This entry is part 1 of 6 in the series PKI

The public key that is used to send someone a message (for example – if someone wants to send me a message, they will use my public key – so only I can decrypt with my private key), can be stored in a couple of different places. The first place is a public database. The second is a private database/registry. With each of these storage options, a hacker can replace MY key with HIS public key. This way, all data is actually encrypted with HIS key – and all he has to do now is to intercept the encrypted message. Only he can decrypt it. In addition, if he is smart, he will decrypt it – and re-encrypt it using the original recipient’s key – and forward the message on. This way, no one will know that the hacker has already decrypted the message before forwarding it.

Enter Certificate Authorities

This man in the middle can be addressed  by the use of a public authority service that ensures that the PUBLIC key is not intercepted and belongs to the original intended recipient.

Anuj holds professional certifications in Google Cloud, AWS as well as certifications in Docker and App Performance Tools such as New Relic. He specializes in Cloud Security, Data Encryption and Container Technologies.

Initial Consultation

Anuj Varma – who has written posts on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.


Series NavigationDiffie Helman, Symmetric and Asymmetric Encryption