Re: SSL, Apache 2 and RSA key sizes
- From: Mike Amling <nospam@xxxxxxxxxx>
- Date: 28 Aug 2006 20:17:29 EDT
Peter Fairbrother wrote:
Jason wrote:
Peter Fairbrother wrote:Sometimes servers use RSA key-exchange keys only once and then discard them,Why is it bad to use the same RSA key for both encryption and signing?
signing each new RSA key-exchange key with their RSA signature key, but not
often. They will typically reuse the same RSA key-exchange key a lot,
sometimes even using the same RSA key for both key-exchange and signature
functions (bad).
2) If the same key is used for encryption and signing it is possible for an
attacker to get you to decrypt a message by getting you to sign something -
signing X is exactly the same as decrypting X - and vice versa, he can get
you to sign something by getting you to decrypt it.
Note that this is not a threat if you use proper padding schemes.
Also, it may easily be a business requirement to have backups of all encryption keys, to prevent loss of access to encrypted files. But a business should not have copies of its employees signing keys, to make sure each employee can be held responsible for everything he signs.
--Mike Amling
.
- Follow-Ups:
- Re: SSL, Apache 2 and RSA key sizes
- From: Peter Fairbrother
- Re: SSL, Apache 2 and RSA key sizes
- References:
- Re: SSL, Apache 2 and RSA key sizes
- From: Jason
- Re: SSL, Apache 2 and RSA key sizes
- From: Peter Fairbrother
- Re: SSL, Apache 2 and RSA key sizes
- Prev by Date: Re: SSL, Apache 2 and RSA key sizes
- Next by Date: Re: SSL, Apache 2 and RSA key sizes
- Previous by thread: Re: SSL, Apache 2 and RSA key sizes
- Next by thread: Re: SSL, Apache 2 and RSA key sizes
- Index(es):
Relevant Pages
|
|
