Ace the AFP Exam 2025 – Boost Your Financial Wizardry!

The primary feature of a public/private key infrastructure (PKI) structure in encryption is that it requires two keys: one private key and one public key. This dual-key approach is fundamental to the asymmetric encryption scheme used in PKI.

In this system, the public key is openly shared and can be accessed by anyone, allowing them to encrypt messages intended for the key owner. Conversely, the private key is kept secret by the owner and is used to decrypt any messages that were encrypted with their public key. This ensures that only the intended recipient, who possesses the private key, can read the messages, providing a secure method of communication.

This architecture addresses confidentiality, as it allows information to be securely transmitted between parties without the need for sharing a secret key beforehand. It also facilitates digital signatures, where a sender can sign a document with their private key, while anyone can verify the signature with the sender's public key, thereby ensuring authenticity and integrity.

Other options fail to encapsulate this key feature of PKI. A single key for both encryption and decryption represents symmetric encryption, not the asymmetric nature of PKI. Unlimited access undermines the core principle of controlled access in encryption. Lastly, the notion of permanent encryption contradicts the ability to decrypt messages