1

I'm in the process of obtaining a code signing certificate from a CA that requires the use of a smart card for the generation of the PKI key pair. However, I would like to be in the possession of the private key, and not depend on a physical device.

So here comes the question, who decides if the private key is exportable, the smart card software implementation, or the requester (CA)? I was thinking maybe I could acquire a smart card that allows for such a thing.

I ask this because I'm trying to figure out a way to get in the possession of my own private key, in the event PKCS #11 is not suitable in the future. I don't need PKCS #11 security.

Chris
  • 153
  • 1
  • 6

1 Answers1

3

The whole point of a smart card is that they private key is protected against extraction. There are ways to create the private key outside of the smart card and then import it into it in which case you have a backup. But in your case the requirement is that the key has to be generated on the card itself which means it can only be used with the card.

... requires the use of a smart card for the generation of the PKI key pair. However, I would like to be in the possession of the private key, and not depend on a physical device... I don't need PKCS #11 security.

It does not matter what you want or what you feel you need. The CA decided that the certificates it issues need to be properly protected against misuse. It regularly happens that code signing keys gets stolen and misused to sign and spread malware and having the key only on a smart card is a good protection against this.

... in the event PKCS #11 is not suitable in the future

PKCS#11 is an established standard and widely used. It is likely that your code signing certificate is long expired before PKCS#11 becomes obsolete.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
  • By `in the event PKCS #11 is not suitable in the future` I meant if I'll ever need to sign a file in an environment not supported by the device driver (like linux or ...). Having the private key just give you more flexibility. – Chris Oct 14 '17 at 13:25
  • @Chris: yes, it gives more flexibility and makes many things easier - but not only to you but also for a potential attacker. Security policies are usually a trade-off between security and usability. In this case the CA decided that they value security of the keys more than ease and flexibility of use. Apart from that - Linux has in theory PKCS#11 support too but the exact details depend on the model of the smartcard. – Steffen Ullrich Oct 14 '17 at 13:30
  • I just realized. Smart cards are actually worse for the CA than directly handing the key, because people can buy smart card readers from untrustworthy third parties (like amazon, ebay), which could come with malicious software. *facepalm* – Chris Oct 14 '17 at 14:23
  • @Chris: The cryptographic operation involving the private key is still done at the smart card itself. But yes, there is a risk of having some untrustworthy software installed in your system which might have a backdoor and trick the user into signing different things than the user intended. But, how is this different from all the other software the user has installed on the system and which the user does not fully control? Apart from that, I never claimed that smart cards solve all risks - only that they reduce the specific risks associated with a stolen private key. – Steffen Ullrich Oct 14 '17 at 15:09
  • It's a lot less likely that I have a random software installed on my development system that targets PKI phishing, and is successful (considering the storage variety), than a knock-off standardized security device to target, well, security. – Chris Oct 14 '17 at 15:34
  • @Chris: so you are saying that on one side you take care what kind of software you install on your development machine (only from trusted sources) but on the other side you simply buy the cheapest smart card reader you can get and also from dubious untrusted sources and then blindly install the software coming with this device to your machine although you usually only install from trusted sources? – Steffen Ullrich Oct 14 '17 at 15:43
  • I'll leave to this. People are not going to download development software from torrents and such, they know better. But they might be tempted (including myself), to buy the much cheaper hardware from amazon than CA, which could have compromised software/driver/even firmware. At a first glance, you might not even think that the amazon product could be compromised. Not the case with untrustworthy development software. – Chris Oct 14 '17 at 16:54
  • Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/67119/discussion-between-steffen-ullrich-and-chris). – Steffen Ullrich Oct 14 '17 at 17:07