Answer Posted / ramkumar
A user can generate his or her own key pair, or, depending
on local policy, a security officer may generate key pairs
for all users. There are tradeoffs between the two
approaches. In the former, the user needs some way to trust
his or her copy of the key generation software, and in the
latter, the user must trust the security officer and the
private key must be transferred securely to the user.
Typically, each node on a network should be capable of
local key generation. Secret-key authentication systems,
such as Kerberos, often do not allow local key generation,
but instead use a central server to generate keys.
Once a key has been generated, the user must register his
or her public key with some central administration, called
a Certifying Authority (CA). The CA returns to the user a
certificate attesting to the validity of the user's public
key along with other information (see Questions 4.1.3.10-
4.1.3.12). If a security officer generates the key pair,
then the security officer can request the certificate for
the user. Most users should not obtain more than one
certificate for the same key, in order to simplify various
bookkeeping tasks associated with the key.
| Is This Answer Correct ? | 0 Yes | 0 No |
Post New Answer View All Answers
Actual role of cryptography is data security .Explain with real world example?
What is meant by 1024, 2048, 5096 bit encryption?
What are the disadvantages of public-key cryptography compared with secret-key cryptography?
whats cryptanalysis?
what is pretty good privacy?
How to I prevent other users from using Kryptel (Silver Key)?
How Encoding is different from Encryption?
What is the difference between Kryptel and Silver Key?
How to remove the Kryptel (Silver Key) icon from the desktop?
What are the ecb and cbc modes?
Blowfish uses the longest key. Does this mean it is the strongest cipher?
What are some other public key cryptosystems ?
What are "stream" and "block" ciphers?
What is the mceliece cryptosystem?
What is secret-key cryptography ?
