The IT Law Wiki
Don't have an account?
Register
Advertisement
Register
in: Definition, Encryption, Security

Public/private key establishment pair

< Public
Revision as of 07:21, 15 November 2013 by Mdscott (talk | contribs) (Adding categories)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Edit

Definition[]

A public/private key establishment pair is

used to securely establish a key between parties. Examples of the use of a key pair for key establishment are encrypting the symmetric key for S/MIME payload encryption/decryption and encrypting the random secret to be sent from a TLS client to a server.[1]

Overview[]

It is recommended that key establishment key pairs be distinct from authentication and signature key pairs. However, it is recognized that some devices such as web servers use the same key pair for key establishment and authentication. A key establishment [key pair is traditionally used in a network environment, but some usage for stored data is also seen and can be envisioned. A key establishment key pair is generally used for a pre-defined period for encryption (e.g., up to 3 years), but is used for decryption for as long as the confidentiality of the data needs to be protected.[2]

References[]

  1. NISTIR 7956, at 3.
  2. Id.
Community content is available under CC-BY-SA unless otherwise noted.
Advertisement