It is normal and OK. If you want to clean up useless keys, just quit Messages app first, then open Keychain and delete all items named "iMessage Signing Key" and "iMessage Encryption Key". Then you should restart OS X, after rebooting, OS X will request and generate new key pairs for iMessage encryption.

这是正常的。如果您想清理无用的密钥，只需先退出消息应用程序，然后打开钥匙串并删除所有名为“iMessage 签名密钥”和“iMessage 加密密钥”的项目。然后你应该重新启动 OS X，重新启动后，OS X 将请求并生成新的 iMessage 加密密钥对。

The number of key pairs depends on how many addresses you set to receive iMessage. Open "Messages" -> "Preferences" -> "Accounts", under "You can reached fro messages at:" section, if you checked 4 addresses, OS X will generate 4 "iMessage Signing Key" and 4 "iMessage Encryption Key" and store them to Keychain.

密钥对的数量取决于您设置的接收 iMessage 的地址数量。打开“消息”->“首选项”->“帐户”，在“您可以在以下位置获取消息：”部分，如果您检查了 4 个地址，OS X 将生成 4 个“iMessage 签名密钥”和 4 个“iMessage 加密密钥”并将它们存储到钥匙串。

For details, iMessage system generates two pairs for each address, that is an RSA 1280-bit key for encryption called "iMessage Encryption Key" and an ECDSA 256-bit key for signing called "iMessage Signing Key". The private keys are saved in the device's Keychain and the public keys are sent to Apple's directory service. The user's outgoing message is individually encrypted using AES in CTR mode for each of the recipient's devices, signed using the sender's private key, and then dispatched to the Apple iMessage Service for delivery. You can check this out from iOS Security Guide. BTW, on OS X, this is done by /System/Library/PrivateFrameworks/MessageProtection.framework.

具体来说，iMessage 系统为每个地址生成两对，即一个 RSA 1280 位加密密钥，称为“iMessage 加密密钥”，一个 ECDSA 256 位签名密钥，称为“iMessage 签名密钥”。私钥保存在设备的钥匙串中，公钥被发送到 Apple 的目录服务。用户的外发消息使用 AES 以 CTR 模式为每个收件人的设备单独加密，使用发件人的私钥签名，然后发送到 Apple iMessage 服务进行传递。您可以从iOS 安全指南 中查看。顺便说一句，在 OS X 上，这是由/System/Library/PrivateFrameworks/MessageProtection.framework.