Cryptography Reference
In-Depth Information
in Section 10.6.1 it might be wise to have different RSA key pairs for encryption
and digital signatures. Even more fine-grained usage policies are possible. For
example, a particular digital signature key pair might only be authorised for
use on messages that relate to transactions worth less than a particular limit
(beyond which a different key pair needs to be used, perhaps consisting of
longer keys). If Alice has used the signature key inappropriately (in our first
example this might be by using an RSA private key designated for decryption
use only, in the second case by using a signature key to sign a transaction
above the limit) then even if the verification key confirms the result to be
'cryptographically' verified, the signature may not be valid in any legal sense.
PROVIDING ASSURANCE OF PURPOSE
The above scenario is pessimistic in its outlook, but it is important to observe
that if we can provide assurance of purpose of verification keys then all of Bob's
concerns should be put to rest. In particular we need to:
1. provide a 'strong association' between a public key and the
owner
of that key
(the entity whose identity is linked to the public key);
2. provide a 'strong association' between a public key and any other relevant data
(such as expiry dates and usage restrictions).
Once again, we emphasise that these issues are not unique to public keys but, as
discussed in Section 10.1.3, are often provided implicitly for secret keys. Because
public keys are usually publicly available, assurance of purpose must be provided
explicitly.
PROVIDING A POINT OF TRUST
The concept of the provision of 'trust' will be a central theme in this chapter.
This is because public-key cryptography lends itself to use in relatively open
environments where common points of trust are not always present by default.
This is in contrast to symmetric key cryptography, which we saw in Chapter 10
typically requires explicit points of trust to be deployed within a key management
system, such as a trusted key centre.
The problem in designing any public-key management system is that we need
to find a source for the provision of the 'strong association' between a public-
key value and its related data. In public-key management systems this is often
provided by introducing points of trust in the form of trusted third parties who
'vouch' for this association.
USING A TRUSTED DIRECTORY
Perhaps the crudest approach to providing assurance of purpose for public keys
is to use a trusted 'directory', which lists all public keys next to their related data
(including the name of the owner). Anyone requiring assurance of purpose of a
public key, simply looks it up in the trusted directory. This is analogous to the
idea of a telephone directory for telephone numbers.
