Management of signature keys for government

[Brian Gladman]

-----Original Message-----
From: Dave Howe <DHowe@tecsun.demon.co.uk>
To: ukcrypto@maillist.ox.ac.uk <ukcrypto@maillist.ox.ac.uk>
Date: 02 March 1998 11:55
Subject: Re: Management of signature keys for government


>I don't know why, but I seem completely unable to see why
>users can't generate their own keys for use in smart cards,
>using their own trusted software, and uplink their own trusted
>copy of the key to the smartcard.

One issue in the self generation of keys is how to prevent a user
repudiating their own key by revealing its private component.  One advantage
(in principle) of 'on-card' signature key generation is that no-one - not
even the owner - knows the value of the secret component of the key since
this only ever exists on the card.   Of course the user can 'lose' the card
but this is not quite the same as publishing the secret key component.

There are a number of ways in which a user could be prevented (or at least
deterred) from revealing their own key but it is not clear (to me at least)
whether any of these are practical in the real world.

However, irrespective of whether on or off card key generation is employed,
it is vital that the processes leading to the generation of signature key
pairs for an identity or signature card are subject to some form of publicly
accountable and demonstrably independent expert scrutiny of their design,
their implementation and their operation.  In the case of the user
generating their own key it will be the software used to do this that needs
to be scrutinised. In the case of 'on card' generation it is the card and
any associated firmware that needs such scrutiny.

In my view it is this form of scrutiny that will really matter since we
cannot all take our ID cards apart to see if they work properly!

  Brian