Key server (cryptographic)

Key server (cryptographic)

In computer security, a key server is a computer — typically running special software — which provides cryptographic keys to users or other programs. The users' programs can be working on the same network as the key server or on another networked computer.

The keys distributed by the key server are almost always provided as part of a cryptographically-protected identity certificate containing not only the key but also 'entity' information about the owner of the key. The certificate is usually in a standard format, such as the OpenPGP public key format, the X.509 certificate format, or the PKCS format. Further, the key is almost always a public key for use with an asymmetric key encryption algorithm.

History

Key servers were developed as a result of the invention of public key cryptography.In public key cryptography an individual is able to generate a key pair which included two related keys. One of the keys in the pair is meant to be kept privatewhile the other is meant to be distributed. Public key cryptosystems are designed in a way such that the distribution of the public key of the key pair should not significantly weaken the security provided by encryption with the key pair. If an individual has the public key of a keypair, they are able to use that key to initiate secret communications with the holder of the matching secret key. The need to have the public key of a key pair in possession in order to start communication or verify signatures is a bootstrapping problem. Locating keys on the web or writing to the individual asking them to transmit their public keys can be time consuming. Key servers act as central repositories to alleviate the need to individually transmit public keys.

The first web-based PGP keyserver was written for a thesis by Marc Horowitz,while he was studying at MIT. Horowitz's keyserver was called the HKP Keyserverafter a web-based protocol it used to allow people to interact with thekeyserver. Users were able to upload, download, and search keys either throughthe HTTP-based HKP protocol on port 11371, or through web pages which ran CGIscripts. Before the creation of the HKP Keyserver, keyservers relied on emailprocessing scripts for interaction.

A separate key server, known as the PGP Certificate Server, was developed by PGP, Inc. and was used as the software (through version 2.5.x for the server) for the default key server in PGP through version 8.x (for the client software), keyserver.pgp.com. Network Associates was granted a patent co-authored by Jon Callas (United States Patent 6336186) [ [http://www.pat2pdf.org/patents/pat6336186.pdf United States Patent 6336186] ] on the key server concept.

To replace the aging Certificate Server, an LDAP-based key server was redesigned at Network Associates in part by Randy Harmon and Len Sassaman, called PGP Keyserver 7.0. With the release of PGP 6.0, LDAP was the preferred key server interface for Network Associates’ PGP versions. This LDAP and LDAPS key server (which also spoke HKP for backwards compatibility, though the protocol was (arguably correctly) referred to as “HTTP” or “HTTPS”) also formed the basis for the PGP Administration tools for private key servers in corporate settings, along with a schema for Netscape Directory Server. It was later replaced by the new PGP Corporation Global Directory.

Public versus private keyservers

The most important universally accessible key servers are those computers, located around the world, which store and provide OpenPGP keys over the Internet for users of that cryptosystem. In this instance, the computers can be, and are, mostly run by individuals as a pro bono service, facilitating the web of trust model PGP uses. There are also multiple proprietary public key infrastructure systems which maintain key servers for their users; only their users are likely to be aware of them at all.

Privacy concerns

For many individuals, the purpose of using cryptography is to obtain a higherlevel of privacy in personal interactions and relationships. It has been pointedout that allowing a public key to be uploaded in a key server when usingdecentralized web of trust based cryptographic systems, like PGP, may reveal agood deal of information that an individual may wish to have kept private. SincePGP relies on signatures on an individual's public key to determine theauthenticity of that key, potential relationships can be revealed by analyzingthe signers of a given key. In this way, models of entire social networks can bedeveloped.

Problems with keyservers

The OpenPGP keyservers developed in the 1990s suffered from a few problems. Once a public key has been uploaded, it is difficult to remove. Some users stop using their public keys for various reasons, such as when they forget their pass phrase, or if their private key is compromised or lost. In those cases, it was hard to delete a public key from the server, and even if it were deleted, someone else can upload a fresh copy of the same public key to the server. This leads to an accumulation of old fossil public keys that never go away, a form of keyserver "plaque". Another problem is that anyone can upload a bogus public key to the keyserver, bearing the name of a person who in fact does not own that key. The keyserver had no way to check to see if the key was legitimate.

To solve these problems, PGP Corp developed a new generation of key server, called the [https://keyserver.pgp.com/ PGP Global Directory] . This keyserver sent an email confirmation request to the putative key owner, asking that person to confirm that the key in question is his. If he confirms it, the PGP Global Directory accepts the key. This can be renewed periodically, to prevent the accumulation of keyserver plaque. The result is a higher quality collection of public keys, and each key has been vetted by email with the key's apparent owner.

These are some keyservers that are often used for looking up keys with "gpg --recv-key"

* keyserver hkp://subkeys.pgp.net
* keyserver hkp://pgp.mit.edu

References

ee also

*Lightweight Directory Access Protocol

External links

* [http://www.mit.edu/afs/net.mit.edu/project/pks/thesis/paper/thesis.html Marc Horowitz's Thesis]
*dmoz|Computers/Security/Products_and_Tools/Cryptography/PGP/Key_Servers/|List of Key Servers
* [http://sourceforge.net/projects/pks/ OpenPGP Public Key Server (PKS)] - an OpenPGP key server software package distributed under a BSD-style license (with advertising clause). It has largely been supplanted by SKS.
* [http://savannah.nongnu.org/projects/sks/ Synchronizing Key Server (SKS)] - an OpenPGP key server software package distributed under the GPL.
* [https://keyserver.pgp.com/ PGP Global Directory]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Key server — can mean:* Key server (cryptographic), a server on which public keys are stored for others to use * Key server (software licensing), a server that distributes software license keys …   Wikipedia

  • Key (cryptography) — In cryptography, a key is a piece of information (a parameter) that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the… …   Wikipedia

  • Key management — is a term used to describe two different fields; (1) cryptography, and (2) physical key management (or electronic key management) within building or campus access control.In cryptography, key management includes all of the provisions made in a… …   Wikipedia

  • Cryptographic nonce — For other uses of the word, see Nonce. Typical client server communication during a nonce based authentication process including both a server nonce and a client nonce. In security engineering, nonce is an arbitrary number used only once to sign… …   Wikipedia

  • Key distribution center — In cryptography, a key distribution center (KDC) is part of a cryptosystem intended to reduce the risks inherent in exchanging keys. KDCs often operate in systems within which some users may have permission to use certain services at some times… …   Wikipedia

  • Public-key cryptography — In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt. Security depends on the secrecy of that private key …   Wikipedia

  • S/KEY — is a one time password system developed for authentication to Unix like operating systems, especially from dumb terminals or untrusted public computers on which one does not want to type a long term password. A user s real password is combined in …   Wikipedia

  • Password-authenticated key agreement — In cryptography, a password authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party s knowledge of a password. Contents 1 Types 2 Brief history 3 See also …   Wikipedia

  • Public key infrastructure — In cryptography, a public key infrastructure (PKI) is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). The user identity must be unique for each CA. The binding is established through …   Wikipedia

  • Offline private key protocol — The offline private key protocol (OPKP) is a cryptographic protocol to prevent unauthorized access to back up or archive data. The protocol results in a public key that can be used to encrypt data and an offline private key that can later be used …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”