Exploitation of private keys

Correctness

The private key represents a subject.

  • Its compromise must be minimized.

  • Physically secure backup copies can exist in some cases.

The access path to the private key must be controlled.

  • Access protection with password or PIN.

  • Correctness of applications.

Confinement

Protection of the private key inside a (reduced) security domain (ex. cryptographic token).

  • The token generates key pairs.

  • The token exports the public key but never the private key.

  • The token internally encrypts/decrypts with the private key.

Last updated