Reputation: 2012
RSA encryption: Is it possible to revoke a public/private key pair in peer-to-peer?
I'm creating an app (C#) that is going to send some messages around the network. Outgoing messages will be signed by a private key, incoming messages decrypted with a private key.
In case someone steals the private key, I want to be able to revoke it (send a revocation message to all other clients). Since I'm the owner of the stolen private key, only I must be able to revoke it.
My question: Is it possible to create a public/private key pair, depended on a so-called "Master public/private key pair" I have created before, to use in my app and if the private key in the app got stolen, I can revoke it, because with the master key I can proof that I'm the owner?
Hope someone understand what I mean ;-)
Mike
Update 1:
- I'm developing a peer-to-peer app, so there will be no central server / CA
- I'm generating the public/private keys by using the RSACryptoServiceProvider class in C#
Upvotes: 4
Views: 2224
Answers (3)
Reputation: 101139
You don't need a second key (and if you did - what if an attacker stole that?) Simply define a 'revocation' message type which indicates the key that signed it is revoked (irrevocably, as it were). If your key gets stolen, you simply have to send out the revocation message using the stolen key, and the key becomes useless to the attacker.
How to distribute the revocation message depends on the system you're using, of course, but I'm assuming here that you have some way to distribute keys already, and therefore revocations can take the same route.
Upvotes: 2
Reputation: 9483
Basically you'll design a system where each client can receive messages signed from two private keys: if they receive a message from the second private key, it will discard anything received signed with the first key.
Seems to be simple...
So, I think that you meant that you want to "revoke" the first public/private key in a way that your system will consider this pair invalid independent of same processing, I mean, even if someone hack the client, it won't be able to accept the first compromised key pair, because somehow they're revoked by the second key pair.
Is that it?
If so... no, without some kind of server, I don't think you can "revoke" a key pair. Revoking implies in having a central server telling which keys are valid, or your application doing this check internally (for ex., receiving a message from the second key pair and processing it)
Upvotes: 3
Reputation: 35477
You want to wrap you keys in a X.509 Certificate. The certificates should have a revocation Authority that supports OCSP (Online Certificate Status Protocol). see http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol
Upvotes: 3
Related Questions
- Are public key and private key interchangeable for RSA?
- Can One Public Key be Used to Encrypt and Decrypt Data during the SSL Handshake?
- Can I exchange the public and private key in RSA
- Can we have multiple public keys with a single private key for RSA?
- Can one encrypt with a private key/decrypt with a public key?
- Can id_rsa.pub be deleted on the server?
- RSA Encryption - Public Key Encryption
- Is there a way to alter a public key in a way that the decryption can still be done with the private key after some alteration?
- Using 2 public/private key pairs at the "same" time
- Is it possible to get RSA private key knowing public key and set of "original data=>encrypted data" entries?