Open in app

Sign in

Write

Sign in

The Keys To Your Castle, and Your Backdoor, Front door and Side door

The Greatest Risk to the security of your organisation?

Prof Bill Buchanan OBE FRSE
ASecuritySite: When Bob Met Alice
Published in
9 min readJan 11, 2019

--

So what are your company’s keys to the castle?

Well, for many, it is the SSH keys that support the accesses to cloud-based systems and code repositories. If these keys are compromised, it can lead to threats around the large scale loss of Intellectual Property (IP), data loss, and a whole lot of other things. Your company can also lose all digital trust in itself, and to external systems.

Most developers, for example, know that these key provide the core protection against a loss of their code, and where the management of these keys is now fundamental to the security of many organisations. For GitHub access, or for AWS and Azure accesses, it is magical public keys that give them trusted access. A loss of the private key associated with the public key, then, can mean a large scale breach of data, and a general loss of trust.

The Trusted Connection …

For an SSH connection, I’ll illustrate the process with Bob (the client) and Alice (the server):

--

--

Prof Bill Buchanan OBE FRSE
ASecuritySite: When Bob Met Alice

Written by Prof Bill Buchanan OBE FRSE

Editor for

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams