Featured:
Allergies
Tech Know
Grilling Guide
eHow Now Blog

The Advantages of Dual Key Certifications

Digital certificates, or keys, make electronic signatures safe and secure. By using a digital key when you sign an electronic contract, you can guarantee to the other party that the signature is yours and the document is authentic. It's possible to use one certificate to secure the signed document, but using two keys offers a greater level of security.

  1. PKI

    • Public Key Infrastructure refers to the systems that make signature certification work. PKI works by the use of a private key and a matching public one. When you sign an electronic document, you use your private key first to make your official signature, then to encrypt the document, which protects it against tampering. After you send the document, the recipient can use the public key to decrypt it and confirm your signature signed it. Successful PKI leads to non-repudiation, a situation in which nobody can, or will, deny their electronic signature.

    Problems

    • One weakness to single-key PKI systems is that if someone obtains your private encryption key, they also have your signature key. That gives them the freedom to fake your signature, in which case non-repudiation no longer applies. A single-key set-up also poses a problem when you back up your system: You need to back up your encryption certificate, but if you duplicate your signature key, that makes it easier for someone to steal it. It's safer to generate a new signature certificate if you lose one, but that's not an option with a single key.

    Dual Key

    • A dual key system consists of two certificates: one for your signature and one for encryption. Using two means that even if someone is able to derive your private encryption key from a document, they can't duplicate your signature. It also allows you to use different algorithms for the two certificates, which gives your IT security greater flexibility. If you have to destroy your signature key for security, you can still hang on to your encryption key.

    Considerations

    • Some professional PKI companies require dual-key certificates. You don't have to use an outside company, however. If you're dealing only within a small group of associates, you can use software that self-certifies your signature. When you exchange documents with a larger group, it often becomes easier to have a professional verification company take over your certifications. There's also an increased risk of deception as more people trade documents, which makes it more advisable you rely on a dual-key system.

Related Searches:

References

Resources

Comments

Related Ads

thumbnail
Featured