[Home]PublicKeyInfrastructure

MeatballWiki | RecentChanges | Random Page | Indices | Categories

What you can do with PublicKeyCryptography, if you're able to add some more work. The key points that all this is built on are DiffieHellmanKeyExchange? and PublicKeyEncryption, as best shown by RSA.

The first application is DigitalSignature. If I encrypt a message with my PrivateKey, everyone with access to my PublicKey can decrypt that message, but with that PublicKey, only I could have encrypted it. This provides NonRepudiation? and UserAuthentication?. More or less.

The problem with that is this: On the internet, nobody knows you're not me. You could get a computer account with someone else's username and publicize your identity and PublicKey from that site, and and there'd have to be something beyond the assurances of your and my websites to convince people that I'm me and you're not.

There's two ways of doing this: HierarchicalTrust and WebOfTrust. HierarchicalTrust flows more or less like this: My boss signs my PublicKey, his boss signs his PublicKey, up to the top of the hierarchical structure, and that key is signed by VeriSign or another trust vendor. Of course, not all relations are hierarchical. My friends bear a web-like relationship, not a hierarchical relationship. Developers in OpenSource and FreeSoftware projects often do not bear a hierarchical relationship. So, something that describes their relationship. Thus the WebOfTrust.

Also: ZeroKnowledgeProof?, SecureShell?

CategoryCryptography


Of course, if you don't properly validate users you can still be vulnerable to attacks. According to a recent [Microsoft Security Bulletin], an unknown person convinced VeriSign to issue two certificates in the name of "Microsoft Corporation". From the bulletin:

Whats the scope of the problem?

VeriSign, Inc., a major certificate authority, reports that in January 2001 it erroneously issued two digital certificates identified as Microsoft certificates to an individual who fraudulently claimed to be a Microsoft employee. These certificates could be used to digitally sign programs (including ActiveX controls and Word macros) using the name "Microsoft Corporation".

Programs signed using these certificates would not be able to run automatically or bypass any normal security restrictions. However, the warning dialogue that appears before such programs could run would claim that they had been digitally signed by Microsoft. Clearly, this would be a significant aid in persuading a user to run the program.

The fix is apparently to patch all of Microsoft's operating systems from Windows 95 through Windows 2000.

In downloading and installing products, Windows users are given a choice where they can "always trust Microsoft products." This either removes one of the speed bumps for downloaded installations. This case underlines that trust comes from more than one source. I've been told not to update things by a vendor just after I finished with the updating they've warned against. In this case, I'd start trusting only fixes only if I downloaded them myself from MicroSoft's website. If then.

Of course, this only underscores AvoidIllusion. If customers didn't have faith in certificates to begin with--the illusion of security--, they wouldn't have had enough power to create a security concern. Then again, the former Microsoft employee will be sued into oblivion. What about VeriSign? If you can't trust the CertificateAuthority, there is no trust in the PublicKeyInfrastructure at all.


PublicKeyEncryption transforms KeyDistribution into a problem of distributing and verifying certificates, that is, of ensuring the user of PublicKeyEncryption is corresponding with who s/he thinks s/he is. Good certificates need changed (and therefor, distributed) less frequently, so this transformation is an improvement. A PublicKeyInfrastructure is a means of appropriately handling certificates.


See also AnonymityVsPseudonymity. Public keys alone are good for ensuring that two messages come from the same author, while allowing that author to remain unidentified - just what is needed for serial pseudonymity.

Discussion

MeatballWiki | RecentChanges | Random Page | Indices | Categories
Edit text of this page | View other revisions | Search MetaWiki
Search: