Asymmetric encryption: changing my private key

Question

Obviously I don't understand asymm encryption well enough.

So in any asymm encryption system, I can ask for a key, which generates for me a private key which I should keep private and a public key which I should widely publicize.

But of course I can never be absolutely sure that my private key has not been compromised, no matter how I store it. So, like a password, I want to change my private key often.

My question is, in any asymm encryption system: whenever I make a new private key, I get a new public key too, right? So my old public key will not work with my new private key? ...which would mean anyone who wants to communicate with me using my encryption will have to first get my new public key, right?

Or is there any way of changing my private key often without requiring my friends to constantly get an update of my public key?

Answer 1

As far as I been taught, Yes, it is possible to change the private key without changing the public key. If {e, n} is the public key (n is the product of two large prime number) and {d,n} is the private key. Then we need to find a new value of e such that m=c^(ed) mod n. This is achieved by solving ed=kx phi(n) +1, where phi(n) is the Eulers Totient function. The reason to change the private key is if we believe that the keys have been compromised so we need a new key, but we need to keep the old public key for legacy reasons.

Answer 2

Syon made some excellent points. Another thing to consider is having multiple keys. It is strongly recommended to have a separate key for signing and a separate key for encrypting.

If you private encrypting key is ever compromised, your signatures are still valid.

And to elaborate on one of Syon's points, you can create and store a private key on a hardware device such as a SafeNet eToken. The private key cannot be extracted, so as long as you have physical possession of the token, you can be very confident that your private key is safe.

Answer 3

With asymmetrical encryption algorithms, the public and private keys are mathematically related to each other. You cannot change one key without changing the other as well.

As long as you take reasonable measures to protect your private key though, you should rarely need to change it.

• Use a large enough key to help prevent it being cracked in the foreseeable future. (size depends on the algorithm, 4096-bit RSA for example.)
• Don't store your private key anywhere online.
• Store your private key in an encrypted container that is password protected. Make the password long, complex, and memorize it.
• Never use your private key on a system you suspect could be compromised.
• Consider storing the key completely offline, like on a memory stick or CD (in the encrypted container of course).

These are the minimum that I would personally do.

And if you just happen to be concerned about people having an authentic copy of your public key, generate it's hash and provide a way for people to confirm the hash with you.

When it comes down to it though, the question of whether your keys and communication are secure enough is based on what you're defending against. If you think your system is compromised and the private key is being stolen off your system, then changing your keys frequently is pointless because the new keys will be stolen as well. If you believe your public key has been used to crack your private key, larger keys and better entropy will result in them taking longer to crack.

The current (2012) NIST recommendations for asymmetric keys is to change them every 1-2 years, and to use a minimum key size of 2048 bits.

Answer 4

You perfectly understood how it works. There is no way to change your private key without changing your public key. Now, the problem is that if you distribute your public key through insecure means, you can fall pray to a man in the middle attack.

See http://en.m.wikipedia.org/wiki/Man-in-the-middle_attack for an example.

The way to avoid this attack is to get a digital certificate from a trusted entity.