|
Determining a shared key for symmetric key cryptography and securely obtaining the public key for public key cryptograhpy--can
be solved using trusted intermediary. For symmetric key cryptography, the trusted intermediary is called
a key distribution center (KDC), which is a single, trusted network entity with whom onw has established
a shared secret key. One can use the KDC to obtain the shared keys needed to communicate securely with all other network
entities, avoiding some of the pitfalls we uncovered. For public key cryptograhpy, the trusted intermediary is
called a certification authority (CA). A CS certifies that a public key belongs to
a particular entity. For a certified public key, if you can safely trust the CA that certified the key, then you can
be sure about to whom the public key belongs. Once a public key is certified, then it can be distributed from just about
anywhere, including a public key server, a personal Web page, or a diskette.
|
