Management of signature keys for government
Nicholas Bohm
nbohm at ernest.net
Mon, 02 Mar 1998 16:55:14 +0000
At 14:19 2/03/98 -0000, Brian Gladman wrote:
[snip]
>One issue in the self generation of keys is how to prevent a user
>repudiating their own key by revealing its private component. One advantage
>(in principle) of 'on-card' signature key generation is that no-one - not
>even the owner - knows the value of the secret component of the key since
>this only ever exists on the card. Of course the user can 'lose' the card
>but this is not quite the same as publishing the secret key component.
>
>There are a number of ways in which a user could be prevented (or at least
>deterred) from revealing their own key but it is not clear (to me at least)
>whether any of these are practical in the real world.
I doubt whether there are practical technical means of preventing
repudiation (although I too would like to learn more). You can always lose
your card, and unless it could only be used with biometrical identifiers,
your PIN could have been snooped (as in the fake ATM case).
Legally, of course, you can be made responsible for all card use prior to
formal revocation. But once you have to revoke a card (or key) accepted by
numerous unconnected traders, there are practical problems of achieving
comprehensive worldwide revocation.
[snip]
Regards,
Nicholas Bohm
Salkyns, Great Canfield,
Takeley, Bishop's Stortford CM22 6SX, UK
Phone 01279 870285 (+44 1279 870285)
Fax 01279 870215 (+44 1279 870215)
Mobile 0860 636749 (+44 860 636749)
PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint:
9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07
PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint:
5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF