Chapter 13 Contents

13 Key Management Techniques
13.1 Introduction
13.2 Background and basic concepts

13.2.1 Classifying keys by algorithm type and intended use

13.2.2 Key management objectives, threats, and policy

13.2.3 Simple key establishment models

13.2.4 Roles of third parties

13.2.5 Tradeoffs among key establishment protocols
13.3 Techniques for distributing confidential keys

13.3.1 Key layering and cryptoperiods

13.3.2 Key translation centers and symmetric-key certificates
13.4 Techniques for distributing public keys

13.4.1 Authentication trees

13.4.2 Public-key certificates

13.4.3 Identity-based systems

13.4.4 Implicitly-certified public keys

13.4.5 Comparison of techniques for distributing public keys
13.5 Techniques for controlling key usage

13.5.1 Key separation and constraints on key usage

13.5.2 Techniques for controlling use of symmetric keys
13.6 Key management involving multiple domains

13.6.1 Trust between two domains

13.6.2 Trust models involving multiple certification authorities

13.6.3 Certificate distribution and revocation
13.7 Key life cycle issues

13.7.1 Lifetime protection requirements

13.7.2 Key management life cycle
13.8 Advanced trusted third party services

13.8.1 Trusted timestamping service

13.8.2 Non-repudiation and notarization of digital signatures

13.8.3 Key escrow
13.9 Notes and further references

---

Return to the Table of contents