The IT Law Wiki
The IT Law Wiki

Definition[]

A public/private authentication key pair is a

key pair . . . used by one party (peer, client or server) to authenticate to the other party. Its typical use entails combining a random challenge with the signer-generated random number and signing the result for the benefit of the challenger who wishes to authenticate the private-key holder. Examples of usage include client-authenticated Transport Layer Security (TLS), Virtual Private Network (VPN) authentication, and smart card-based logon. An authentication key pair is generally used in a network environment and is generally used for long-term use (e.g., up to 3 years).[1]

References[]

  1. NISTIR 7956, at 3.