[xmlsec] Web form signing
Aleksey Sanin
aleksey@aleksey.com
Thu, 09 Jan 2003 00:49:25 -0800
First of all, tt's well known but worth repeating: where is no
"unbreakable"
systems. It's only a matter of price, resources and time.
It's not necessary that software has access to the private key. You
might have
smart card that stores private key (and simply has no api "export
private key").
Plus an ability to do RSA or DSA signature *on the smart card*. In this
case,
private key never leaves smart card (except a case when someone steals
it and
uses a very expensive hardware to "slice" smart card chip). In the
described case,
additional software simply calls a smart card function "RSA sign" given
data
using key with name XXX. There are a lot of different solutions
available on
the market (www.google.com). The price and features vary and you might
easily
find what you need.
Other options include "trusted" software (i.e. you read the sources,
sign compiled
binaries as well as the startup environment including all system
libraries, etc. and
always check that nobody modified all this stuff before giving up
private key).
It is very difficult (imho, impossible) to make this absolutelly
unbreakable (> a couple
weeks of a good engineer work) on Intel (w/o additional hardware like
smart cards).
Thought, there are some platforms there it might be done but it's
basically the same
trick with some sort of special hardware available on such platforms.
Aleksey