Ready to Start Your Career?

CISSP Study Guide: Key Pair Usage

Cybrary's profile image

By: Cybrary

December 15, 2022

Key pairs are used in a range of functions. With most PKI implementations, only single key pairs are used. Sometimes a CA needs to generate multiple key pairs in situations where backup private keys are required but the possibility of a forged digital signature is acknowledged.

For example, if someone is the backup operator, that person is responsible for the backup of all data, including the user's private keys. If that individual has any grievances they could use a private key to forge a signature for personal gain. The recipient of that signature, say the CFO, would have no reason to distrust the message and its content.

To avoid scenarios such as this, many public key infrastructures support the use of dual keys. In the example above, the CFO has two separate key pairs. The first key pair is used for authentication or encryption, while the second key pair is used for digital signatures.

The private key used for authentication and encryption can still be backed up for safekeeping. The second private key would never be backed up and would not provide the security loophole that using single keys creates. The CFO could continue using his second private key for signing emails without fear of the key being misused.

Schedule Demo

Let's build your cybersecurity career together

Accelerate in your role, prepare for certifications, and develop cutting edge skills with the most in-demand training in the industry.

2,000+learning activities led by highly experienced cybersecurity professionals