Page 596 - StudyBook.pdf
P. 596

580    Chapter 10 • Public Key Infrastructure

             there is a possibility for abuse of other users’ private keys by the administrators of
             the central key store. However, with decentralized key management, key recovery is
             left up to the individual user to consider, and this can result in the inadvertent loss
             (destruction) of keys, usually at the time when they are needed most.
                 Whether using centralized management or decentralized management for keys,
             a secure method of storing those keys must be designed.

             Storage

             Imagine what would happen if you left a wallet on a counter in a department store
             and someone took it.You would have to call your credit card companies to close
             out their accounts, they would have to go to the DMV to get a duplicate license,
             they would have to change their bank account numbers, and so forth.
                 Now, imagine what would happen if a company put all of their private keys
             into a publicly accessible File Transfer Protocol (FTP) site. Basically, once hackers
             discovered that they could obtain the private keys, they could very easily listen to
             communications between the company and clients and decrypt and encrypt mes-
             sages being passed.
                 Taking this a step further, imagine what could happen if a root CA key was not
             stored in a secure place; all of the keys that used the CA as their root certificate
             would have to be invalidated and regenerated.
                 So, how to store private keys in a manner that guarantees their security? Not
             storing them in a publicly accessible FTP folder is just a start.There are also several
             options for key storage, most falling under either the software storage category or the
             hardware storage category.

             Hardware Key Storage vs. Software Key Storage

             A private key could be stored very naively on an operating system (OS) by creating
             a directory on a server and using permissions (NTFS in Windows) to lock access to
             the directory.The issue is that storing private keys in this way relies on the security
             of the OS and the network environment itself.Anyone with physical access to
             these systems could easily fetch these keys from their files.
                 Say that you are the senior administrator for a company.You have a higher
             access level than all of the other administrators, engineers, and operators in your
             company.You create a directory on one of the servers and restrict access to the
             directory to you and the Chief Information Officer (CIO). However, Joe is respon-
             sible for backups and restores on all of the servers. Joe is the curious type, and
             decides to look at the contents that are backed up each night onto tape. Joe notices



          www.syngress.com
   591   592   593   594   595   596   597   598   599   600   601