Abstract
Managing cryptographic keys is one of the most difficult parts of a cryptographic system. It is particularly difficult if only symmetric key cryptography is available. The advent of asymmetric key cryptography greatly simplified key management and makes it much more secure. Public Key Infrastructure addresses only management of public keys. Private keys must be managed and protected with other mechanisms. A particularly thorny issue is providing escrow of private keys (in the event of a key being lost or the key owner leaving the organization). This can easily be abused by the cryptographic system owner (or the government). Some systems, such as TLS and S/MIME, provide very secure mechanisms for exchange of a symmetric session key (one used only for a single session). With S/MIME it is important to provide a central shared address book with all participant’s digital certificates, since anyone sending an encrypted message must have the recipient’s certificate at the time they send the message.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature
About this chapter
Cite this chapter
Hughes, L.E. (2022). Key Management. In: Pro Active Directory Certificate Services. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-7486-6_8
Download citation
DOI: https://doi.org/10.1007/978-1-4842-7486-6_8
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-7488-0
Online ISBN: 978-1-4842-7486-6
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)