Configuring Security

Dual Key Pair Systems

Advanced Security in Exchange is a dual key pair system. Two key pairs are created for each enrolled user. One key pair is for creating digital signatures and the other key pair is for encrypting messages.

Note   If you choose to have KMS issue X.509v1 certificates in your organization, an additional key pair for digital signatures will be created. One signature key pair will be used with X.509v1 certificates, and the other signature key pair with X.509v3 certificates.

The user's private encryption key is kept on a Key Management server, which means it can be accessed by KMS administrators. This allows system-wide key recovery, key revocation, and other key management tasks designed to safeguard encrypted data within your organization.

The user's private signature key, however, is stored securely on the user's computer. This means the user is the only person who can access their private signature key, preserving the non-repudiation feature of digital signatures. If private signature keys were stored on a Key Management server along with private encryption keys, it would be possible for an administrator to access another person's signature key and falsely sign that person's name to a document. By ensuring that no one but the intended user can access a private signing key, forgery of a digital signature is not possible. Therefore, when someone makes a promise or commitment, such as in a legal contract, and signs their message with a digital signature, they cannot later deny it or claim that someone else wrongly signed their name.