Chapter 18
The Dream of PKI
In this chapter we will give the standard presentation of what a PKI is, and how it solves the key management problem. It is important to understand this first. In the next chapter we'll talk about the challenges with PKIs in practice, but for this chapter we'll visit the perfect world where a PKI solves all your problems.
18.1 A Very Short PKI Overview
A PKI is a Public-Key Infrastructure. It is an infrastructure that allows you to recognize which public key belongs to whom. The classical description is as follows.
There is a central authority that is called the Certificate Authority, or CA for short. The CA has a public/private key pair (e.g., an RSA key pair) and publishes the public key. We will assume that everybody knows the CA's public key. As this key remains the same over long periods of time, this is easy to accomplish.
To join the PKI, Alice generates her own public/private key pair. She keeps the private key secret, and takes the...