PKI Attacks

There are several ways a hacker or malicious individual can target a PKI for attack:

• Sabotage—The PKI components or hardware may be subjected to a number of attacks including vandalism, theft, hardware modification, and insertion of malicious code. Most attacks are designed to cause denial of service (DoS).

• Communications disruption/modification—These attacks target communications between the subscribers and the PKI components. The disruption could cause DoS, but may also be used by the attacker to mount additional attacks such as impersonation of a subscriber or the insertion of fake information.

• Design and implementation flaws—These attacks target flaws in the software or hardware on which the subscriber depends to generate or store key material and certificates. The attacks can result in malfunctions of the software or hardware that may cause DoS.

• Operator error—These attacks target improper use of the PKI software or hardware by the operators and may result in DoS or the disclosure or modification of subscriber keys and certificates.

• Operator impersonation—These attacks target the user by impersonating a legitimate PKI operator. As an operator, the attacker could do almost anything a legitimate operator could do, including generate keys, issue certificates, revoke certificates, and modify data.

• Coercion—These attacks occur when the administrator or operator of a CA is induced into giving up some control over the CA or creating keys and certificates under duress.

 (Oriyano 73)