Developers have implemented various protocols for ensuring the security of information. Asymmetric cryptographic systems are used for authentication purposes and to exchange keys between entities. Additionally, public key certificates may be issued by, for example, a certificate authority to verify the authenticity of a particular entity's key signature or public key. Public Key Infrastructure (PKI) schemes are implemented in this way and a PKI validation path terminates at a trusted public key known as a trust anchor. Oftentimes, the public key of a certificate authority (CA) is such a trust anchor. PKI schemes rely on the trustworthiness and meticulousness of the certificate authority to ensure that the trust anchor is valid.
Entities interacting with one another sometimes require that their identities be kept secret from each other. In such circumstances, PKI schemes are inappropriate but other schemes may be used. For example, direct anonymous attestation and Enhanced Privacy Identification allow each entity to remain anonymous in an interaction. However, when a certificate authority or other third party is not used to establish a trust anchor, the entities must establish a trust anchor among themselves. In doing so, one or more of the entities may store public keys. If malware is able to modify or introduce new public keys to the key database of an entity, then an adversary may be able to induce the entity into trusting it. As such, in some implementations, public keys should be kept as safe as private keys to ensure optimal security.