The present invention relates to a method for managing a public key, and more particularly to the method for managing a public key which is appropriate to a public key encryption system used for keeping security of a network.
As a method of realizing security in communications through the internet, for example, an IPSEC (IP SECurity) may be referred which is a security protocol for IP (Internet Protocol) layers. A representative one of the publications on the IPSEC is [REC1825] “Security Architecture for the Internet Protocol” written by R. Atkinson and issued by IETF (Internet Engineering Task Force).
The key management protocol accompanied with the IPSEC uses the public key encryption system. As the prior art on the key management protocol, for example, the technology called SKIP has been known which is described in “Simple Key-Management For Internet Protocol” written by Ashar Aziz, Tom Markson, Hemma Prafullchandra and issued by IETF. Hereafter, the key management protocol will be described.
It is assumed that two hosts A and B are provided for executing security communications within a network and encryption communications through the use of the common key encryption system based on the IPSEC, in which the host A knows the public key of the host B, while the host B knows the public key of the host A.
In doing communications, the host A operates to combine its own secret key with the other public key for creating a key K(A) for encrypting the common key, while the host B operates in the same manner for creating a key K(B) for encrypting the common key. For example, when the host A transmits data to the host B, the host A operates to create the common key T and encrypt the data with the common key T and the common key T with the key K(A). The host A operates to insert a new header containing information on the encrypted common key T after the IP header. The host B on the receiving side operates to decrypt the encrypted common key T in the packets with its own secret key and decrypt the data of the encrypted packets with the decrypted common key T. In the security communication between the hosts A and B, the common key for encrypting the data is periodically updated.
The conventional key management protocol accompanied with the IPSEC requires the two hosts for doing the security communication with each other to know the other's public key before starting the communication.
The aforementioned conventional method does not have a method for automatically and safely exchanging the public key between the two hosts that try to do the security communication before starting the communication. It means that for exchanging the public key one public key has to be given to the other host by hands, which disadvantageously makes the management of the public key more complicated. Further, if the network is configured in larger scale, this prior art has a disadvantage that it puts a greater burden on a manager of the network.
As another disadvantage, if the public key unaccompanied with authentication on the network is distributed, the foregoing prior art cannot prevent a malignant host from being feigned to be a proper target host of the security communication.