The major problem in using cryptography lies in distributing
the keys to the entities that need them and not to any other entities.
The keys used in symmetric algorithms need to be distributed with
confidentiality. Of course the best way to provide confidentiality
is to use cryptography. Keys that are used to encipher and decipher
data are called <#802#> data encrypting<#802#> keys. Other keys are used to
encipher data encrypting keys so that they can be distributed and
held in computer systems - these keys are called <#803#> key encrypting<#803#>
keys. If a data encrypting key is compromised then all of the data
protected by that key may be compromised. If a key encrypting key
is compromised then all the data encrypting keys protected by that
key and consequently all the data protected by all of the data keys
is compromised. It is important to protect the key encrypting keys
and often more expensive and secure algorithms are used.
Just as key encrypting keys can be used to protect data encrypting
keys when they are distributed it is possible to use further key encrypting
keys to distribute key encrypting keys. A hierarchy of keys is used
to make up a whole scheme so that keys can be changed and distributed
as required. The requirements for the key distribution system will
be set out in the security policy and are therefore different for
each system. Since the keys may be distributed through the same communication
channels that is used for the data, and consequently need protecting
in the same way as the data, it is not possible to distribute all
of the keys in this way. One or two keys at the top of the key encrypting
key pyramid have to be distributed by some other means, often a courier
or special letter. The invention of public keys was meant to alleviate
the problem of key distribution by allowing one of the keys to made
public. The public key does not need to be protected so no key encrypting
keys are needed to keep it confidential. Unfortunately a key also
needs to be distributed with authentication. If someone wanted to
carry out a fraud they would only have to intercept the distribution
of the public key and substitute their own. When using a public key,
for instance in the authentication mode above, it is essential that
the recipient uses the real public key of the sender, otherwise someone
else could pretend to be the sender simply by supplying their own
public key at the appropriate time. The need to distribute public
keys with authentication also requires the use of cryptography. Schemes
have been worked out to store and distribute public keys, one such
scheme has been made into a standard as part of the ISO directory
service [].
Public key mechanisms do have some advantages in their distribution
(for instance they can be placed on letter headings and widely published
to overcome the authentication problem), but their implementation
results in very slow processing rates. Currently it can take half
a minute to process 512 bits using a software version of the RSA algorithm.
The secret key mechanism has distribution problems but implementations
are quite efficient now and a software version can easily do 100,000
bits/second. For these reasons, public key mechanisms are usually
limited to use in key distribution systems and secret key mechanisms
are used to protect the actual data in a system.