Exchanging Public Keys

The first step in encrypted communication is the exchange of public keys. When this has been done, the users can exchange encrypted and signed data.

There are two ways to obtain each other's public keys:

• Each user can obtain the other's keys in the form of certificates. This is the most secure way to exchange public keys that does not require user interaction.
• Users can exchange public keys by way of the telephone, send them by way of certified mail, or use another secure method. Because the public key is not secret, anyone may view it.

  This method can also be used to validate the public key values exchanged in another manner.

To exchange public keys, the sender exports his or her public key from the CSP into a public key BLOB, using the CryptExportKey function.

When the receiver has received the key BLOB data from the sender, the CryptImportKey function is used to import the key BLOB into its own CSP.