Public Key Infrastructure Primer: Why is PKI important?
In discussions of identity, Public Key Infrastructure (PKI) is often mentioned in the same breath as smart cards and biometrics. While the latter two are widely known and becoming familiar to their many users, PKI can still be confusing.
PKI stands behind the smart card and provides the platform for it to be successful. So with more digital identity documents being issued and PKI becoming more prevalent it’s important to get a handle on the technology. PKI can be expensive and could be hard to deploy when it was a new technique, but now it’s become mainstream and is commonly deployed in identity projects.
So what is a PKI and how does it work?
Let’s break down the term into two pieces–Public Key and infrastructure. The term “public key” represents one technology that can be used to encrypt and decrypt information. The term “infrastructure” represents the notion that there is a wide-spread network of connected items. Thus Public Key Infrastructure, or PKI, is a wide network of connected technologies that are specifically Public Key related.
So let’s understand what Public Key technology is, but first a little background and scene setting.
In today’s world, individuals, corporations and governments are using the Internet as the primary method for communicating information and conducting business. As we all know, it can be difficult to determine, with any amount of certainty, who you are dealing with at the other end of the connection.
Specifically, there are three basic concerns:
- Is the information being exchanged private and secure? Can I rest assured that nobody has tampered with the data?
- Is the person with whom I am dealing with really the person I think it is?
- Once I conduct a transaction, can anyone deny participation after the fact?
In dealing with people face-to-face, there is an element of trust backed up with receipts and signatures that give us a degree of comfort in conducting business. There is also the assurance we receive simply by looking at a person and recognizing them. If we require additional levels of assurance, we employ the services of notaries, or bring witnesses to bear. In dealing with people electronically, those assurances are lost, so how do we establish this type of trust in an online environment?
First, we must establish the true identity of an individual to some reasonable level of certainty. Driver licenses, birth certificates, witnesses and passports all may be used, depending on the level to which we will need to trust future interactions and transactions, e.g., the department of motor vehicles might require a lower assurance for registering an automobile than a central bank would for transferring a huge sum of money to another central bank.
Second, having completed our “identity proofing” we give the individual something very special, a secret and personal “Private Key” established with Public Key technology. That’s right, Public Key technology generates a Private and Public key set for an individual–and the two keys fit the same lock. Let’s look at this further!
Public Key technology is based on Public Key cryptography, a technology that itself is mathematically complex. Essentially, it is a cryptographic technique that enables one person to encrypt some data with one key and this data can only be decrypted with another, related, key. You can also encrypt data with the related key and it can only be decrypted with the original one key. These key “pairs” are related and no other key or key pair can encrypt or decrypt data outside of this pair. This is the notion that two keys can fit the same lock, as mentioned above.
This basic concept is transformed into a powerful utility once a basic premise is applied. And this premise is–make one key of the key pair a secret and make the other key publicly available. The “secret key” is only known to the holder of that key, and the “public key” is known to all, and is known by all as belonging to holder of the corresponding secret key.
This truly amazing technology can now be applied to accomplish all of the three concerns mentioned above. How?
Consider the diagram below. Any data encrypted using Key A, the “private key” can only be decrypted with Key B, the “public key.” Since Key B is public, anything encrypted by Key A can be decrypted using Key B. The point in encrypting here is not to make anything a secret (if you think that the only reason to encrypt something is to make it a secret–not so!).
Since Key B is a public key, anyone in the world has access to it and anyone in the world can decrypt the data encrypted by Key A. So what? So that means by virtue of being able to decrypt the message, you know 2 things–it was encrypted by Key A (any message encrypted by any other key would result in junk data), and the message was not tampered with (had anyone messed around with the encrypted data, the result would also have been junk data).
This is the same thing the medieval king did when he put his signet ring into a gob of wax on a proclamation to be posted in the castle. It was guaranteed authentic and unchanged. (Well, a clever fellow might be able to scrape the parchment and change the message, so PKI signatures are better!)
Conversely, if anyone were to encrypt data using the Public Key B–which, remember, everyone has–then only the corresponding Key A would be able to decrypt it. In this case, we are keeping secrets and only the holder of Key A could see the message. Now the king has put the parchment into a secure envelope and put a seal on the flap!
So the notion of Public Key technology–the ability to have related key pairs that only work with one another where one of which is kept secret and the other made public, makes for a powerful utility that can protect data, provide knowledge about the other party, and secure transactions.
The other part of PKI, the “I” or infrastructure component, is what makes Public Key technology work in a global arena, enabling individuals and organizations to trust one another.
Key to this infrastructure are the concept of certificates and authorities.
The Public Key pairs and identities mentioned above are of little value without something to guarantee their authenticity. One must be able to associate a person, or entity, with their keys. This is accomplished via something called certificates. A certificate is basically a container that holds the Public Key (of the public/private key pair) and data associated with that key such as the individual’s name, the key’s expiration date and other pertinent data elements. The certificate becomes the essential component that relates a key to its owner.
Certificates are issued by authorities. Authorities are high-level entities that establish the notion of a trust center. All certificates issued by an authority can be trusted if one trusts the authority. All certificates issued by an authority are all a part of the family of that authority.
A parallel can be drawn by looking at driver licenses. Think for a moment about the Driver License Infrastructure being the license number, the card itself and the motor vehicle division that issues the driver license card. The license number is like the key, the card is like the certificate, and the DMV is like the authority. You know that the number is associated with a person by looking at the card and you can trust the license because it was issued by a DMV you know.
The final piece of the puzzle concerns how different authorities can trust one another. Again, making the parallel with a driver license, the relationship between states is mostly one of policy. If State A trusts the processes followed by State B to issue its licenses, then that State A can trust the licenses issued by State B.
In summary is different certificate authorities use agreed upon processes to identify individuals and issue certificated then they can trust the pool of certificates issued by other authorities.
Cost and complexity
While PKI may be involved and costly, it’s not the technology but trust issues associated with the technology that make it complex. PKI intends to satisfy issues of trust and liability that rely on strict adherence to business policies, practices and procedures. Deploying and managing trust and liability becomes an expensive proposition.
A second reason is one of quantities of scale–the first PKI you implement becomes an immense undertaking while the tenth is much less mysterious. In the past, many organizations have established only one, their own, but today there are specialist practitioners ready and able to assist with PKI establishment.
While this inherent high degree of difficulty and cost associated with PKI technology has made it slow to be adopted, it’s on the rise. Today’s operating environments for governments, businesses and individuals are becoming more and more Internet centric. The three tenets described above can only be solved efficiently and ubiquitously through use of PKI technology.
Any solution that is not Public Key technology-based would be tremendously inefficient and prohibitively onerous to operate. It would likely be more expensive for a reduced level of functionality.
PKI provides a mechanism that enables people and organizations to securely conduct business over open networks. It enables strong mutual authentication of the parties. It enables transactions to be secure and reputable. It provides a method to protect the integrity of information. No other technology can efficiently and effectively provide these capabilities, and as more and more business is transacted over the Internet, PKI will be here to protect information exchange. ![[end]](/resources/bullet/secureidnews-4.gif)
