Professional Documents
Culture Documents
LaRon Walker
May, 2010
However one basic element necessary in creating any public key cryptosystem is a means to
publicly distribute keys. This alone is essential in creating a public-key infrastructures (PKI),
which the way to securely send messages over unsecure networks that use keys as means of
authentication (Keston, 2009).-There many techniques to distribute keys, but most include using
public announcement of public keys, public key directories, public authorities, or public-key
certificates.
The least secure of the above stated methods are is the public announcement of public
keys. In this method, the keys are publicly announced (Stallings, 2011). Due to this, keys can be
easily duplicated and issued falsely to other users masquerading as the sender of valid public
keys. A more secure method would be that of the use of public key directories. In this scenario,
keys are dynamically distributed to its users, making it more difficult for the public
announcement method of public key’s vulnerability to occur. Although this strategy may seem
secure, it still possesses a major exploit. If the private key of a public-key directory is
compromised, the same vulnerability becomes available as that in the public announcement
scenario, along with giving the ability to masquerade as any participant utilizing that public key
are issued from the key directory (Stalling, 2011). This method is very secure but can affect the
performance of message delivery, as every recipient has to contact the public authority whenever
it needs a public key. This can create latency in message delivery depending on the load that is
being handled by public-key authority. This also gives intruders to an opportunity to intercept
public keys whenever requested by recipients. Once a key is compromised, the same
vulnerabilities apply as with the other two discussed methods. Intruder can send out false public
The more secure of the above stated techniques is by use of public-key certificates.
Using this strategy, public key information is transmitted between sender and receiver though
digitally signed certificates from a certificate authority (CA). The certificate contains the name,
public-key, and digital signature from the CA and can be transmitted between the CA and
recipient, or directly from the sender to recipient (Keston, 2009). The integrity of the message or
References
Keston, G. (2009). Public Key Standards. Faulkner Information Services. Retrieved May 16,
Stallings, W. (2011). Cryptography and Network Security Principles and Practice (5th ed.).