crypto question
Pat Farrell
pfarrell at pfarrell.com
Wed Mar 20 22:24:03 EST 2002
At 01:45 PM 3/21/2002 +1100, McMeikan, Andrew wrote:
>Question. Is it possible to have code that contains a private encryption
>key safely? Every way I look at it the answer seems no, yet some degree of
>safety might be possible by splitting an encrypting routine across several
>nodes. Can someone give me a pointer to any work in this area?
I don't believe so, but maybe someone else on the list has a better answer.
Secret splitting will clearly make it harder for Mallet to gather the key.
In the past Atalla (later Compaq, now HP) and Harris sold hardware boxes that
kept keys in tamper proof boxes. They worked because opening the box lost the
key. Banks used them heavily in the late 1990s.
The usual good solution is to make a human type in a secret.
The usual bad solution is to store it in a secret place, or encrypted with
a key kept elsewhere (source, secret file, LDAP, etc.)
The old CyberCash wallet, which used strong RSA keys, used simple 56bit DES
to protect the private key on the local PC's hard disk. The thinking was
that user won't use more entropy in their keys to really justify 3DES,
and once one has physical access to the computer and hard drive, there
are simpler attacks than breaking the crypto on the key: keystroke sniffers being
one obvious example.
I'd also love to hear of real solutions to protecting a key stored on local disk
Pat
Pat Farrell pfarrell at pfarrell.com
http://www.pfarrell.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list