[Cialug] dual passphrase encryption
Jeffrey Ollie
jeff at ocjtech.us
Fri Dec 7 22:45:33 CST 2007
On 12/7/07, Colin Burnett <cmlburnett at gmail.com> wrote:
> On Dec 7, 2007 10:05 PM, Jeffrey Ollie <jeff at ocjtech.us> wrote:
> >
> > Well, if the webserver has a copy of all of the private keys there
> > wasn't much point to the exercise other than wasting CPU cycles.
>
> The server has a copy of all keys but no copy of the passphrases, thus
> you have secrecy.
If the server is generating the public/private keypairs the passphrase
is moot - an attacker will either rewrite the server software to not
encrypt the private key or to keep the passphrase cached somewhere.
The server should never have the private keys or the passphrases used
to encrypt the private keys.
In fact the server should never even see the unencrypted data. The
server is your classic "man in the middle". Compromise the server and
all of your encryption is pointless.
Jeff
More information about the Cialug
mailing list