This preview shows page 1. Sign up to view the full content.
Unformatted text preview: a relationship as well as an identity, and people have more than one relationship. Alice might want to sign one document as Alice the individual, another as Alice, vice-president of Monolith, Inc., and a third as Alice, president of her community organization. Some of these keys are more valuable than others, so they can be better protected. Alice might have to store a backup of her work key with the company’s security officer; she doesn’t want the company to have a copy of the key she signed her mortgage with. Just as Alice has multiple physical keys in her pocket, she is going to have multiple cryptographic keys. Distributed Key Management
In some situations, this sort of centralized key management will not work. Perhaps there is no CA whom Alice and Bob both trust. Perhaps Alice and Bob trust only their friends. Perhaps Alice and Bob trust no one. Distributed key management, used in PGP (see Section 24.12), solves this problem with introducers. Introducers are other users of the system who sign their friends’ public keys. For example, when Bob generates his public key, he gives copies to his friends: Carol and Dave. They know Bob, so they each sign Bob’s key and give Bob a copy of the signature. Now, when Bob presents his key to a stranger, Alice, he presents it with the signatures of these two introducers. If Alice also knows and trusts Carol, she has reason to believe that Bob’s key is valid. If she knows and trusts Carol and Dave a little, she has reason to believe that Bob’s key is valid. If she doesn’t know either Carol or Dave, she has no reason to trust Bob’s key. Over time, Bob will collect many more introducers. If Alice and Bob travel in similar circles, the odds are good that Alice will know one of Bob’s introducers. To prevent against Mallory’s substituting one key for another, an introducer must be sure that Bob’s key belongs to Bob before he signs it. Perhaps the introducer should require the key be given face-to-face or verified over the...
View Full Document
- Fall '10