It analyses the general risks associated with safekeeping of end users’ private keys in a PKI (and includes some reflections on the idea of “non repudiation”).
In the past two or three years most major PKI technology vendors have released products which allow digital certificate holders with “soft certificates” to have their private keys stored at a central server and uploaded when needed to their local machine. This allows users to “roam” from one machine to another without having to manually manage the export and import of their keys onto temporary media like diskettes. Thus users gain much of the portability and usability advantages of hardware key media like smartcards and USB dongles but without the associated cost.
However, significant security compromises are entailed in any roaming soft certificate solution since fundamentally the key material is susceptible to sniffing or eavesdropping for at least some of the time. Careful security engineering and product deployment is needed to strike the right balance between cost/convenience and protection against identity theft. To date, little analysis of this balance appears in the public domain and the relative strengths and weaknesses of commercial solutions is difficult for users to determine. This paper highlights the security engineering and deployment considerations by presenting a systematic vulnerability assessment of the common roaming architecture.GIAC paper roaming soft certificates