Chapter 13 Contents
13 Key Management Techniques
13.1 Introduction
13.2 Background and basic concepts
13.2.1 Classifying keys by algorithm type and intended use
13.2.2 Key management objectives, threats, and policy
13.2.3 Simple key establishment models
13.2.4 Roles of third parties
13.2.5 Tradeoffs among key establishment protocols
13.3 Techniques for distributing confidential keys
13.3.1 Key layering and cryptoperiods
13.3.2 Key translation centers and symmetric-key certificates
13.4 Techniques for distributing public keys
13.4.1 Authentication trees
13.4.2 Public-key certificates
13.4.3 Identity-based systems
13.4.4 Implicitly-certified public keys
13.4.5 Comparison of techniques for distributing public keys
13.5 Techniques for controlling key usage
13.5.1 Key separation and constraints on key usage
13.5.2 Techniques for controlling use of symmetric keys
13.6 Key management involving multiple domains
13.6.1 Trust between two domains
13.6.2 Trust models involving multiple certification authorities
13.6.3 Certificate distribution and revocation
13.7 Key life cycle issues
13.7.1 Lifetime protection requirements
13.7.2 Key management life cycle
13.8 Advanced trusted third party services
13.8.1 Trusted timestamping service
13.8.2 Non-repudiation and notarization of digital signatures
13.8.3 Key escrow
13.9 Notes and further references
Return to the Table of contents