Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
When i reading about smartcards i came across this term called private key challenge.
Private key challenge – to ensure the certificate is bound to the token to which it was issued and has not been copied or cloned.
How this Private Key Challenge will be done ?
Thanks and Regards,
Sunny.
from what i know this is usually done by providing a nonce (number once used … a random number) to a system and asking it to take this number as input for a cryptographic function that needs the private key that belongs to the challanged certificate:
for encryption stuff you usually take your nonce, encrypt it and hand over the cyphertext to the challanged system … if the system can decrypt your nonce (and give it back to you), it has access to the private key …
in a signing scenario you hand over your plaintext nonce, and the system has to sign it … if the signature is valid, the system has access to the private key
of course for a real world application you will want to extend this scheme to avoid playback attacks, man in the middle, etc.