Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Author(s):||David A. Cooper;|
|Title:||A Closer Look at Revocation and Key Compromise in Public Key Infrastructures|
|Published:||October 01, 1998|
|Abstract:||Over time, in order to improve functionality or efficiency, new features have been added to the basic framework of public key infrastructures (PKIs). While these new features are useful, as with any other security critical application, new features are useful, as with any other security critical application, new features can open the door for new types of attacks. In this paper, we will concentrate on those attacks against a PKI which allow an attacker to take advantage of a compromised private key. In particular, we will look at types of attacks that may allow an attacker, who has compromised someone else's private key, to either circumvent or exploit the mechanisms designed to deal with key compromise. The paper includes descriptions of several such attacks as well as suggestions to either prevent these attacks or to mitigate the damage that they can cause.|
|Conference:||National Information Systems Security Conference|
|Proceedings:||Proceedings of the 21st National Information Systems Security Conference|
|Dates:||October 5-8, 1998|
|Keywords:||certification authority,key compromise,pki,public key infrastructure|