On the release of CRLs in public key infrastructure
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Audit and backup procedures for hardware security modules
Proceedings of the 7th symposium on Identity and trust on the Internet
| Hi-index | 0.00 |
The most critical requirement for a Certification Authority (CA) is to protect its signing key from compromise. CA keys are typically stored in tamper resistant Hardware Security Modules (HSM). While, in a realistic deployment, the HSM may prevent the full copy of the key to be copied or stolen, it can not totally prevent illegal access to the key (due to compromise or even operator mistakes). This paper defines multiple compromise levels for the CA key and investigates the damages in each level. First, we show that with the most common revocation setting even the lowest compromise level (a single illegal access) may lead to the end of the CA. Then, we show that other revocation settings permit efficient countermeasures to prevent the revocation of the CA in some compromise levels. Finally, we describe some hints about the implementation of these settings in practice.