Security Basics mailing list archives
RE: integrity and mail encryption
From: "Ig Vermaak" <Ig.Vermaak () namitech com>
Date: Tue, 8 Nov 2005 07:53:08 +0200
Hi Pranav, First thing to remember is that the term “public key infrastructure” does not only refer to the “technical” details involved with the certificates, meaning that it also covers aspects involving the processes and procedures around PKI. An example of this is the way in which we issue certificates to end-users, the basic process is: - User requests a certificate - PKI Administrator creates a “passcode” that will allow user to download cert from our Managed PKI web interface. - Upon receipt of this passcode (which is in a sealed envelope and can only be used once) user provides identification, in our case we use our identity document, to the administrator. - User agrees to take full responsibility for the safekeeping and protection of the private key associated with this cert. - User downloads and installs certificate. Then to get to your question regarding how PKI provides non-repudiation – there are roughly 3 “mainstream” ways to issue and install a user certificate. The 3 being: - Software, i.e. it sits inside the Microsoft Certificate Store and can be password protected. - Smartcard / Token, the cert resides on a smartcard which can also be PIN protected. - Smartcard combined with Biometrics, the cert resides on a smartcard that can only be unlocked by supplying the correct biometric features. So in all of these cases the user can give access to his/her private key to another person, just as the administrator of your domain can give the domain admin password to someone. This is where the correct processes and procedures make the difference. Also proper user training ensures that users realise the importance of protecting their private keys. From the 3 techniques listed above it is obvious that the first is the least secure, and most likely to be compromised. The second is much more secure, due in part to the fact that once a private key is put on a smartcard it cannot be exported again, only deleted. The 3rd option is by far the way to go if you want to be almost 100% sure that they private key cannot be compromised – but here it is recommended to consider if your not doing “security by obscurity”. ☺ So in summary – the only way to ensure non-repudiation is by having the correct procedures and security mechanisms around your public key infrastructure. The weakest point will always be the human factor. Regards Ig Vermaak Information Security Engineer Altech NamITech Proudly South African Tel No: +27 11 458 0000 Direct No: +27 11 372 3903 Fax No: +27 11 372 3903 Cell No: +27 82 780 6980 ig.vermaak () namitech com NamITech Holdings (Pty) Limited Directors: CG Venter (Chairman), AR Jones (Managing Director)*, JEW Carstens, JJ du Plooy, NB Kettles*, J Meuthen (German), SA Msibi, NA Ntsele, SH Sidley, K Vedder (German). Alternate Directors: AP de Wet, FM Haniel (German), M Kümmerle (German), N Mwale* - *Executive Reg. No. 1972/00321/06 NamITech (Pty) Limited Directors: AR Jones (Managing Director), M Saunderson (Financial Director), SH Sidley, CG Venter. Reg. No. 1987/006412/07 Company Secretary: Altech Management Services (Pty) Limited. Web: http://www.namitech.com/ This email is subject to an email disclaimer To read our e-mail disclaimer notice go to http://www.namitech.com/email.htm Alternatively please contact us on: +27 11 458 0000 -----Original Message----- From: Pranav Lal [mailto:pranav.lal () gmail com] Sent: 05 November 2005 06:03 PM To: security-basics () securityfocus com Subject: RE: integrity and mail encryption Hi Adrian, How do you establish ownership of a private key? As others have said you need a certifying authority to establish this so a public key infra-structure by itself does not provide non-repudiation. Pranav on Friday 11/4/2005 02:40 PM, Adrian Floarea said: In fact the public key digital signature provide non-repudiation which means that only the person which has the corresponding private key can make a digital signature. Shortly, the process is: you have a private key and a public key. The private key is secret. When you make a digital signature, first you make a hash of electronic data and after that, you encrypt this hash with your private key. When someone wants to verify your signature, make again the hash on the data, decrypt the original hash using your public key and after that, compare them. Because, you are the only person which has the private key, you can't deny that you are the person who make the original digital signature. Actually the process is much complicated, but the essence is that what I explain bottom. Regards, Security Product Team Leader Adrian Floarea, CISA Information Security Department Bucharest, Romania Email: adrian.floarea () uti ro -----Original Message----- From: Pranav Lal [mailto:pranav.lal () gmail com] Sent: Wednesday, November 02, 2005 11:21 PM To: security-basics () securityfocus com Subject: RE: integrity and mail encryption Hi Bob, How does public key encryption provide non-repudiation Pranav
Current thread:
- RE: integrity and mail encryption, (continued)
- Message not available
- RE: integrity and mail encryption Pranav Lal (Nov 03)
- RE: integrity and mail encryption David Gillett (Nov 04)
- RE: integrity and mail encryption Robert Hines (Nov 04)
- RE: integrity and mail encryption Andrew Chong (Nov 04)
- RE: integrity and mail encryption Robert Hines (Nov 07)
- RE: integrity and mail encryption Adrian Floarea (Nov 04)
- RE: integrity and mail encryption Pranav Lal (Nov 07)
- RE: integrity and mail encryption Adrian Floarea (Nov 07)
- RE: integrity and mail encryption David Gillett (Nov 07)
- Re: integrity and mail encryption Saqib Ali (Nov 04)