Cooper, D.
(1998),
A Closer Look at Revocation and Key Compromise in Public Key Infrastructures, Proceedings of the 21st National Information Systems Security Conference
(Accessed April 19, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
A Closer Look at Revocation and Key Compromise in Public Key Infrastructures
Published
Author(s)
Abstract
Over time, in order to improve functionality or efficiency, new features have been added to the basic framework of public key infrastructures (PKIs). While these new features are useful, as with any other security critical application, new features are useful, as with any other security critical application, new features can open the door for new types of attacks. In this paper, we will concentrate on those attacks against a PKI which allow an attacker to take advantage of a compromised private key. In particular, we will look at types of attacks that may allow an attacker, who has compromised someone else's private key, to either circumvent or exploit the mechanisms designed to deal with key compromise. The paper includes descriptions of several such attacks as well as suggestions to either prevent these attacks or to mitigate the damage that they can cause.Proceedings Title
Proceedings of the 21st National Information Systems Security Conference
Conference Dates
October 5-8, 1998
Conference Title
National Information Systems Security Conference
Pub Type
Conferences
Keywords
certification authority, key compromise, pki, public key infrastructure
Citation
Created October 1, 1998, Updated February 17, 2017