Cryptography Reference
In-Depth Information
(c) What problems might arise if private signature keys that are required to have
legal standing are generated using this technique?
8
. Visit the website of a well-known commercial CA to establish:
(a) what levels of public-key certificate they issue;
(b) what credentials they require for registration for these different levels of
public-key certificate;
(c) what liability they accept for these different levels of public-key certificate;
(d) how often they publish certificate revocation lists (CRLs);
(e) how clients access CRLs;
(f) what advice they provide clients concerning the importance of checking
CRLs.
9
. Suppose that Alice's public RSA encryption key
PKA
is certified by a root CA,
which also has its own public RSA encryption key
PKC
. A cryptographic protocol
requires the following computation:
E
PKA
(
E
PKC
(data))
.
In other words, Alice is required to encrypt a message using RSA that consists
of data already encrypted using RSA by the CA.
(a) Why might this be a problem?
(b) Would the same problemarise if a symmetric key hierarchy was in place and
a similar computation was made using symmetric keys at different levels in
the hierarchy?
10
. The article 'Ten risks of PKI' by Carl Ellison and Bruce Schneier [70] was written
in 2000 and is widely available.
(a) Briefly summarise the ten risks described in the article.
(b) To what extent do you think these concerns remain valid today?
11
. Provide an example of a real security incident that has arisen due to a
failure in some phase of the public-key certificate lifecycle. For your chosen
incident:
(a) Explain what went wrong.
(b) Explain why this was allowed to happen.
(c) Explain how such an incident could have been prevented.
12
. Some organisations choose to use a central CA to generate key pairs on behalf
of their users and never release the private keys to the users, who can only
activate services that require use of their private key through the CA itself.
(a) How might a user go about 'activating' their private key on the CA's server?
(b) What are the advantages of this approach to public-key management?
(c) What problems might arise from this approach?
(d) What application environments do you think that this approach might work
best in?
