In computer security, a key server is a computer that receives and then serves existing cryptographic keys to users or other programs. The users' programs can be running on the same network as the key server or on another networked computer.
The keys distributed by the key server are almost always provided as part of a cryptographically protected public key certificates containing not only the key but also 'entity' information about the owner of the key. The certificate is usually in a standard format, such as the OpenPGP public key format, the X.509 certificate format, or the PKCS format. Further, the key is almost always a public key for use with an asymmetric key encryption algorithm.
History
Key servers play an important role in
public key cryptography
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...
.
In public key cryptography an individual is able to generate a
key pair
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...
, where one of the keys is kept private
while the other is distributed publicly. Knowledge of the public key does not compromise the security of public key cryptography. An
individual holding the public key of a key pair can use that key to carry out cryptographic operations that allow secret communications with strong authentication of the holder of the matching private key. The
need to have the public key of a key pair in order to start
communication or verify signatures is a bootstrapping problem. Locating keys
on the web or writing to the individual asking them to transmit their public
keys can be time consuming and unsecure. Key servers act as central repositories to
alleviate the need to individually transmit public keys and can act as the root of a
chain of trust
In computer security, a chain of trust is established by validating each component of hardware and software from the end entity up to the root certificate. It is intended to ensure that only trusted software and hardware can be used while still ...
.
The first web-based
PGP
PGP or Pgp may refer to:
Science and technology
* P-glycoprotein, a type of protein
* Pelvic girdle pain, a pregnancy discomfort
* Personal Genome Project, to sequence genomes and medical records
* Pretty Good Privacy, a computer program for the ...
keyserver was written for a thesis by Marc Horowitz, while he was studying at
MIT
The Massachusetts Institute of Technology (MIT) is a private land-grant research university in Cambridge, Massachusetts. Established in 1861, MIT has played a key role in the development of modern technology and science, and is one of the m ...
. Horowitz's keyserver was called the HKP Keyserver
after a web-based OpenPGP HTTP Keyserver Protocol (HKP), used to allow people to interact with the
keyserver. Users were able to upload, download, and search keys either through
HKP on TCP port 11371, or through web pages which ran CGI
scripts. Before the creation of the HKP Keyserver, keyservers relied on email
processing scripts for interaction.
A separate key server, known as the PGP Certificate Server, was developed by
PGP, Inc. and was used as the software (through version 2.5.x for the server) for the default key server in PGP through version 8.x (for the client software), keyserver.pgp.com.
Network Associates
McAfee Corp. ( ), formerly known as McAfee Associates, Inc. from 1987 to 1997 and 2004 to 2014, Network Associates Inc. from 1997 to 2004, and Intel Security Group from 2014 to 2017, is an American global computer security software company head ...
was granted a
patent
A patent is a type of intellectual property that gives its owner the legal right to exclude others from making, using, or selling an invention for a limited period of time in exchange for publishing an enabling disclosure of the invention."A p ...
co-authored by
Jon Callas
Jon Callas is an American computer security expert, software engineer, user experience designer, and technologist who is the co-founder and former CTO of the global encrypted communications service Silent Circle.http://www.linkedin.com/in/joncal ...
(United States Patent 6336186) on the key server concept.
To replace the aging Certificate Server, an
LDAP
The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory servi ...
-based key server was redesigned at
Network Associates
McAfee Corp. ( ), formerly known as McAfee Associates, Inc. from 1987 to 1997 and 2004 to 2014, Network Associates Inc. from 1997 to 2004, and Intel Security Group from 2014 to 2017, is an American global computer security software company head ...
in part by
Randy Harmon and
Len Sassaman
Leonard Harris Sassaman (April 9, 1980 – July 3, 2011) was an American technologist, information privacy advocate, and the maintainer of the Mixmaster anonymous remailer code and operator of the ''randseed'' remailer. Much of his career gravita ...
, called PGP Keyserver 7. With the release of PGP 6.0, LDAP was the preferred key server interface for Network Associates’ PGP versions. This LDAP and LDAPS key server (which also spoke HKP for backwards compatibility, though the protocol was (arguably correctly) referred to as “HTTP” or “HTTPS”) also formed the basis for the PGP Administration tools for private key servers in corporate settings, along with a
schema
The word schema comes from the Greek word ('), which means ''shape'', or more generally, ''plan''. The plural is ('). In English, both ''schemas'' and ''schemata'' are used as plural forms.
Schema may refer to:
Science and technology
* SCHEMA ...
for
Netscape Directory Server.
PGP Keyserver 7 was later replaced by the new
PGP Corporation
PGP Corporation was a company that sold Pretty Good Privacy computer software. It was founded in 2002, and acquired by Symantec in 2010, and by Broadcom in 2019.
History
PGP Corporation was co-founded in June 2002 by Jon Callas and Phil Dunkelber ...
PGP Global Directo
which allows PGP keys to published and downloaded using HTTPS or LDAP.
Public versus private keyservers
Many publicly accessible key servers, located around the world, are computers which store and provide
OpenPGP
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partiti ...
keys over the Internet for users of that cryptosystem. In this instance, the computers can be, and mostly are, run by individuals as a
pro bono
( en, 'for the public good'), usually shortened to , is a Latin phrase for professional work undertaken voluntarily and without payment. In the United States, the term typically refers to provision of legal services by legal professionals for pe ...
service, facilitating the
web of trust
In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the centr ...
model PGP uses.
Several publicly accessibl
S/MIME key serversare available to publish or retrieve certificates used with the
S/MIME S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly . It was originally developed by R ...
cryptosystem.
There are also multiple proprietary
public key infrastructure systems which maintain key servers for their users; those may be private or public, and only the participating users are likely to be aware of those keyservers at all.
Privacy concerns
For many individuals, the purpose of using cryptography is to obtain a higher
level of
privacy
Privacy (, ) is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.
The domain of privacy partially overlaps with security, which can include the concepts of a ...
in personal interactions and relationships. It has been pointed
out that allowing a public key to be uploaded in a key server when using
decentralized web of trust based cryptographic systems, like PGP, may reveal a
good deal of information that an individual may wish to have kept private. Since
PGP relies on signatures on an individual's public key to determine the
authenticity of that key, potential relationships can be revealed by analyzing
the signers of a given key. In this way, models of entire social networks can be
developed.
Problems with keyservers
The OpenPGP keyservers since their development in 1990s suffered from a few problems. Once a public key has been uploaded, it was purposefully made difficult to remove it as servers auto-synchronize between each other (it was done in order to fight government censorship). Some users stop using their public keys for various reasons, such as when they forget their pass phrase, or if their private key is compromised or lost. In those cases, it was hard to delete a public key from the server, and even if it were deleted, someone else can upload a fresh copy of the same public key to the server. This leads to an accumulation of old fossil public keys that never go away, a form of "keyserver plaque". As consequence anyone can upload a bogus public key to the keyserver, bearing the name of a person who in fact does not own that key, or even worse, use it as vulnerability: the Certificate Spamming Attack.
The keyserver had no way to check to see if the key was legitimate (belong to true owner).
To solve these problems, PGP Corp developed a new generation of key server, called th
PGP Global Directory This keyserver sent an email confirmation request to the putative key owner, asking that person to confirm that the key in question is theirs. If they confirm it, the PGP Global Directory accepts the key. This can be renewed periodically, to prevent the accumulation of keyserver plaque. The result is a higher quality collection of public keys, and each key has been vetted by email with the key's apparent owner. But as consequence, another problem arise: because PGP Global Directory allows key account maintenance and verifies only by email, not cryptographically, anybody having access to the email account could for example delete a key and upload a bogus one.
The last Internet Engineering Task Force draft for HKP also defines a distributed key server network, based on DNS
SRV record
A Service record (SRV record) is a specification of data in the Domain Name System defining the location, i.e., the hostname and port number, of servers for specified services. It is defined iRFC 2782 and its type code is 33. Some Internet protoco ...
s: to find the key of ''someone@example.com'', one can ask it by requesting e''xample.coms key server.
Keyserver examples
These are some keyservers that are often used for looking up keys with
gpg --recv-keys
.
These can be queried via
https://
(
HTTPS
Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is enc ...
) or
hkps://
(HKP over
TLS) respectively.
keys.openpgp.orgpgp.mit.edukeyring.debian.orgkeyserver.ubuntu.compgp.surf.nl
See also
*
Lightweight Directory Access Protocol
The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory servi ...
*
GnuPG
GNU Privacy Guard (GnuPG or GPG) is a free-software replacement for Symantec's PGP cryptographic software suite. The software is compliant with RFC 4880, the IETF standards-track specification of OpenPGP. Modern versions of PGP are interoperabl ...
References
External links
*
The OpenPGP HTTP Keyserver Protocol (HKP)(March 2003)
* {{SourceForge, pks, OpenPGP Public Key Server - an OpenPGP key server software package distributed under a
BSD-style license
BSD licenses are a family of permissive free software licenses, imposing minimal restrictions on the use and distribution of covered software. This is in contrast to copyleft licenses, which have share-alike requirements. The original BSD lice ...
. It has largely been replaced by SKS and Hockeypuck.
Synchronizing Key Server (SKS)- an OpenPGP key server software package distributed under the
GPL
The GNU General Public License (GNU GPL or simply GPL) is a series of widely used free software licenses that guarantee end users the four freedoms to run, study, share, and modify the software. The license was the first copyleft for general u ...
.
Hockeypuck- a synchronising OpenPGP keyserver software package distributed under the
AGPL.
Hagrid- a non-synchronising, verifying OpenPGP keyserver software package distributed under the
AGPL.
PGP Global Directoryhosted by the
PGP Corporation
PGP Corporation was a company that sold Pretty Good Privacy computer software. It was founded in 2002, and acquired by Symantec in 2010, and by Broadcom in 2019.
History
PGP Corporation was co-founded in June 2002 by Jon Callas and Phil Dunkelber ...
.
Key management