Over time, in order to improve functionality or efficiency, new features have been added to the basic framework of public key infrastructures (PKIs). While these new features are useful, as with any other security critical application, new features are useful, as with any other security critical application, new features can open the door for new types of attacks. In this paper, we will concentrate on those attacks against a PKI which allow an attacker to take advantage of a compromised private key. In particular, we will look at types of attacks that may allow an attacker, who has compromised someone else's private key, to either circumvent or exploit the mechanisms designed to deal with key compromise. The paper includes descriptions of several such attacks as well as suggestions to either prevent these attacks or to mitigate the damage that they can cause.
Proceedings Title: Proceedings of the 21st National Information Systems Security Conference
Conference Dates: October 5-8, 1998
Conference Title: National Information Systems Security Conference
Pub Type: Conferences
certification authority, key compromise, pki, public key infrastructure