Presentation is loading. Please wait.

Presentation is loading. Please wait.

Private Key Protection. Whats it about Without the private key, the certificate is useless One of two main purposes of cert: –Prove possession of private.

Published byOwen Sanchez Modified over 10 years ago

Similar presentations

Presentation on theme: "Private Key Protection. Whats it about Without the private key, the certificate is useless One of two main purposes of cert: –Prove possession of private."— Presentation transcript:

1 Private Key Protection

2 Whats it about Without the private key, the certificate is useless One of two main purposes of cert: –Prove possession of private key –Without revealing information about private key Thus it is necessary to protect the private key

3 Use of Certificates Personal certificates –Private key activated by person at time of use –Private key activated once, then held open Host certificates –Private key unprotected (use when booted) –Or protected (passphrase when starting) CA certificates –Private key activated when signing

4 Protection of Private Key Software vs Hardware Passphrase, no passphrase Subject certificates can be revoked and reissued But what if they cant? E.g., VOMS. Or the CA itself?

5 Protection from what? Compromise… –Attacker is able to use key –Normal confidentiality issues Loss… –Legitimate user unable to use key –Normal curation and storage issues

6 Compromise and Loss Compromise –Stolen key (unencrypted) –Break into machine with unencrypted key –Disgruntled employee vanishing with key material –Key stored on NFS partition with weak passphrase? Loss –Somebody steals all the copies of your keys –(We tell users to create backups, CAs are backed up) –ROBAB –Not just key, also crucial procedures

7 Consequences of Compromise Attacker can use the private key maliciously Worse, loss of trust in legitimate signatures => key cannot be used Potentially loss of trust in infrastructure and ops

8 Recovery from Compromise Announce revocation Subject certificates can be revoked and reissued But sometimes they cant –When the trust is in the certificate –Not the DN –Cf VOMS. Or the CA!

9 Consequences of Loss Entity unable to use private key (duh) Potentially loss of trust in infrastructure and ops Potentially expensive recovery (e.g. from ROBAB)

10 Recovery from Loss Similar to compromise! New certificate must be created and distributed Means to re-establish trust Re-establish procedures

11 Preventing Loss AND Compromise Confidential Curation? Keep multiple separate copies –Which is good for curation purposes –But can be bad for confidentiality Documented and tested recovery procedures –Which is good for curation purposes –But can be bad for confidentiality More than one person can access backup –Which is good for curation purposes –But can be bad for confidentiality

12 Between a rock and a hard place Does it make sense to define these: –Suspected compromise –Potential compromise –Possible compromise And if so, what are they? Tetrapilectomy (Eco) If the CAs private key is compromised or suspected compromised…

13 Other variations

14 How to store a key for 10+ years Print on paper… (scannable font) Store in a safe location…how to one? –In a lab where access is guaranteed to: cleaners, health and safety inspectors, electricians, … –Truly safe locations are expensive (hard to argue business case) –Off site? –Accessed by legitimate users (ROBAB)?

15 n-of-m protection Shamir secret sharing (3-5, 4-7, 5-9, …) –Can re-encode easily 2048 bit key: large numbers –Only need 1024 secret bits, modulus is public! Needs programming! Need HLL native bigint implementation –Lisp, Java, Python, Caml Multiple implementations? (stable languages, not latest fad)

16 Secret Sharing contd Now, each share is >= 1024 bits (or so, depending on parameter choice) 2**1024 = 10**309 = 16 ** 256 = 36**198 Not rememberable – must be written down Share holder must understand how to use it… Stable member of staff…? Testing? Rekeying? Rekeying regularly?

Download ppt "Private Key Protection. Whats it about Without the private key, the certificate is useless One of two main purposes of cert: –Prove possession of private."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Introduction of Grid Security

Introduction of Grid Security
Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Technical Presentation AIAC 2010-2011 Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.

Technical Presentation AIAC Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
A responsibility based model EDG CA Managers Meeting June 13, 2003.

A responsibility based model EDG CA Managers Meeting June 13, 2003.
 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,

 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct, 17 2012.

Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
Presentation Two: Grid Security Part Two: Grid Security A: Grid Security Infrastructure (GSI) B: PKI and X.509 certificates C: Proxy certificates D:

Presentation Two: Grid Security Part Two: Grid Security A: Grid Security Infrastructure (GSI) B: PKI and X.509 certificates C: Proxy certificates D:
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
\ 2008-11-13Grid Security and Authentication1. David Groep Physics Data Processing group Nikhef.

\ Grid Security and Authentication1. David Groep Physics Data Processing group Nikhef.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”

CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Security Management.

Security Management.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

Similar presentations

Ads by Google