Skip to content

Public Key

Service Name: Public Key Infrastructure

Service Description: Public keys are part of asymmetric cryptography systems used for secure communications, digital signatures, and encryption. They are designed to be shared publicly, unlike their private key counterparts.

Service Address: N/A

Validation Type: -

IP Allow list: Does not exist

Secret Access Scope: Allows verification of signatures created with the corresponding private key, but does not grant access to protected resources on its own.

Secret Revokement URL: Does not exist

Secret Example:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1SU1LfVLPHCozMxH2Mo
4lgOEePzNm0tRgeLezV6ffAt0gunVTLw7onLRnrq0/IzW7yWR7QkrmBL7jTKEn5u
+qKhbwKfBstIs+bMY2Zkp18gnTxKLxoS2tFczGkPLPgizskuemMghRniWaoLcyeh
kd3qqGElvW/VDL5AaWTg0nLVkjRo9z+40RQzuVaE8AkAFmxZzow3x+VJYKdjykkJ
0iT9wCS0DRTXu269V264Vf/3jvredZiKRkgwlL9xNAwxXFg0x/XFw005UWVRIkdg
cKWTjpBP2dPwVZ4WWC+9aGVd+Gyn1o0CLelf4rEjGoXbAAEgAqeGUxrcIlbjXfbc
mwIDAQAB
-----END PUBLIC KEY-----

Suspicious Activity Investigation Instructions:

  • Check if the public key is being used in a legitimate context (e.g., SSH authentication, TLS certificates)
  • Verify that the public key belongs to a trusted entity
  • Ensure the public key is not being used to impersonate another entity
  • Confirm that the public key is not being used in conjunction with an exposed private key

Mitigation Instructions:

  • If the public key is associated with an exposed private key, generate a new key pair
  • Update all systems using the old public key with the new public key
  • Revoke any certificates associated with the compromised key pair
  • Rotate any credentials that may have been encrypted with the exposed key pair