220.127.116.11 Multiple Key Pairs (Single, Dual)
Conventional hierarchical PKI uses a single key pair one public key and one private key. According to VeriSign, Key Pairs are used for one or more of three basic purposes: encryption, authentication and non-repudiation. A single key used for multiple purposes violates non-repudiation410. Up until now, weve primarily been discussing situations in which each individual has only one key pair.
RSA recommends that you assign two key pairs per person -- one key pair for signing messages, providing authentication and non-repudiation, and a second key pair for encryption. This allows someone to recover the encryption key and decrypt documents that were encrypted using it, without their gaining the ability to sign documents with that users private key as well (which could lead to forgery and violation of non-repudiation).411
With a single key pair, this protection is not available. When a single key pair is used, key recovery gives the individual recovering the key the ability to masquerade as the user whose key was recovered, if desired, in addition to allowing them to encrypt/decrypt communications from and to that user.
Since an organization already has to have infrastructure in place to manage a single set of keys, its generally not that much more difficult, from an administrative point of view, to add a second set of keys for each user (as long as any key management software/hardware used supports this). Because of the low incremental cost and the potential value of implementing a PKI with dual key pairs, its something to consider.
Note that when using dual key pairs, you may wish to treat the archiving and escrow of signing keys different than encryption keys. The reason for this is that if a signing private key is lost, its no big deal just generate another key pair for future messages (the public half of the old signing key will still be good for reading messages signed with the old private key). Additionally, if the employee were no longer with the company, although you might have a need to go back and decrypt messages encrypted with his or her private key, you wouldnt need to digitally sign a message with his or her identity. Contrast this with the loss of an encryption private key which means that any outstanding messages to the recipient, created with the recipients public key, cannot be read412.
412. Kaufman, Charlie, Radia Perlman and Mike Speciner, Network Security Private Communication in a Public World, Prentice-Hall, April, 2002, http://www.nerdbooks.com/item.html?id=0130460192
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.