PKI certs from a “protected” system to an “unprotected” system?

5 pts.
Tags:
PKI Security
Can you send or transfer emails with PKI certs from a "protected" system to an "unprotected" system through a guard or cross-domain solution? When you send an email with PKI enabled, you send your public key with the message. However, if the destination you send it to receives it, can someone hack it to obtain the private key information and use it maliciously?`

Answer Wiki

Thanks. We'll let you know when a new response is added.

The neat thing about PKI is that the odds of getting the private key information from the public key are astronomical. So don’t worry about getting private key info from the public key. The danger in PKI, like in most security issues, is keeping your private key to yourself , the same way you should be protecting your password and desktop. Lock it up when you are away from your desk and keep the smart card, or what ever media you store your PKI cert on, secure.

Hope this helps!

“K”

================================
Are you referring to attaching the actual certificate to an e-mail? I would definitely want that transfer to happen over a secure channel.

<a href=”http://world.std.com/~dtd/”>Don Davis</a> says: A public-key security system trusts its users to validate each others’ public keys rigorously and to manage their own private keys securely. Both tasks are hard to do well, but public-key security systems lack a centralized infrastructure for enforcing users’ discipline.

It is best too that the certificate be <a href=”http://www.youdzone.com/signature.html”>generated by a trusted 3rd party</a> rather than self-signed (see the plot complication section at the bottom). Here’s a great blurb on this from <a href=”http://research.microsoft.com/crypto/publickey.aspx”>Microsoft Research</a>: “In theory, it might be possible to derive the private key from the public key by working the formula backwards. In practice, no one has ever done it and it doesnt look like anyone ever will. Factoring large numbers is so hard that even the most powerful supercomputers in the world cant break an ordinary public key.”

See the following for additional tutorial material on PKI:

<a href=”http://en.wikipedia.org/wiki/Public-key_cryptography”>Public-key cryptography</a>

<a href=”http://www.cs.auckland.ac.nz/~pgut001/pubs/pkitutorial.pdf”>Everything you Never Wanted to Know about PKI but were Forced to Find Out</a>

<a href=”http://www.isode.com/whitepapers/dist-pki-tutorial.html”>A Short Tutorial on Distributed PKI</a>

<a href=”http://www.security-forums.com/viewtopic.php?t=8611&start=0&postdays=0&postorder=asc&highlight=&sid=091e05764756c379daefff5fc8946e5c”>Public Key Infrastructure (PKI) Tutorial – An Introduction</a>

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following