an exclusive identity to an electronic document or transaction to accomplish what a written signature accomplishes in a paper document. A digital signature also verifies that the contents of the message or document have not been altered.

Encryption - The transformation of plain text into an unintelligible format using cryptography. Encryption uses the recipient’s public key to encrypt any information including graphics, audio clips, etc. so only the intended recipient can decrypt the information (view the content in its original form).

Hashing - The process of subjecting a set of data to a mathematical equation to compute a numeric value that will later be compared to ensure the original data has not been altered.

Key - A randomly created data string used in encryption that when combined with another key is used to encrypt and decrypt information.

Key Pair - The combination of a public key and its corresponding private key, which are mathematically related. The key pair is used to create a digital signature and encrypt and decrypt information.

Non-Repudiation - A security system that prevents a signer from denying a legitimate signature. A secure system provides a method to authenticate the integrity and origin of the information, and to prove delivery of the information.

Private Key - A component of the digital certificate that only the certificate holder can use to decrypt information received.

Public Key - A component of a digital certificate that is available to other certificate holders to use to encrypt information they send to the original certificate holder.

Public Key Infrastructure (PKI) - The common term used to describe a framework established to implement a certificate-based public key cryptography system.

Registration Authority (RA) - A party authorized by its community of interest, e.g. state government, and a CA to verify a subscriber’s identity and authorize the issuance of a certificate.

Vetting - The process performed by a RA to establish some level of identity with a party requesting a key pair. The verification of identity can range from establishing an e-mail account to requiring the applicant appear in person with photo identification. It can even go as far as requiring biometric information such as fingerprints, retinal scans or DNA. The level of vetting depends on the level of security required for a particular signature.