Difference between revisions of "Private Key Component"
From MgmtWiki
(→Scope/Goal) |
(→Scope/Goal) |
||
| Line 4: | Line 4: | ||
===Scope/Goal=== | ===Scope/Goal=== | ||
*The goal of a [[Private Key Component]] is give the user an [[Authentication]] factor that can be completely within their control. | *The goal of a [[Private Key Component]] is give the user an [[Authentication]] factor that can be completely within their control. | ||
| − | *Should some other | + | *Should some other technology for the use of secret data be found beyond the [[Private Key Component]], it is expected that this wiki page should apply to that new technology as well. |
==Context== | ==Context== | ||
Revision as of 12:15, 26 July 2020
Full Title or Meme
Good Public Key Cryptography is dependent on the absolute protection of the Private Key Component of the public/private key pair.
Scope/Goal
- The goal of a Private Key Component is give the user an Authentication factor that can be completely within their control.
- Should some other technology for the use of secret data be found beyond the Private Key Component, it is expected that this wiki page should apply to that new technology as well.
Context
- Protecting one's secret information, in the modern age of computers, has become synonymous with protect a secret key or a Private Key Component of a key pair.
- This wiki uses the term Credential for any secret held by a device that can be used in authenticating a user. The best know credential (2020) is a well-protected private key component.
Problems
- Governments have been the primary customers for keeping secrets and, so, the primary customers for cryptography.
- The challenge with providing good secrecy became a challenge to (1) find a good cryptography algorithm and (2) getting the cryptographic key security into the hands of those who need it.
Solutions
- NIST SP 800-63-3B established authentication assurance level (AAL) the report on the protection to the users private key components.
References
- Also see this wiki page Self-signed Certificate.
- Accessing and using certificate private keys in .NET Framework/.NET Core describes the mess created when Microsoft switched from their legacy CAPI key storage API to the CNG (Crypto Next Generation) key storage. The mess continues to this day.
