Wednesday, 2 February 2011

Private keys

The point about public key cryptography is that public keys are public: they are used to prove possession of a secret (namely, the private key) without revealing any information about secret. This is called a Zero Knowledge proof. In other words, much of the level of assurance in the infrastructure rests on management (not just protection) of private keys.

So this is why you have all generated your keys and protected them with strong passphrases.

Recently there has been some discussion among the grid CAs as to whether the rules can be relaxed, without lowering the level of assurance too much. Many people generate their keys on systems which are maintained by someone else: e.g. your desktop at work, or maybe even a UI.

This leads to the proposed loosening of the rules, or perhaps a better description of existing practices.

It is likely that in the future, we will support private keys generated by:
  • users themselves, on trusted systems (eg your own machine, or your desktop machine at work)
  • institutions, letting them pre-generate keys for their users (apparently some like to do this);
  • third parties: e.g. running a credential repository like MyProxy.
However, as with much change, it is easy to introduce new rules without fully understanding the problem. There are serious (but fixable) problems with the draft rules. For example, different CAs interpret "third parties" in different ways. Is the CA a third party? I would have thought not. Would the NGS count as a third party, despite the fact that it runs a CA? Probably.

Anyway; the upshot of this is that private key protection rules will be relaxed. What is currently missing is the in-depth understanding of the security aspects of the lifecycle of the private key. I have soapboxed on this topic before. More on this later. Stay tuned.

No comments: