The problem of achieving confidentiality is solved by using encryption techniques as described in [Sch96]. For speed issues we will use symmetric algorithms such as IDEA or DES. In the case where we need asymmetric encryption we will still use a symmetric algorithm to encrypt the message with a new random key and we only encrypt the random key with the asymmetric method, resulting in a large speedup.
The asymmetric algorithm we use is RSA with a minimum of 512 bits or an elliptic curve algorithm. RSA allows us to encrypt information as well as producing digital signatures. The RSA public keys are distributed by using an existing public key infrastructure as described in the following paragraph.
A public key infrastructure aims to bind a principals identity to a public key. A principal, which can be a human or an organization, register its identity and the corresponding public key to some trusted entities in the infrastructure. The trusted entities, who set and publish guidelines, certify new principals who comply with the guideline, and validate the binding upon request. This is the basic assumption by well-known public key infrastructures such as X.509 and PGP. The difference is in turns of architecture; namely how these certification authorities interact with each other to make it scalable to a large number of principals.
Currently there are two widely used public infrastructure, X.509 and PGP. X.509 has a hierarchical structure equivalent to a tree. The root is called the Internet Policy Registration Authority (IPRA). Beneath the IPRA are Policy Certification Authorities (PCA), each of which establishes and publishes its policies for registration of users or organizations. PCAs in turn certify CAs, which in turn certify subordinate CAs, users, or organizations. When user A wants to authenticate user B's public key, user A finds the proper certification path by traversing up the certification hierarchy until a mutual CA is reached and then traversing down the hierarchy until user B is reached.
PGP adopts the ``Web of Trust'' model, where each principal can also a CA, and a network of principals forms a public key infrastructure. To establish a certification path from user A to B, user A queries a list of trusted principals about user B, which can in turn query their trusted principals, until user B is reached. The problem of PGP is the assumption that trust is transitive. If user A trust user B's public key is correct, it does not imply user A trust user B's judgement on user B's list of trusted public keys.
To achieve the message integrity we need a hashing algorithm. Since MD5 has been proven not to be robust enough against collisions we will use SHA or RIPE-MD.