2

Are they kept in the form of a file?

If so, is it accessible for me manually or is it used transparently only whenever there is a PKI handshake (please correct me if I am misusing the terminology)?

Thank you!

Ƭᴇcʜιᴇ007
  • 113,841
user6004
  • 259

2 Answers2

3

Your question is a bit too vague to answer definitively. The exact mechanics differ based on what software you are using and what operating system. If you want more specifics then please, as mentioned in the comments, include the software packages and operating systems you might be using. In order for us to answer the question of how to find your machine's private key then you'll need to let us know what operating system you are using at a minimum.

From a high-level, though, public key encryption basically works like this:

  • Your public and private keys will be generated by a key generator, your private key is often protected by a password or passphrase (or some other authentication mechanism)
  • Your public key is then published to some public area so that others can access it
  • You encrypt things using your private key
  • Someone else will decrypt that data using your public key

Many software packages will contain what's called a keyring for storing public keys locally. Then can also be stored centrally on a key server. Many operating systems will also store keys for you and provide an application level service for retrieving them.

Note that you are using PKI a bit incorrectly. PKI stands for Public Key Infrastructure and is used as the term for the overall system that creates and stores an entities keys.

squillman
  • 8,551
0

There are many issues der in question,

First of all, if you want to use your PKI system for general usage like publishing your key for some transaction or to be legally valid in court of law, then you need to contact a certification authority or CA for short. Der are many CAs out der including Verisign, Thawte and others. They will charge you a fee for their services. They, the CAs are going to function as the root node in the chain of authentication. They are like trusted third party and everyone agrees when a CA says that Mr. X is actually Mr. X.

Now, if you don't want to publish your key, and want to use if just for some random internal purposes. Or to establish a SSH session with a friend whom you trust, then you don't need to contact a CA. you can generate a public/private key pair using your computer and a key generation software, some of which are available free of cost.

And regarding your original question, no it's not stored anywhere, you have to generate it in first place.

Vineet Menon
  • 736