PKI does not eliminate the need for authenticity when exchanging public keys in an asymmetric encryption environment, but PKI solves the scalability issues associated with that process. It uses the concept of a single, trusted introducer. Instead of securely exchanging all public keys among all devices, only the public key of the trusted introducer has to be securely distributed to all devices, as shown in Figure 25-2. This is usually done by downloading the public key and then verifying it out of band. The trusted introducer performs the role of authentication for the devices: If the devices are authenticated by the trusted introducer, they are considered authenticated to each other. If they are not authenticated by the trusted introducer, they are not authenticated to each other. Essentially, the devices have an explicit (configured) trust to believe anything the trusted introducer tells them.
Figure 25-2. Using the Public Key of the Trusted Introducer
When all devices know the authentic key of the introducer, the introducer can guarantee the authenticity of the public keys of all devices by using a certificate for each device in the topology. The certificate includes information about the identity of a device and its public key. The (publicly trusted) introducer then signs the certificates of the individual devices, and the devices can directly distribute their public keys by sending their certificates. A device receiving such a certificate can verify it by checking the signature of the issuer (the introducer).
Every user in the system trusts information provided by the introducer. In practice, this is accomplished by digital signatures. Anything that the introducer signs is considered to be trusted. To verify the signatures of the trusted introducer, each user of this system must first obtain the public key of the trusted introducer. To become a part of the trust system, all end users enroll with the introducer; that is, they submit their identity and their public key to the introducer, as shown in Figure 25-3.
Figure 25-3. Exchanging Public Keys
The trusted introducer then verifies the identity and public key of each enrolling user and, if they are correct, the trusted introducer digitally signs the submitted public key with the private key of the introducer. The result is a kind of "document" (certificate) for each user that includes the identity (name) of the user and the public key of the user. The trusted introducer provides each user with a signed document, containing the name and public key of the user, bound together by the signature of the trusted introducer. As shown in Figure 25-4, each user now possesses a public and private key pair, the public key of the trusted introducer, and a document with the identity and public key of the user. This document is signed by the trusted introducer.
Figure 25-4. Generation of a PKI Certificate
Because all users now have their own documents containing the correct name and public key, signed by the trusted introducer, and the public key of the trusted introducer, they can verify all data signed by the trusted introducer. The entities can now (independently of the trusted introducer) establish point-to-point trusted relationships by exchanging information about themselves in the form of that document.
In practice, this means that at this stage the end users can mutually exchange signed public keys over an insecure medium and use the digital signature of the trusted introducer as the protection mechanism for the exchange. Again, the signature of the trusted introducer is trusted because it can be verified (the entities have the public key of the trusted introducer), and the trusted introducer and its operations are considered to be secure.
Part I: Cisco CallManager Fundamentals
Introduction to Cisco Unified Communications and Cisco Unified CallManager
Cisco Unified CallManager Clustering and Deployment Options
Cisco Unified CallManager Installation and Upgrades
Part II: IPT Devices and Users
Cisco IP Phones and Other User Devices
Configuring Cisco Unified CallManager to Support IP Phones
Cisco IP Telephony Users
Cisco Bulk Administration Tool
Part III: IPT Network Integration and Route Plan
Cisco Catalyst Switches
Configuring Cisco Gateways and Trunks
Cisco Unified CallManager Route Plan Basics
Cisco Unified CallManager Advanced Route Plans
Configuring Hunt Groups and Call Coverage
Implementing Telephony Call Restrictions and Control
Implementing Multiple-Site Deployments
Part IV: VoIP Features
Configuring User Features, Part 1
Configuring User Features, Part 2
Configuring Cisco Unified CallManager Attendant Console
Configuring Cisco IP Manager Assistant
Part V: IPT Security
Securing the Windows Operating System
Securing Cisco Unified CallManager Administration
Preventing Toll Fraud
Hardening the IP Phone
Understanding Cryptographic Fundamentals
Understanding the Public Key Infrastructure
Understanding Cisco IP Telephony Authentication and Encryption Fundamentals
Configuring Cisco IP Telephony Authentication and Encryption
Part VI: IP Video
Introducing IP Video Telephony
Configuring Cisco VT Advantage
Part VII: IPT Management
Introducing Database Tools and Cisco Unified CallManager Serviceability
Configuring Alarms and Traces
Using Additional Management and Monitoring Tools
Part VIII: Appendix
Appendix A. Answers to Review Questions