Introduction to Public Key Infrastructures

The introduction of public key cryptography (PKC) was a critical advance in the development of the Internet as it enabled secure communication over open networks between entities without prior contact. This represented a tremendous advance on the symmetric key approach, but beyond this PKC also enables techniques that have no analogue in traditional cryptography, most importantly digital signatures such as those used to authenticate software downloads and updates. Although PKC does not rely on the exchange of secret keys, pairs of private and public keys are used and proper key management is of vital importance: we must keep private keys private, and we must guarantee their authenticity. So it is not sufficient to study only the ingenious underlying mathematical mechanisms, we must understand the so-called public key infrastructures (PKIs) used to manage key pairs. §In this book the authors explain the most important concepts underlying PKIs and discuss relevant standards, implementations, and applications. The book is structured into chapters on the motivation for PKI, certificates, trust models, private keys, revocation, validity models, certification service providers, certificate policies, certification paths, and practical aspects of PKI.§This is a suitable textbook for advanced undergraduate and graduate courses in computer science, mathematics, engineering, and related disciplines, complementing introductory courses on cryptography. The authors assume only basic computer science prerequisites, and they include exercises in all chapters and solutions in an appendix. They also include detailed pointers to relevant standards and implementation guidelines, so the book is also appropriate for self-study and reference by industrial and academic researchers and practitioners.§