[10409] in cryptography@c2.net mail archive
RE: Welome to the Internet, here's your private key
daemon@ATHENA.MIT.EDU (Trei, Peter)
Wed Feb 6 12:17:41 2002
Message-ID: <F504A8CEE925D411AF4A00508B8BE90A01E90C16@exna07.securitydynamics.com>
From: "Trei, Peter" <ptrei@rsasecurity.com>
To: hoepman@cs.utwente.nl,
"'pgut001@cs.auckland.ac.nz'" <pgut001@cs.auckland.ac.nz>
Cc: cryptography@wasabisystems.com
Date: Wed, 6 Feb 2002 11:12:20 -0500
MIME-Version: 1.0
Content-Type: text/plain
> pgut001@cs.auckland.ac.nz[SMTP:pgut001@cs.auckland.ac.nz]
>
>
> "Trei, Peter" <ptrei@rsasecurity.com> writes:
>
> >One other scheme I've seen, and which, while it doesn't give me warm
> fuzzies,
> >seems reasonable, is to issue the the enduser a smartcard with a keypair
> on
> >it. The SC generates the pair onboard, and exports only the public half.
> The
> >private half never leaves the SC (there is no function on the card to
> export
> >it).
> >
> >If you trust the above, then the only copy of the private key is on the
> SC,
> >despite it having been generated without the end users participation.
>
> This also causes problems, because it's really, really hard to spread the
> key
> around if the only copy is on the card. Solutions I've seen are to
> multiplex a
> single card + reader across multiple machines, or (more commonly) to
> generate
> the key in software and then load it onto the card, with copies kept
> active on
> the host PC. This combines the benefits of smart card security and the
> flexibility of software crypto keys which can be copied and distributed as
> required.
>
> Peter.
>
We're generally talking about a 'is a person' or an 'is an employee' key, in
an enterprise situation. Having a single copy of the private key is usually
acceptable. If it's lost/destroyed then a new one can be issued. Since it's
so closely bound to a single person (typically for access/ email or Single
Signon applications), having a private key that can't operate without the
presence
of the owner (and the card) is usually a feature, not a bug.
Peter T
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
