Chapter 9. Key Management
VALENTINE: Why then, I would resort to her by night.
DUKE: Ay, but the doors be lock'd and keys kept safe,
That no man hath recourse to her by night.
VALENTINE: What lets but one may enter at her window?The Two Gentlemen of Verona, III, i, 110113.
Key management refers to the distribution of cryptographic keys; the mechanisms used to bind an identity to a key; and the generation, maintenance, and revoking of such keys. We assume that identities correctly define principalsthat is, a key bound to the identity "Bob" is really Bob's key. Alice did not impersonate Bob's identity to obtain it. Chapter 13, "Representing Identity," discusses the problem of identifiers naming principals; Chapter 11, "Authentication," discusses a principal authenticating herself to a single system. This chapter assumes that authentication has been completed and that identity is assigned. The problem is to propagate that authentication to other principals and systems.
We first discuss authentication and key distribution. Next comes key generation and the binding of an identity to a key using certificates. Next, we discuss key storage and revocation. We conclude with digital signatures.
A word about notation. The statement
X  Y : { Z } k
means that entity X sends entity Y a message Z enciphered with key k. Subscripts to keys indicate to whom the keys belong, and are written where multiple keys are in use. For example, kAlice and kBob refer to keys belonging to Alice and Bob, respectively. If Alice and Bob share a key, that key will be written as kAlice,Bob when the sharers are not immediately clear from the context. In general, k represents a secret key (for a classical cryptosystem), e a public key, and d a private key (for a public key cryptosystem). If multiple messages are listed sequentially, they are concatenated and sent. The operator a || b means that the bit sequences a and b are concatenated.
|
