Secure RPC

• A dictionary attack can be performed on the user's private key. However, an attacker can only verify that he has guessed the correct password, and hence the correct key, by requesting a service. If a service refuses additional requests after multiple failures, or if the service is audited sufficiently, this can deter the risk of this type of attack succeeding.

• The user's secret key is kept in the memory of the keyserver from login to a key logout. If privileges are not controlled properly, meaning that another user can become superuser and then in turn become another user, the system has no way of knowing that an intruder is using the secret key of another user.

• Conversation keys are kept in processes on both the client and server. These keys then must rely on the protection of both systems. If one system stringently protects the key, but the other system does not, the protection efforts of the first system are reduced.