Tech Note #35: How Encryption and Digital Signatures Work
1999 Bionic Buffalo Corporation; All Rights Reserved.
19 May 1999
9 of 10
Certificates: Whom Do You Trust?
Digital signatures can assure that a document was signed by a person with a certain public key,
but ultimately it may be important to know who that person is. Anyone can create a public key
with common software, and say their name is X, their address is Y, and so on. How do you
know if they’re telling the truth?
There are two approaches to answering this question. Both involve certificates, which are
digitally signed statements, which attest to the identity of a keyholder. The difference is in who
issues the certificates.
One approach, used by PGP, allows anyone to vouch for anyone else’s identity. It is up to the
individual to decide whom to trust. The user must decide whom to believe, when a statement is
made that a key belongs to a certain person. If someone you trust introduces someone else by
vouching for the authenticity of his key, then you are more inclined to believe it than if you were
introduced by a stranger. In the PGP approach, one person can sign another person’s key, as a
statement that the key belongs to the ostensive owner. The overall structure is called the web of
The other approach, more favored by governments and other hierarchical entities, uses formal
certificate authorities (or CAs). The root CA issues certificates of authenticity, after asking the
applicant to present credentials such as driver’s licenses, passports, or other such items.
Usually, the CAs are organized in hierarchies; for example, a national government might operate
a root CA, which accredits secondary CAs, which accredit individual users.
Technically, there is no inherent advantage to one approach over another. The choice should
be based on practical - and philosophical - considerations. Certainly, it is possible to use both
Putting Them All Together
A typical scenario uses all three tools: symmetric cryptography, asymmetric cryptography, and
The common steps in a secure communication are:
Exchange public keys, so it is possible to send secure messages between the users.
Generate a pseudo-random session key, which can be used by symmetric cryptosystems.
Using asymmetric (public key) cryptography, share the secret session key.
Switch to symmetric cryptography, using the secret session key. The switch to symmetric
cryptography is done, because the computational burden is lower than with public key
cryptography. The initial public key may be used only to exchange session keys, or it may
be more permanent.