What happens if a private key is compromised ?
Answer / ramkumar
Private keys must be stored securely, since forgery and
loss of privacy could result from compromise (see Question
4.1.3.7). The measures taken to protect a private key must
be at least equal to the required security of the messages
encrypted with that key. In general, a private key should
never be stored anywhere in plaintext form. The simplest
storage mechanism is to encrypt a private key under a
password and store the result on a disk. However, passwords
are sometimes very easily guessed; when this scheme is
followed, a password should be chosen very carefully since
the security is tied directly to the password.
Storing the encrypted key on a disk that is not accessible
through a computer network, such as a floppy disk or a
local hard disk, will make some attacks more difficult. It
might be best to store the key in a computer that is not
accessible to other users or on removable media the user
can remove and take with her when she has finished using a
particular computer. Private keys may also be stored on
portable hardware, such as a smart card. Users with
extremely high security needs, such as certifying
authorities, should use tamper-resistant devices to protect
their private keys (see Question 4.1.3.13).
Is This Answer Correct ? | 0 Yes | 1 No |
What happens if my key is lost ?
How can we use quantum properties in cryptography ?
What is decryption?
How Encoding is different from Encryption?
Who needs a key pair ?
What information can be obtained from encrypted file?
What is private key cryptography and how we compare it with public key cryptography?
What is Plaintext?
What is nonlinear cryptography?
How does one find random numbers for keys ?
Hello. In Snort, how a digital signature is actually created for the authentication purpose and thereby provides intrusion detection as well as prevention. How the software for IDS/IPS comes to know regarding the threat/vulnerability using digital signature ? Whether any specific language or programming is used or not.
How to change the location of the Kryptel (Silver Key) program group?