Key Management

Xukai Zou and Amandeep Thukral, Purdue University

Introduction

Secret Key Management for Two-Party Communication

Secret Key Establishment With Public Key Cryptosystems

Secret Key Establishment With a Diffie–Hellman Key Agreement

Secret Key Establishment With a Trusted Central Authority

Public Key Management

Public Key Certificate

Certificate Authority

Hierarchical Certificate Authorities

Revocation of Public Key Certificate

X.509 Certificate Standard

Public Key Infrastructure

Group Key Management for Secure Group Communication

Centralized Key Distribution

Decentralized Key Management

Distributed (Contributory) Key Agreement

Authenticated Key Management

The Man-in-the-Middle Attack in Diffie–Hellman Key Exchange

The Man-in-the-Middle Attack in Public Key Cryptosystems

Key Utilization

Secret Key

Public Key and Private Key

Key Granularity and Derivation

Key Storage, Recovery, and Escrow

Conclusion

Acknowledgment

Glossary

Cross References

References

INTRODUCTION

Cryptography plays a fundamental role in information security to provide confidentiality, authentication, and data integrity, even authorization. The most critical element in any cryptographic system is (cryptographic) key, and key management is the most important and difficult issue in cryptosystems. The security of a cryptosystem relies on secrecy of the keys and not on the secrecy of the encryption/decryption algorithms. Selection of keys with large size precludes the attempt of determining a key by brute ...

Get Handbook of Information Security: Information Warfare, Social, Legal, and International Issues and Security Foundations, Volume 2 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.