Penetration Testing mailing list archives
Re: Opening PKI encrypted with Public Key outside your Escrow Authority.
From: Enno Rey <erey () ernw de>
Date: Mon, 6 Mar 2006 21:31:31 +0000
Hi,
But If User () Acme com uses the Public Key from User () Beta com to encrypt. Can I open this message using only the Keys I have Escrowed?
no, as you don't have the corresponding private key (the one of user () beta com).
btw: I believe your SOL without that other key as it's encrypted with it. Am I right?
no, it's encrypted with the public key of user () beta com. To decrypt it you would need the private key of user () beta com. As beta.com company/users probably did _not_ hand over their private keys to you (for escrow)... thanks, Enno
Sbenson DRM: "In other words, embarrass and shackle the progress of improvements of tomorrow by recording and registering as law the prejudices and errors of today". - Isambard Kingdom Brunel ------------------------------------------------------------------------------ This List Sponsored by: Lancope "Discover the Security Benefits of Cisco NetFlow" Learn how Cisco NetFlow enables cost-effective security across distributed enterprise networks. StealthWatch, the veteran Network Behavior Analysis (NBA) and Response solution, leverages Cisco NetFlow to provide scalable, internal network security. Download FREE Whitepaper "Role of Network Behavior Analysis (NBA) and Response Systems in the Enterprise." http://www.lancope.com/resource/ ------------------------------------------------------------------------------
-- Enno Rey ERNW Enno Rey Netzwerke GmbH - Zaehringerstr. 46 - 69115 Heidelberg Tel. +49 6221 480390 - Fax 6221 419008 - Mobil +49 173 6745902 www.ernw.de - PGP 055F B3F3 FE9D 71DD C0D5 444E C611 033E 3296 1CC1 ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com ------------------------------------------------------------------------------
Current thread:
- Opening PKI encrypted with Public Key outside your Escrow Authority. Benson, Sean M (Mar 06)
- Re: Opening PKI encrypted with Public Key outside your Escrow Authority. Enno Rey (Mar 07)
- RE: Opening PKI encrypted with Public Key outside your Escrow Authority. Adrian Floarea (Mar 07)
- Re: Opening PKI encrypted with Public Key outside your Escrow Authority. derez (Mar 07)
- <Possible follow-ups>
- RE: Opening PKI encrypted with Public Key outside your Escrow Authority. Benson, Sean M (Mar 07)