Why would you need a revocation key?

318    Asked by ananyaPawar in SQL Server , Asked on Nov 16, 2022

 I am currently encrypting some personal information using gpgdir. I have a copy of my private key printed onto a sheet of paper in the form of a data matrix lest I lose the digital copy of my private key.


However, in reading up about encryption best practice I've often come across the notion of "revoking" my key. In gpg, I can generate a revocation key using gpg --gen-revoke KEY, which can later be used to "revoke" my key.


But what does that actually mean? And how is it useful? I have found a plethora of information online about how to revoke my key and generate revocation keys, but none on what actually happens when I "revoke" my key.


Is this functionality useful if I am the only intended user of the encrypted data?

Answered by Amit raj

The answer to your question - why would you need a revocation key? is - Gnupg is open source (yeah!) and hence it can be looked up what happens. The answer to the question - Why would you need a revocation key? is that when you create a revocation certificate for a key i.e. via `gpg --gen-revoke name" it internally moves through the following functions/key steps

main() in gpg.c (the gpg command line tool) is called, then

parameters parsed and then gen_revoce( const char *uname) in revoce.c is called,

inside then it retrieves the secret and public key for the uname

it then calls make_keysig_packet in sign.c like this

    rc = make_keysig_packet( &sig, pk, NULL, NULL, sk, 0x20, 0,

                              opt.force_v4_certs?4:0, 0, 0,

                              revocation_reason_build_cb, reason );

with the keypair (public pk and secret sk) and provides additionally a function pointer to revocation_reason_build_cb and a string with the revocation reason). internally make_keysig_packet then uses a hash_algo to create a message digest md, which is eventually provided to complete_sig( sig, sk, md ); that internally calls do_sign and uses asymmetric encryption on the md. the created revocation certificate (which is sort of a type of signed with the secret/private key message) is created. Then in this certificate provided to a keyserver will allow for this as @WayToDoor phrased) the comment to the key on the server.n Only the person in possession of the secret private key can sign messages to be verified with the public key and hence, a revocation is a "sending of a private key signed message, hash of message generated and asymmetrically encrypted" kind of thing. My take on the further thing is that once revoked, the keypair is burned (trustwise worthless). Therefore it would be smart to have used a subkey to a safer (air gapped) master encryption key, allowing the reissuing of a new working subkey to replace the revoked key, without the need to save channel wise and verify the public key of the new subkey-keypair.



Your Answer

Online Course

Tutorials

Salesforce Tutorial

Software Testing Tutorial

SQL Tutorial

Business Analyst Tutorial

Devops Tutorial

Data Science Tutorial

AWS Tutorial

Hadoop Tutorial

SSRS Tutorial

AWS S3 Tutorial

Functional Testing Tutorial

SSAS Tutorial

Automation Testing Tutorial

Manual Testing Tutorial

Selenium Tutorial

Kubernetes Tutorial

Scala Tutorial

ETL Testing Tutorial

Python Tutorial

Pyspark Tutorial

R Tutorial

Unit Testing Tutorial

API Testing Tutorial

Puppet Tutorial

Integration Testing Tutorial

Chef Tutorial

Jenkins Tutorial

Ansible Tutorial

Vagrant Tutorial

Docker Tutorial

Interviews

Parent Categories

Copyright | JanBaskTraining.com