Key and Certificate Management with SKIP

Keys and certificates are handled by the key manager. Details of the implementation are presented above. Local-key (that is, your own key) information is managed using the skiplocal command, CA information is managed using the skipca command, and peer certificate information is managed by the skipdb command.

The algorithms used by SKIP are

• The long-term secret-key algorithm. The Diffie-Hellman Key-Agreement algorithm is used.

• The key encryption algorithm. SunScreen SKIP operates a source function on the low-order bits of the Diffie-Hellman key agreement algorithm to yield the key. The key is encrypted using conventional symmetric key cryptography.

• The traffic encryption algorithm. A number of conventional symmetric-key algorithms are supported, such as DES, RC2, and RC4. A random traffic key is used as a key to encrypt data. The algorithms supported are automatically installed by SunScreen SKIP and appear in skiptool.

• The traffic authentication algorithm. Currently, only the keyed MD5 algorithm is used.

As stated earlier, certificates are the digital documents that testify to the binding of a public key to an individual (or other entity) to prevent someone else from impersonating you. For two hosts that are running a security package to communicate, they must exchange certificates or public keys. Common methods of exchange for these items are

1. Certificate Discovery Protocol (CDP)--Hosts running SKIP request each other's certificates through a clear channel. A host can also ask a certificate server for a certificate.

2. Manual Exchange--This procedure is manual in that the certificate and possibly the key are provided by the certifying agency on physical media: tape, diskette or CD-ROM. They must be loaded into the system by the user through the command line provided by the vendor.

SKIP supports the common methods of certificate and key exchange. By default, the key manager asks the host with which it is trying to communicate for its certificate or public key.

It is useful to allow a system to have more than one pair of public-private keys. For example, keys of different sizes may be required because of U.S. export controls or local laws or regulations when communicating with subsidiaries in other countries.

To meet these requirements, SunScreen SKIP implementation allows a system to possess as many pairs of keys as required. Similarly, the SunScreen SKIP can also be configured with the details of several CAs so that certificates signed by different CAs can be checked for authenticity.

For more information on configuring certificate-fetching protocols and certificate management, see the man pages for skipd, skipdb, and skipca.