[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: certificate key usage in IKE



>From a cryptographic point of view one of the main reasons to separate 
signature keys from encryption keys is the principle that you should 
use different keys with different algorithms. In this sense, I am 
in favor of using "encryption keys" and not "signature keys" in the 
encryption mode of IKE.

I would like to note that such a "key separation" principle has guided
many of the design issues in IKE. Also, notice that "RSA encryption" and 
"RSA signatures" ARE different algorithms.

Hugo

>From: Daniel Harkins <dharkins@cisco.com>
>
>  Another issue has come up with RSA encryption mode (both of them) and 
>regrettably the IKE document does not address it.
>
>  It's concerned with the key usage restrictions that can be added to
>a certificate. For split-key systems where there is a "signature" key and
>a "key encipherment" key can the signature key be used for the encrypted
>nonce-type authentication methods?
>