[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

losing private keys

To: spki@c2.org
Subject: losing private keys
From: cme@cybercash.com (Carl Ellison)
Date: Thu, 29 Feb 1996 14:07:40 -0500
Sender: owner-spki@c2.org

Other advocates of identity certs have claimed that it's important to bind
attributes and permissions to a person (and, through the DN to a public key)
because a private key might become lost or destroyed, depriving the person
of his permissions.  When he generates a new private key, he would have to
run around and get all the new permissions -- but the DN of an identity
cert provides him with an indirect linkage to just tap into.

I grant the convenience of this indirect linkage, in such a case.  I spent
a little time thinking about how to create those -- and that's simple
enough.

Then I spent a large hunk of my professional life dedicated to the problem
of making sure access to encrypted data isn't lost in the first place.

This requires two pieces.  The data must not be lost and access to the
encryption key must not be lost.

The first is handled as well as you're willing to pay for by redundant
storage -- either ad hoc or via commercial solutions like those of
Stratus or Tandem.

The second can be handled as well as you're willing to pay for by
redundant decryption methods.  One such example is TIS's CKR
[www.tis.com] -- but there are a bunch of others.  That's just the
one I know the best.  [RSA's Secure has a solution not requiring
a formal third party.]  A TIS CKR solution, BTW, allows people emergency
access based on biometrics (so that all you have to do is show up at
a TIS DRC 3rd party authentication service which uses biometric
authentication and present your amnesia-disabled body to get access to your
private key).  RSA's solution would require presenting your amnesia-disabled
body to a set of friends who have to cooperate [via Shamir secret sharing]
to recover your private key for you.  If you're not suffering from
amnesia, you could hold all the Shamir secrets yourself -- and have to
remember only some of the whole set -- and get back your private key without
involving third parties.

So -- my inclination now is to make sure that people be given mechanisms
for preserving their private keys, securely, rather than plan for rapid
re-attachment of permissions.  However, if the list thinks that the
rapid re-attachment is important, we can discuss that.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091      Tel: (703) 620-4200                                 |
+--------------------------------------------------------------------------+

Prev by Date: PDDL
Next by Date: Re: encodings, character sets, general requirements
Prev by thread: PDDL
Next by thread: Re: losing private keys
Index(es):
- Main
- Thread