CTKS?

Dave Harte harted at csn.ul.ie
Tue Mar 25 08:32:48 EST 2003


 Change the Key Stupid ?

 Just a nice simple question.

 I have previously implemented a process to generate new dsa/rsa keys for
ssh and transfer them over the existing encrypted session with time
interval t, the following connection will use the new keys & so
forth..

 The reason behind this was, if anyone robbed the private key and knew the
passphrase ( in fact I had no passphrase above, and allowed any of the
last 3 keys pairs to be used ), it would only be valid for a short time
interval...

 The benefit is simple for ssh, blank passphrase private keys are useful
for time interval t and no longer, gaining access to these via backups,
temporary root, temporary contract etc, are of little use if time internal
is sufficiently short.

 I have not seen this technique documented/ mentioned for ssh or any other
protocols ?  links & references ? or is this a case of CTKSS! ( Change the
key Stupid, Stupid ) ?

 ..surely where there is risk of keys being copied and allowing either
access, future decryption or MITM attacks with private key, it makes sense
to automate the key exchange when possible ? and also to continue to have
the 1-3 month manual key exchange over alternate channel.

Thoughts / criticisms welcome

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list