Ed Gerck wrote:
Regarding PKI, the X.509 idea is not just to automate the process of reliance but to do so without introducing vulnerabilities in the threat model considered in the CPS.

but that is one of the points of the article that as you automate more things you have to be extra careful about introducing new vulnerabilities (of course a business operation will make claims that while they may have introduced enormous additional complexity and number of business processes ... that they are all perfect and have no vulnerabilities).

the issue of public key email w/o PKI ... is you have all the identical, same basic components that PKI also needs.

there is a local trusted public key repository and a method of getting keys into/out of that trusted public key repository. in the non-PKI case, the trusted public key repository contains public keys that are used to directly authenticate messages from other entities. in the PKI case, the trusted public key repository also contains public keys that are used to authenticate messages from a certification authority; these messages are called digital certificates. the digital certificates, in turn contain other public keys that can be used in authenticating messages from directly communicating entities.

the original PKI and digital ceritificate design point is the letters of credit/introduction (from the sailing ship days) ... addressing first time communication between two strangers.

that a large volume of email doesn't involved first time communication between two strangers that have no prior relationship ... and so one possible question is does a PKI operation ... does the little or no added value for such communication possibly offset the drastically increased amount of complexity and increased number of business processes (that also contribute to possible enormous increase in potential for vulnerabilities).

PKI is trying to offer some added value in first time communication between two strangers (say the bulk mailing advertising industry) ... and it is possibly acceptable the significant increase in business processes and complexity is justified in improving reliance in the bulk mailing advertising market segment. The question does the vast increase in business processes and complexity (with the possibility that the increased business processes and complexity also introduce significant new types of vulnerabilities) justify its use in the scenarios where first time communication between two strangers is not involved.

This is business process analysis of what goes on in a basic public key email operation ... aka all the public key operations and the entity's trusted public key repository ... and then showing where PKI incrementally adds business processes and complexity to that basic infrastructure .... certification authority public keys added to the trusted public key repository, these new kind of messages called digital certificates and the indirection between the certification authority's public key (in the entity's trusted public key repository) and the public key of the other entities communicated with.

The additional digital certificate verification technical steps that a PKI operation adds to a core fundamental public key email process (that directly has access to public keys of entities directly communicated with) ... also drags in the enormous amount of complexity and additional business processes that the certification authorities have to perform.

It is some of this other complexity and business processes that may be attacked ... as in my oft repeated description of a crook attacking the authoritative agency that a certification authority uses for the basis of its certification, and then getting a perfectly valid certificate. The user (relying-party) then may have a perfectly valid public key for an entity that they've communicated with for years .... but this perfectly valid certificate (from a crook) now claims that the user must now automatically accept the crook's public key also as representing the same entity.

so a traditional risk/threat analysis ... would frequently analyze the basic components ... establish a baseline threat/vulnerability profile ... and then consider what happens when additional complexity does to the baseline. I assert that a simple public key email operation can establish a baseline w/o any digital certificates ... and then you consider what happens when the baseline has digital certificates added (which then also drags in all the business process vulnerabilities that may exist at the certification authority ... and all dependencies that tthe certification authority has). we had to sort of look at this sort of stuff when we were asked to work with this small client/server startup that wanted to do payment transactions on their server
http://www.garlic.com/~lynn/aadsm5.htm#asrn2
http://www.garlic.com/~lynn/aadsm5.htm#asrn3

and we had to go around and audit some number of these relatively new business operations called certification authorities.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to