Cryptography Reference
In-Depth Information
Since private and public keys are interdependent, any requirement to change one
of them requires the other also to be changed. Changing a private key is arguably
simpler than changing a symmetric key. However, changing public keys requires
special mechanisms, which we will discuss in Section 11.2.3.
10.6.3
Key activation
When assessing the security of any key management system, it is important to
pay attention to the processes by which keys are
activated
, by which we mean
that their use is 'authorised'. We observed in Section 8.3.3 that one problem with
using identity information based on a cryptographic key for entity authentication
can be that the effective security is not as strong as expected. This problem arose
because in the scenario under discussion the key was activated by a less-secure
mechanism, such as a password.
This potential problem applies more widely than just to entity authentication.
Indeed, in any use of cryptography we have to instruct the device performing
the cryptographic computation to select a particular key for use. If this all
takes place within the confines of an HSM then we may have little to be
concerned about. However, in many applications key activation requires human
interaction.
As an example, consider a signature key stored on a computer for digitally
signing emails. If RSA is being used then this signature key might, reasonably, be
up to 2048 bits long, which is clearly a value that the human owner of the key will
not be capable of memorising. When the user decides to digitally sign an email,
the user needs to instruct the email client to activate their signature key. Several
scenarios may now apply, depending on how the key is stored (if at all) on the
computer. These include:
Key stored on the computer in the clear
. In this case the user might activate
the key simply by entering an instruction, perhaps selecting the key from a
list of potential keys stored on the computer. Key activation is thus possible
for anyone with access to the computer. In this case the effective security of
the keys is simply linked to the security required to access the computer itself,
which perhaps just requires a valid username and password.
Key stored on the computer in encrypted form
. The user might activate the key
in this case by being prompted to provide some secret identity information,
such as a passphrase. This passphrase would then be used to generate the key
that can be used to recover the signature key. In this case the effective security
is linked to the security of the passphrase.
Key generated on the fly
. In this case the key is not stored on the computer, but is
generated on the fly. The activation of the key is thus linked to the generation
of the key. Again, one way of implementing this is to request some identity
information such as a passphrase from the user. Thus the effective security of
the key is again determined by the security of this passphrase.
