NIST logo

Publication Citation: A Closer Look at Revocation and Key Compromise in Public Key Infrastructures

NIST Authors in Bold

Author(s): David A. Cooper;
Title: A Closer Look at Revocation and Key Compromise in Public Key Infrastructures
Published: October 01, 1998
Abstract: Over time, in order to improve functionality or efficiency, new features have been added to the basic framework of public key infrastructures (PKIs). While these new features are useful, as with any other security critical application, new features are useful, as with any other security critical application, new features can open the door for new types of attacks. In this paper, we will concentrate on those attacks against a PKI which allow an attacker to take advantage of a compromised private key. In particular, we will look at types of attacks that may allow an attacker, who has compromised someone else's private key, to either circumvent or exploit the mechanisms designed to deal with key compromise. The paper includes descriptions of several such attacks as well as suggestions to either prevent these attacks or to mitigate the damage that they can cause.
Conference: National Information Systems Security Conference
Proceedings: Proceedings of the 21st National Information Systems Security Conference
Dates: October 5-8, 1998
Keywords: certification authority;key compromise;pki;public key infrastructure
Research Areas: