Which of the following is the best way to securely store an encryption key for a data set in a manner that allows multiple entities to access the key when needed?

Public key infrastructure (PKI) is primarily designed to manage digital certificates and public-private key pairs for secure communication. While it facilitates key exchange, it does not inherently provide a mechanism for storing and sharing a single encryption key among multiple entities. Instead, it focuses on authenticating identities and securing communications rather than on key escrow arrangements.

An open public ledger, such as a blockchain, allows for transparent record-keeping and data verification but does not provide a secure mechanism for storing encryption keys. This method exposes data to all participants on the network, posing a significant risk for sensitive encryption keys that need controlled access rather than public visibility.

Public key encryption utilizes a pair of keys (public and private) for secure data exchange, but it does not involve the shared storage of encryption keys. This method allows individuals to encrypt messages for one another without needing to access a common key. While secure for communication, it does not meet the requirement for multiple entities needing access to a single encryption key.