Q: creating CSR for encryption-only cert?

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Mon Oct 3 15:11:07 UTC 2022


TLDR; 

Need to create a CSR for a key pair whose algorithm does not allow signing (either because it’s something like Kyber, or because restriction enforced by HSM). How to do it?

 

There are several use cases that require certifying long-term asymmetric keys that are only capable of encryption/decryption – but not signing/verification. That could be either because the algorithm itself does not do signing, or because the private key is generated and kept in a secure hardware that enforces usage restriction.

 

CSR is supposed to be signed by the corresponding private key to prove possession. Obviously, it cannot be done with a key such as described above. How is this problem addressed in the real world?  With AuthKEM and KEMTLS, how would these protocols get their certificates?

 

Thanks!

--

V/R,

Uri Blumenthal                              Voice: (781) 981-1638 

Secure Resilient Systems and Technologies   Cell:  (339) 223-5363

MIT Lincoln Laboratory                      

244 Wood Street, Lexington, MA  02420-9108      

 

Web:     https://www.ll.mit.edu/biographies/uri-blumenthal

Root CA: https://www.ll.mit.edu/llrca2.pem

 

There are two ways to design a system. One is to make it so simple there are obviously no deficiencies.

The other is to make it so complex there are no obvious deficiencies.

                                                                                                                                     -  C. A. R. Hoare

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20221003/dc686c1d/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5249 bytes
Desc: not available
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20221003/dc686c1d/attachment-0001.p7s>


More information about the openssl-users mailing list