Public Key Cryptography (PKC) refers to the cryptographic system that uses pairs of public/private keys to secure data transmission and validate identities. In Mi-Token's solution, PKC plays a vital role in various security mechanisms:
SSL/TLS Encryption
All connections between Mi-Token components like the API servers, web services, and mobile apps use SSL/TLS encryption secured by PKC key pairs. This ensures data confidentiality and integrity over networks.
Digital Signatures
Mi-Token leverages digital signatures based on PKC to validate the authenticity and integrity of licenses, encryption keys, and other sensitive files exchanged during installation and updates.
API Authentication
The Mi-Token API uses a PKC authentication scheme based on SSL client certificates. Each authorized API client has a unique certificate with a public/private key pair for secure authentication.
Mobile Provisioning
When provisioning mobile soft tokens, Mi-Token uses ephemeral PKC key exchanges to securely share seed values and encrypted data with the user's mobile app.
Certificate Authority
Many PKC implementations require a Certificate Authority (CA) to issue and manage trusted public key certificates. Mi-Token can integrate with enterprise Microsoft CAs or use public trusted CAs.
Key Storage
Private keys are extremely sensitive, so Mi-Token employs secure key storage mechanisms like Microsoft's Data Protection API (DPAPI) to safeguard private keys on servers.
By heavily utilizing PKC principles, Mi-Token aims to provide robust encryption, authentication, and non-repudiation capabilities that underpin its secure two-factor authentication solution across servers, networks, and client devices.
Adherence to industry PKC standards and best practices is critical for maintaining Mi-Token's security assurances for enterprise customers.