[Clips] The summer of PKI love
James A. Donald
jamesd at echeque.com
Fri Aug 12 12:44:19 EDT 2005
--
From: "Stefan Kelm"
<stefan.kelm at secorvo.de>
> The usage of X.509 certificates and related PKI
> techniques is getting more and more common. It enables
> users to sign and encrypt messages, to use secure
> communication channels for internet communication and
> to authenticate themselves to all kind of network
> services. The overall level of security for the usage
> of public key cryptography depends heavily on that of
> the private key, which is usually installed on the
> local host of the user. This poses not only a security
> risk but it does also restrict the increasing user
> demand for mobility. A solution to these problems can
> be smart cards and USB-tokens, which store private
> keys in such a way that they cannot be retrieved from
> these
If the token has no user interface, or minimal user
interface, and the mobile user uses the token to log on
to a corrupted computer, then the adversary has control
of the token, even though the rightful user retains
physical control of the token.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
k8jT9lI+qnD2l9zmgoEnD1dREI6nEAq21MKjTBy2
4l82lryIH7nTP4rjhCMmKYcuZkd3xQSd8Mtpt1S8d
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list