Difference between revisions of "Private Key Component"

From MgmtWiki
Jump to: navigation, search
(Full Title or Meme)
(Scope/Goal)
Line 3: Line 3:
  
 
===Scope/Goal===
 
===Scope/Goal===
*The goal of a Private Key is give the user an [[Authentication]] factor that can be completely within their control.
+
*The goal of a [[Private Key Component]] is give the user an [[Authentication]] factor that can be completely within their control.
 
*Should some other method of used data be found beyond the [[Private Key Component]], it is expected that this wiki page should apply to that new technology as well.
 
*Should some other method of used data be found beyond the [[Private Key Component]], it is expected that this wiki page should apply to that new technology as well.
  

Revision as of 11:14, 26 July 2020

Full Title or Meme

Good Public Key Cryptography is dependent on the absolute protection of the Private Key Component of the public/private key pair.

Scope/Goal

  • The goal of a Private Key Component is give the user an Authentication factor that can be completely within their control.
  • Should some other method of used data be found beyond the Private Key Component, it is expected that this wiki page should apply to that new technology as well.

Context

  • Protecting one's secret information, in the modern age of computers, has become synonymous with protect a secret key or a Private Key Component of a key pair.
  • This wiki uses the term Credential for any secret held by a device that can be used in authenticating a user. The best know credential (2020) is a well-protected private key component.

Problems

  • Governments have been the primary customers for keeping secrets and, so, the primary customers for cryptography.
  • The challenge with providing good secrecy became a challenge to (1) find a good cryptography algorithm and (2) getting the cryptographic key security into the hands of those who need it.

Solutions

  • NIST SP 800-63-3B established authentication assurance level (AAL) the report on the protection to the users private key components.

References