Page 4 - PKI: Looking at the Risks

Dev Shed Forums

Administration
AJAX
Apache
BrainDump
DHTML
Flash
Java
JavaScript
Multimedia
MySQL
Oracle
Perl
PHP
Practices
Python
Reviews
Security
Smartphone Development
Style-Sheets
Web Services
XML
Zend
Zope

Mobile Linux
App Generation ROI
IBM® developerWorks

Forums Sitemap

E-Commerce Hosting
Linux Web Hosting
Managed Hosting
Small Business Hosting
VPS Hosting

Weekly Newsletter
Developer Updates
Free Website Content

Articles

Forums

All Feeds

Write For Us Get Paid

Request Media Kit

Site Map

Privacy Policy
Support

USERNAME

PASSWORD


>>> SIGN UP!
Lost Password?
Google.com

SECURITY

RSS

PKI: Looking at the Risks

By: Eliana Stavrou	Search For More Articles! Disclaimer Author Terms
Rating: / 9
2005-01-24

Table of Contents:

PKI: Looking at the Risks

Trust establishment

Private key protection

CRL availability

Key generation

Legislation compliance

	ADD THIS ARTICLE TO:
	Del.ici.ous	Digg
	Blink	Simpy
	Google	Spurl
	Y! MyWeb	Furl

Email Me Similar Content When Posted

Add Developer Shed Article Feed To Your Site

Email Article To Friend

Print Version Of Article

PDF Version Of Article

PKI: Looking at the Risks - CRL availability
( Page 4 of 6 )

Each issuing authority usually maintains a list containing the serial number of all the digital certificates that have been cancelled due to various reasons i.e. compromised private keys or changes in the information contained on the digital certificate. This list is called the CRL (Certification Revocation List) and the process of verifying whether a digital certificate has been cancelled is called revocation checking.

The risk related to the CRL is concerned with the availability of the list. Assume that the private key of Bob is compromised by Trudy the intruder. Bob has detected the compromise and asked the issuing authority to revoke his certificate and issue him another one. The issuing authority revokes Bob’s digital certificate and places it in the CRL. Then, due to a virus infection, the issuing authority and its services become unavailable. In the meanwhile, Trudy the intruder has sent a digitally signed message to Alice, pretending to be Bob, asking her ID number because he will send her a present. When Alice receives the signed message, her email program, if configured appropriately, will try to verify the status of the digital certificate. Since the CRL is currently not available to any end entity, Alice’s email program could not verify the certificate, even though it has been revoked. This would lead to the acceptance of the certificate as valid. Thus:

digital signatures are wrongly viewed as valid, and
confidentiality has been compromised without the knowledge of sender or recipient.

Alice is excited about her present, so she emails her ID number to Bob, and the message that is intercepted by Trudy the intruder for her own nefarious purposes.

How to minimize the risk: The responsibility of minimizing the risk associated with the CRL availability depends entirely on the issuing authority. Thus, the issuing authority must maintain a strong and secure architecture to avoid security breaches, and a comprehensive fail-over plan that provides a secondary infrastructure to maintain availability of services in the case of a failure of the primary infrastructure.

Next: Key generation >>

	Discuss PKI: Looking at the Risks

	Hi to all readers, thank you for stopping by my article. As you will read in this...

	>>> Post your comment now!



	>>> More Security Articles >>> More By Eliana Stavrou

SECURITY ARTICLES

- Critical Microsoft Visual Studio Security Pa...
- US Faces Tech Security Expert Deficit
- LAN Reconnaissance
- An Epilogue to Cryptography
- A Sequel to Cryptography
- An Introduction to Cryptography
- Security Overview
- Network Security Assessment
- Firewalls
- What’s behind the curtain? Part II
- What’s behind the curtain? Part I
- Vectors
- PKI: Looking at the Risks
- A Quick Look at Cross Site Scripting
- PKI Architectures: How to Choose One
Find More Security Articles