Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
March, 2007<br />
1. Private key used to sign a root certificate in a public key infrastructure<br />
2. Symmetric key transport key shared by a large number of users<br />
3. Private asymmetric key transport key shared by a large number of users<br />
4. Master key used in the generation of keys by a large number of users<br />
5. Symmetric data encryption key used to encrypt data in a large distributed database<br />
6. Symmetric key shared by a large number of communications network participants<br />
7. Key used to protect a large number of stored keys<br />
8. A certification authority’s (CA’s) private key<br />
In all of these cases, a large number of holders would need to be immediately notified of the<br />
compromise. Inclusion of the key identifier on a Compromised Key List (CKL) or Certificate<br />
Revocation List (CRL) to be published at a later date would not be sufficient. This means that a<br />
list of holders would need to be maintained and a means for communicating news of the<br />
compromise to the holders would be required. News of the compromise and the replacement of<br />
keys should be sent only to the affected entities so as not to encourage others to exploit the<br />
situation.<br />
In all of these cases, a secure path for replacing the compromised keys is required. In order to<br />
permit rapid restoration of service, an electronic (e.g., over-the-air) replacement path is preferred<br />
(see Section 8.2.3). In some cases, however, there may be no practical alternative to manual<br />
distribution (e.g., compromise of a root CA’s private key). Contingency distribution of alternate<br />
keys may help restore service rapidly in some circumstances (e.g., compromise of a widely held<br />
symmetric key), but the possibility of simultaneous compromise of operational and contingency<br />
keys would need to be considered.<br />
Damage assessment can be extraordinarily complex, particularly in cases such as the<br />
compromise and replacement of CA private keys, widely used transport keys, and keys used by<br />
many users of large distributed databases.<br />
118