Welome to the Internet, here's your private key

Jaap-Henk Hoepman hoepman at cs.utwente.nl
Fri Feb 8 11:12:45 EST 2002


I think there _are_ good business reasons for them not wanting the users to
generate the keys all by themselves. Weak keys, and subsequent compromises, may
give the CA really bad press and resulting loss of reputation (and this 
business is built on reputation anyway). So: there are good reasons not to
let the CA generate the private key, but also good reasons to not let the user
generate the keys all by himself. 

So the question is: are there key generation protocols for mutually distrustful
parties, that would give the CA the assurance that the key is generated using
some good randomness (coming from the CA) and would give the user the guarantee
that his private key is truly private. Also, the CA should be able to verify
later that the random data he supplied was actually used, but this should not
give him (too much) advantage to find the private key.

A smartcard based system might be useful here (as suggested by other
subscribers here). But a software only solution is preferred because it would
maker the application area much broader (because the user does not have to be
supplied with special hardware - terminals + smartcards).

Jaap-Henk

On Wed, 6 Feb 2002 15:37:06 +0100  "Arnold G. Reinhold" <reinhold at world.std.com> writes:
> And creates a potential legal liability  for the smart card 
> manufacturer. This gets to the original question of this thread. I 
> wonder why the CA's lawyers let them generate private keys 
> themselves. If it ever came out that private keys were misused by CA 
> employees or even someone who penetrated their security, they would 
> be legally defenseless, all the gobbledygook in their practice 
> statements not withstanding. There is no good business reason for a 
> CA to generate private keys and very powerful business reasons for 
> them not to.

-- 
Jaap-Henk Hoepman             | Come sail your ships around me
Dept. of Computer Science     | And burn your bridges down
University of Twente          |       Nick Cave - "Ship Song"
Email: hoepman at cs.utwente.nl === WWW: www.cs.utwente.nl/~hoepman
Phone: +31 53 4893795 === Secr: +31 53 4893770 === Fax: +31 53 4894590
PGP ID: 0xF52E26DD  Fingerprint: 1AED DDEB C7F1 DBB3  0556 4732 4217 ABEF


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list