As we discussed in Chapter 2, public-key cryptography involves the use of public/private-key pairs to facilitate digital signature and key management services. The fundamental principle that enables public-key technology to scale is the fact that the public component of the public/private-key pair may be distributed freely among the entities that need the public component to use the underlying security services. (See Chapter 4 and Chapter 5 for more information regarding security services enabled through the use of a PKI.)

However, distribution of the public component without some form of integrity protection would defeat the very foundation for these security services. Thus, the public-key component must ...