RE: integrity and mail encryption
From: Ig Vermaak (Ig.Vermaak_at_namitech.com)
Date: 11/08/05
- Previous message: Randy Johnson: "RE: DNS and DHCP appliances"
- Maybe in reply to: Adrian Floarea: "RE: integrity and mail encryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 8 Nov 2005 07:53:08 +0200 To: <security-basics@securityfocus.com>
Hi Pranav,
First thing to remember is that the term “public key infrastructure” does not only refer to the “technical” details involved with the certificates, meaning that it also covers aspects involving the processes and procedures around PKI. An example of this is the way in which we issue certificates to end-users, the basic process is:
- User requests a certificate
- PKI Administrator creates a “passcode” that will allow user to download cert from our Managed PKI web interface.
- Upon receipt of this passcode (which is in a sealed envelope and can only be used once) user provides identification, in our case we use our identity document, to the administrator.
- User agrees to take full responsibility for the safekeeping and protection of the private key associated with this cert.
- User downloads and installs certificate.
Then to get to your question regarding how PKI provides non-repudiation – there are roughly 3 “mainstream” ways to issue and install a user certificate. The 3 being:
- Software, i.e. it sits inside the Microsoft Certificate Store and can be password protected.
- Smartcard / Token, the cert resides on a smartcard which can also be PIN protected.
- Smartcard combined with Biometrics, the cert resides on a smartcard that can only be unlocked by supplying the correct biometric features.
So in all of these cases the user can give access to his/her private key to another person, just as the administrator of your domain can give the domain admin password to someone. This is where the correct processes and procedures make the difference. Also proper user training ensures that users realise the importance of protecting their private keys.
From the 3 techniques listed above it is obvious that the first is the least secure, and most likely to be compromised. The second is much more secure, due in part to the fact that once a private key is put on a smartcard it cannot be exported again, only deleted. The 3rd option is by far the way to go if you want to be almost 100% sure that they private key cannot be compromised – but here it is recommended to consider if your not doing “security by obscurity”. ☺
So in summary – the only way to ensure non-repudiation is by having the correct procedures and security mechanisms around your public key infrastructure. The weakest point will always be the human factor.
Regards
Ig Vermaak
Information Security Engineer
Altech NamITech
Proudly South African
Tel No: +27 11 458 0000
Direct No: +27 11 372 3903
Fax No: +27 11 372 3903
Cell No: +27 82 780 6980
ig.vermaak@namitech.com
NamITech Holdings (Pty) Limited Directors: CG Venter (Chairman), AR Jones (Managing Director)*, JEW Carstens,
JJ du Plooy, NB Kettles*, J Meuthen (German), SA Msibi, NA Ntsele, SH Sidley, K Vedder (German).
Alternate Directors: AP de Wet, FM Haniel (German), M Kümmerle (German), N Mwale* - *Executive
Reg. No. 1972/00321/06
NamITech (Pty) Limited Directors: AR Jones (Managing Director), M Saunderson (Financial Director), SH Sidley, CG Venter.
Reg. No. 1987/006412/07
Company Secretary: Altech Management Services (Pty) Limited.
Web: http://www.namitech.com/
This email is subject to an email disclaimer
To read our e-mail disclaimer notice go to http://www.namitech.com/email.htm
Alternatively please contact us on: +27 11 458 0000
-----Original Message-----
From: Pranav Lal [mailto:pranav.lal@gmail.com]
Sent: 05 November 2005 06:03 PM
To: security-basics@securityfocus.com
Subject: RE: integrity and mail encryption
Hi Adrian,
How do you establish ownership of a private key? As others have said you need a certifying authority to establish this so a public key infra-structure by itself does not provide non-repudiation.
Pranav
on Friday 11/4/2005 02:40 PM, Adrian Floarea said:
In fact the public key digital signature provide non-repudiation which means that only the person which has the corresponding private key can make a digital signature. Shortly, the process is: you have a private key and a public key. The private key is secret. When you make a digital signature, first you make a hash of electronic data and after that, you encrypt this hash with your private key. When someone wants to verify your signature, make again the hash on the data, decrypt the original hash using your public key and after that, compare them. Because, you are the only person which has the private key, you can't deny that you are the person who make the original digital signature.
Actually the process is much complicated, but the essence is that what I explain bottom.
Regards,
Security Product Team Leader
Adrian Floarea, CISA
Information Security Department
Bucharest, Romania
Email: adrian.floarea@uti.ro
-----Original Message-----
From: Pranav Lal [mailto:pranav.lal@gmail.com]
Sent: Wednesday, November 02, 2005 11:21 PM
To: security-basics@securityfocus.com
Subject: RE: integrity and mail encryption
Hi Bob,
How does public key encryption provide non-repudiation
Pranav
- Previous message: Randy Johnson: "RE: DNS and DHCP appliances"
- Maybe in reply to: Adrian Floarea: "RE: integrity and mail encryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
