Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Cryptography >> Encryption Decryption
  2. Suggest New Category

What happens if a private key is compromised ?

Question Posted / guest


What happens if a private key is compromised ?..

Answer / ramkumar

Private keys must be stored securely, since forgery and
loss of privacy could result from compromise (see Question
4.1.3.7). The measures taken to protect a private key must
be at least equal to the required security of the messages
encrypted with that key. In general, a private key should
never be stored anywhere in plaintext form. The simplest
storage mechanism is to encrypt a private key under a
password and store the result on a disk. However, passwords
are sometimes very easily guessed; when this scheme is
followed, a password should be chosen very carefully since
the security is tied directly to the password.
Storing the encrypted key on a disk that is not accessible
through a computer network, such as a floppy disk or a
local hard disk, will make some attacks more difficult. It
might be best to store the key in a computer that is not
accessible to other users or on removable media the user
can remove and take with her when she has finished using a
particular computer. Private keys may also be stored on
portable hardware, such as a smart card. Users with
extremely high security needs, such as certifying
authorities, should use tamper-resistant devices to protect
their private keys (see Question 4.1.3.13).

Is This Answer Correct ?    0 Yes 1 No

Post New Answer

More Encryption Decryption Interview Questions

Hello. In Snort, how a digital signature is actually created for the authentication purpose and thereby provides intrusion detection as well as prevention. How the software for IDS/IPS comes to know regarding the threat/vulnerability using digital signature ? Whether any specific language or programming is used or not.

1 Answers  

What is the difference between hardware and software encryption?

1 Answers  

What is exhaustive key search ?

0 Answers  

What is private key cryptography and how we compare it with public key cryptography?

0 Answers  

What is a zed encoder? How does it work?

0 Answers  

what is the difference between encryption and hashing?

1 Answers  

What are the counter and pcbc modes?

0 Answers  

How to find someone else?s public key ?

2 Answers  

What happens when a key expires ?

2 Answers   TCS,

what is pretty good privacy?

0 Answers  

What is meant by 1024, 2048, 5096 bit encryption?

0 Answers   ASD Lab,

What are the advantages and disadvantages of public key cryptography compared with secret key cryptography ?

1 Answers  

For more Encryption Decryption Interview Questions Click Here
Categories
  • Cryptography Algorithms Interview Questions Cryptography Algorithms (52)
  • Digital Certificates Interview Questions Digital Certificates (23)
  • Encryption Decryption Interview Questions Encryption Decryption (77)
  • Ciphers Interview Questions Ciphers (43)
  • Cryptography Protocols Interview Questions Cryptography Protocols (31)
  • Blockchain Interview Questions Blockchain (338)
  • Cryptography General Interview Questions Cryptography General (154)
  • Cryptography AllOther Interview Questions Cryptography AllOther (0)