1. Technical Field
This invention relates generally to the field of communications, and in particular to secure communications.
2. Description of the State of the Art
In many modern communication systems, security of information is a major concern. When a communication system or medium cannot be physically secured, such as in wireless communication networks or wide area networks like the Internet, a secure communication scheme may be critical. For example, in so-called electronic commerce (e-commerce) and mobile commerce (m-commerce) transactions, credit card, financial or other confidential or sensitive information must be transferred between parties. Such information is normally encrypted before being sent over a communication network and a receiver of the information then decrypts the encrypted information to recover the original information.
A typical problem in secure communication systems is managing the encryption and decryption of information. One known secure communication scheme is a so-called public key scheme, in which a public key is used to encrypt information and a corresponding private key is used for decryption. For example, if two parties, commonly referred to as “Alice” and “Bob” for illustrative purposes, wish to securely exchange information, then Alice must be able to decrypt any information encrypted for her by Bob and Bob must be able to decrypt any information encrypted for him by Alice. In a public key system, Alice and Bob would each use a respective secret or private key a, b to decrypt information which was encrypted using a corresponding public key A, B. Therefore, Alice and Bob are able to decrypt information which was encrypted using their respective public keys A, B. Similarly, in a public key system, any sender must use the public key for an intended receiver of the information. Even though others may know the values of the public keys, the corresponding private keys are required for decryption and are kept secret. The public and private keys are normally designed such that it is not computationally feasible to decrypt encrypted information or derive the private key using the public key.
Thus, in order for a sender to securely send information to a receiver, the sender must somehow obtain the receiver's public key; otherwise, the receiver will be unable to decrypt the received information. This key distribution function is normally performed by a certificate authority (CA), which maintains a record of public keys for a plurality of users in the system. A sender can then obtain the receiver's public key from the CA and use the public key to encrypt information to be sent to the receiver. In the above example of Alice and Bob, Alice may contact a CA to obtain Bob's public key B and then use the public key to encrypt transmissions to Bob. Using the private key b, Bob is able to decrypt any encrypted information received from Alice.
In known systems, a CA normally returns a digital certificate in response to a request for a public key. A digital certificate is generated by the CA and typically contains such certificate information as a name of the entity to which the public key corresponds (commonly known as the subject name), a date the certificate was issued, the public key, and possibly other information. The CA generates a digital signature, which binds the entity or subject name to the public key, for example by performing one or more preferably non-invertible mathematical operations such as a hash on the certificate and applying a private key of the CA to the result. The certificate can then be validated by verifying this digital signature using the public key of the CA.
Some known systems similarly provide for verification of communications through private key-generated signatures. For example, when Alice wishes to communicate with Bob, Alice may generate a digital signature using her private key a and append the digital signature to the information to be transmitted. Bob can then use Alice's public key A to verify the digital signature and thereby confirm that the information was actually sent by Alice.
However, not every entity that may be involved in secure communications is registered with a single global CA. Many different CAs currently exist, any of which may be chosen by an entity to manage its public key. Since each CA may use different information transfer protocols, an information sender may need to support the transfer protocols of multiple CAs, for example where the particular operations or applications resident on a system require access to different CAs. In communication devices such as mobile communication devices, which tend to have limited memory and processing resources, multiple CA support becomes particularly challenging.