Certificates

• 1978 : Kohnfelder "Towards a Practical Public-key Cryptosystem"

  • In the Diffie-Hellman model, public key distribution must be conducted in an authenticated manner
  • Introduction of the certificate concept

• Definition of a certificate

  • Data structure which associates a name to a public key by means of a signature (i.e. it carries its own authentication)

• Current standard

  • X.509v3 with PKIX profile

• Certificate usage

  • Certificates are tagged as suitable for one or more uses (encryption, signature, key exchange, certificate generation)
  • A certificate contains only one key, which can be RSA, DSS… 512 bits, 1024 bits...