Page 593 - StudyBook.pdf
P. 593

Public Key Infrastructure • Chapter 10  577

                 created by RSA laboratories, the same group that developed the original RSA
                 encryption standard, along with a consortium of corporations including Microsoft,
                 Sun, and Apple.The list of active PKCS standards (gaps in the sequence below are
                 due to standards that have become inactive since they were originally published) is
                 as follows:

                      ■  PKCS #1: RSA Cryptography Standard Outlines the encryption of data
                         using the RSA algorithm.The purpose of the RSA Cryptography Standard is
                         in the development of digital signatures and digital envelopes. PKCS #1 also
                         describes a syntax for RSA public keys and private keys.The public-key
                         syntax is used for certificates, while the private-key syntax is used for
                         encrypting private keys.

                      ■  PKCS #3: Diffie-Hellman Key Agreement Standard Outlines the use
                         of the Diffie-Hellman Key Agreement, a method of sharing a secret key
                         between two parties.The secret key is used to encrypt ongoing data transfer
                         between the two parties.Whitfield Diffie and Martin Hellman developed the
                         Diffie-Hellman algorithm in the 1970s as the first public asymmetric crypto-
                         graphic system (asymmetric cryptography was invented in the United
                         Kingdom earlier in the same decade, but was classified as a military secret).
                         Diffie-Hellman overcomes the issues of symmetric key systems, because man-
                         agement of the keys is less difficult.

                      ■  PKCS #5: Password-based Cryptography Standard A method for
                         encrypting a string with a secret key that is derived from a password.The
                         result of the method is an octet string (a sequence of 8-bit values). PKCS #8
                         is primarily used for encrypting private keys when they are being transmitted
                         between computers.
                      ■  PKCS #6: Extended-certificate Syntax Standard Deals with extended
                         certificates. Extended certificates are made up of the X.509 certificate plus
                         additional attributes.The additional attributes and the X.509 certificate can be
                         verified using a single public-key operation.The issuer that signs the extended
                         certificate is the same as the one that signs the X.509 certificate.

                      ■  PKCS #7: Cryptographic Message Syntax Standard The foundation
                         for Secure/Multipurpose Internet Mail Extensions (S/MIME) standard (see
                         Chapter 3). Is also compatible with Privacy-Enhanced Mail (PEM) and can
                         be used in several different architectures of key management.
                      ■  PKCS #8: Private-key Information Syntax Standard  Describes a
                         method of communication for private-key information that includes the use




                                                                              www.syngress.com
   588   589   590   591   592   593   594   595   596   597   598