A key server provides access to public keys, which are used in asymmetric cryptosystems to send encrypted messages to a person, such as by email, or to verify their signatures. In particular, a keyserver provides a convenient, though not always cryptographically secured, way to update keys, which is necessary to check whether a key is still valid or has been revoked.
Many of these servers are publicly accessible because the information stored on the server represents the public component of the key pair, and normal keys are desirable to be distributed as quickly and widely as possible. However, key servers are not only public for reading, but also for writing. They only pass on data, but usually do not authenticate it (an exception for the PGP keyserver is the verification of email addresses). The authentication of the keys must therefore be done in a different way; this problem does not exist with updates.
On a key server, each user registered there has at least one public key associated with it, which usually includes one or more e-mail addresses and the user’s name. Such a server can be searched by names, email addresses, and key IDs.
---
Alleged Problem of Key Server
Inexperienced users often criticize the fact that it is not possible to delete a key or parts of a key server once they have been published.
A common argument for the motivation for this is forgotten passwords for the private key. However, this is a misunderstanding, because a public key does not require distribution control. These can also be handed over to attackers without any security risks. In any case, the publication of public keys means the loss of control over distribution. It doesn’t matter whether you have a key server or not, because it is not possible to influence the local keychains in which the keys end up.
A forgotten password for the private key only means that you can’t sign/decrypt new messages. Also, you can’t generate new revocation signatures (which invalidate the entire key), which can be a security issue, especially for keys that don’t expire. If you get a new key pair, you make it easy for all communication partners to get the new public keys by copying them to a key server. The continued existence of the old public keys is not a problem, on the contrary, it is even necessary, because these older public keys are needed to verify the signatures of messages that have already been received.
If it were possible to delete individual keys or parts of them, an attacker could remove parts he doesn’t like (e.g. revocation certificates), which would have a significant impact on security and would practically destroy the encryption system.
Issues and Data Protection
Key servers can be misused as a source of e-mail addresses, for example, to send spam. Furthermore, attached signatures can be analyzed and thus the participation of the key holder in social networks can be identified.
For example, many web servers allow the addition of image information by default. This makes it possible to establish a link between the published data, which restricts data protection.
This is exacerbated by the fact that there is a great risk of certificates being misplaced or misused. Abuses cannot be reversed under any circumstances, so that informational self-determination can be violated here.
Another privacy issue is that you can’t currently control which signatures are added to a key on a keyserver, because the keyservers accept all signatures. In general, this is not a problem, but it is conceivable that someone specifically wants to publish only very specific signatures, for example in order not to jeopardize the anonymity of a key. In addition, a DoS attack is possible when someone adds signatures to a key in huge numbers, rendering it unusable.
The OpenPGP standard already supports the formal possibility to solve this problem with the flag Keyserver no-modify. However, this has so far had no consequences, as the majority of keyservers do not observe this flag, because cryptographic verification would be associated with a comparatively high expenditure of computing power. In addition, the keyservers live from their mutual synchronization, which would be associated with serious problems if only a part of the servers within a network observed this flag.
Tagged With national7nb