[Next] [Up] [Previous]
Next: The Real Importance Up: Key Management Previous: Key Management

Key Management Issues for Public Key Cryptography

The concept of public key cryptography was most appealing because it greatly simplifies some of the problems involved in distribution of secret keys. When applied to encryption, it allows a person sending a message to send a message that can only be read by the receiver, without having a need for the sender and receiver to agree on any secret key. The reason for this is that in public key cryptography, the key used for encryption is different from the key used for decryption. In practice, the methods that have been developed for realizing public key encryption are comparitively slow, and public key cryptography is generally used for encrypting ``session keys'' that are then used for a faster traditional single-key encryption method such as the Data Encryption Standard (DES).

In addition to the convenience of key management for encryption provided by public key cryptography, it also provides a means to implement digital signatures. The separation of public and private keys is exactly what is required to allow users to sign their data (with their secret key), allow others to verify their signatures with the public key, but not have to disclose their secret key in the process.

The secret key then provides the link between the public key and the individual, and will remain a valid link only if the user properly maintains the secrecy of the private key. If for some reason a user's secret key for a digital signature scheme is compromised, then the public key may need to be revoked. If it is known when the private key was compromised, then there is no need to invalidate all of the documents that were signed prior to this date.

Kevin S. McCurley
Sat Mar 11 16:00:15 MST 1995