Cryptography Reference
In-Depth Information
so we will require this seed to be consistently used each time we generate the key.
But the seed also needs to be kept secure, so where do we store the seed?
For most applications that use this technique, the seed is stored inside the
human brain in the form of a passphrase or strong password. This is precisely
the technique adopted by some cryptographic software to protect private keys,
which are encrypted using a key encrypting key (see Section 12.7.1) and then
stored. The user generates a passphrase, which they are required to remember.
The passphrase is then used as a seed for a deterministic generator that
generates the key encrypting key on the fly. The key encrypting key is then used
to decrypt the encrypted private key. The obvious drawback of this process is
that the security of the stored key is now dependent on the security of the seed
(passphrase) that is used to generate the key encrypting key. However, this is a
pragmatic solution that represents a balance between security and usability that
is appropriate for many types of application.
But it is not always possible to avoid storing a key. For example:
• Suppose that a symmetric key is being used to secure communication between
Alice and Bob, who are in different locations. In some applications Alice and
Bob may be able to locally generate the key precisely when they require it.
However, in many other applications the key will need be stored somewhere,
at least for a short while (for example, if Alice and Bob are both issued with the
key in advance by a mutually trusted third party).
• Many uses of cryptography require long-term access to certain keys. For
example, keys used for secure data storage may themselves need to be stored
for a long time in order to facilitate future access to the protected data.
• Public-key pairs are expensive to generate. Generating them precisely when
they are needed is inefficient. In many cases this is impossible, since the
devices on which the private keys reside (for example, a smartcard) may
have no user interface. Thus private keys almost always need to be securely
stored.
10.5.2 Key storage in software
One option for storing a cryptographic key is to embed the key into software. As
mentioned in Section 3.2.4, conducting any part of the cryptographic process in
software comes with inherent risks. However, storing keys in software is much
cheaper than storing keys in hardware so, as is often the case, the security risks
have to be traded off against the cost benefits.
STORING KEYS IN THE CLEAR
By far the cheapest, and the riskiest, approach is to store keys in the clear in
software. In other words, regard keys as pieces of data that are stored on a hard
drive as unprotected data. Crazy though this sounds, this is often done. One
common approach is to try to 'hide' the keys somewhere in the software. This is
 
Search WWH ::




Custom Search