Key management issues

First of all a key used to encrypt documents has a limited lifetime. In fact every time a key is used, it generates a ciphertext. Using the same key more times, you allow an attacker to have many ciphertext available. Some cryptoanalysis methods use ciphertexts to decrypt messages. The consequence is: the more time you use the same key, the more ciphertexts there are around and the easier is breaking it by means of cryptoanalysis. Another issue is the way to store a private key. Obviously, a private key should never be stored in a plaintext form. You should store your private key by encrypting it with a password. Besides, you shouldn't store your private key inside of a computer connected to a network. If your computer is connected to the Internet for example, store your private key encrypting it with a password inside of a floppy disk. About public keys issues, there is another problem: binding a public key to its real owner. In other words, if I want to send an encrypted message to Bob, and its public key is available, it is a fact that I'm not sure about that public key. Is that key the Bob's key really? For this reason, there are certificates. Certificates are digital documents attesting the binding of a public key to the real owner. These certificates are issued by certifying authorities. So a certificate contains an expiration date, the name of the certifying authority that issued the certificate and other information. Often authentication involve more certificates and more certifying authorities, so there is a certification Hierarchy. There are more levels and each level certify the lower level. When you request a certificate to a certifying authority, it may want to see your driver license, or may want the certificate request form to be notarized for example, and so on. If all things are right, the certifying authority issue a certificate. There is a company that provides services concerning certification: VeriSign. To know more see: http://www.verisign.com. A certificate may be revoked before its scheduled expiration date (e.g., a key specified in the certificate may be compromised) and so it is placed on a CRL (Certificate Revocation List). Another issue is this: sometimes a secret key provide access to many important documents. In this case, what if that key is lost? All information become inaccessible. For this reason sometimes a secret sharing scheme is used. In a secret sharing scheme, the secret key involved is divided into pieces, which are distributed to different persons so that a certain number of the involved persons can get together to recover the key.