What is the accepted way to transfer public-private keypairs over intranet?

62 views Asked by At

I have an embedded system (Netburner 5441x) that consumes public-private RSA keypairs. I have ported OpenSSL into the system but the processor cannot make keypairs fast enough for the application. So the next logical step is to have the embedded system, which has Ethernet, get keys from a PC based server.

I've read about half the PKCS#N documents and it looks like it's all about object formats. Is there an accepted network protocol for transferring public-private keypairs? Would you just open a secure socket and send the PKCS objects with no other framing? Use a shared Key Encryption Key, or have the client send a public RSA key for key encryption by the server?

Is there a standard?

Edit 13Jun22 in response to StackOverflow blocking the question: This question is not asking for recommendation of a book etc., but whether a standard exists for a particular unusual use case. If such a standard existed, that citation would answer the question. Respectfully request removal of the block.

1

There are 1 answers

0
Larry Martin On BEST ANSWER

According to the Information Security Stack Exchange, there is no accepted answer for this unusual use case. The best practice seems to be setting up a web service that serves passphrase encoded key files over HTTPS, which implies SSL protection. https://security.stackexchange.com/questions/262533/what-is-the-right-way-to-transfer-public-private-keypairs-over-intranet