The Key Authority - Secure Key Management in Hierarchical Public Key   Infrastructures

A. Wiesmaier (1); M. Lippert (1); V. Karatsiolis (1) ((1) TU; Darmstadt)

arXiv:cs/0410024·cs.CR·May 23, 2007·6 cites

The Key Authority - Secure Key Management in Hierarchical Public Key Infrastructures

A. Wiesmaier (1), M. Lippert (1), V. Karatsiolis (1) ((1) TU, Darmstadt)

PDF

Open Access

TL;DR

This paper introduces a model for private key lifecycle management using a finite state machine and proposes a centralized key authority module to enhance security in hierarchical PKIs.

Contribution

It presents a formal model for private key management and defines a centralized trust center module to improve security and control in hierarchical PKIs.

Findings

01

Finite state machine model for key lifecycle

02

Centralized key authority enhances security

03

Simplifies enforcement of key management policies

Abstract

We model a private key`s life cycle as a finite state machine. The states are the key`s phases of life and the transition functions describe tasks to be done with the key. Based on this we define and describe the key authority, a trust center module, which potentiates the easy enforcement of secure management of private keys in hierarchical public key infrastructures. This is done by assembling all trust center tasks concerning the crucial handling of private keys within one centralized module. As this module resides under full control of the trust center`s carrier it can easily be protected by well-known organizational and technical measures.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsCryptography and Data Security · Advanced Authentication Protocols Security · Chaos-based Image/Signal Encryption