Why pki is necessary

PKI is important because the certificate-based technology helps organizations establish trusted signature, encryption, and identity between people, systems, and things.

With evolving business models becoming more dependent on electronic transactions and digital documents, and with more Internet-aware devices connected to corporate networks, the role of a public key infrastructure is no longer limited to isolated systems such as secure email, smart cards for physical access or encrypted web traffic.

PKIs today are expected to support larger numbers of applications, users and devices across complex ecosystems. And with stricter government and industry data security regulations, mainstream operating systems and business applications are becoming more reliant than ever on an organizational PKI to guarantee trust.

Any such compromise may force revocation and reissuance of some or all of the previously issued certificates. A root compromise, such as a stolen root private key, destroys the trust of your PKI and can easily drive you to reestablish a new root and subsidiary issuing CA infrastructure.

The recognized best practice for securing these critical keys is to use a FIPS Level 3 certified hardware security module HSM , a tamper-resistant device that meets the highest security and assurance standards. PKI is an entire framework that consists of hardware, software, policies, and more. Typically that CA is governed internally according to policies and procedures that align with the security and assurance levels required of the organization.

It also involves a CA that issues certificates, but it must be recognized by browsers as a publicly trusted CA. And while there are many use cases for PKI , the purpose of SSL is to secure sensitive data transferred via online communications, like online banking or ecommerce transactions. The primary use cases for PKI can be determined by looking at the applications that most commonly use digital certificates, such as:. Traditional use cases These business-critical applications make it clear that PKI is a strategic part of the core IT backbone.

New and emerging use cases There has also been a resurgence of PKI from DevOps-related use cases that are driving increased adoption, such as:. And some experts are predicting future use cases as technology and artificial intelligence gets even more advanced. The difference between private and public keys is one is used to encrypt, while the other is used to decrypt.

A public key is used to encrypt information, essentially making it unreadable to anyone who is not the intended recipient. Then that recipient holds a private key with which they are then able to decrypt the information. Also, a public key is publicly available to a set of users who would need to confidentially send information confidentially.

Conversely a private key is accessible only by the person receiving the information, and therefore would be the only person able to successfully decrypt what was encrypted. Together, public and private keys ensure information, data, and communications are encrypted before it is then safely transmitted and decrypted by the appropriate party.

A business must be able to retrieve encrypted data when users lose their decryption keys. This means that the enterprise to which the user belongs requires a system for backing up and recovering the decryption keys. The difference between key backup and key escrow Commercial requirements for key backup and recovery can be completely separated from law enforcement requirements for key escrow — a topic widely discussed in the media.

Which keys require backup? However, signing keys have different requirements from decryption keys. In fact, as the next section describes, backing up signing keys destroys a basic requirement of a PKI.

Repudiation occurs when an individual denies involvement in a transaction. For example, when someone claims a credit card is stolen, he or she is repudiating liability for transactions that occur with that card any time after reporting the theft. Non-repudiation means that an individual cannot successfully deny involvement in a transaction. The signature prevents repudiation of those transactions. In the electronic world, the replacement for the pen-based signature is a digital signature.

All types of e-commerce require digital signatures because e-commerce makes traditional pen-based signatures obsolete. The signing private key The most basic requirement for non-repudiation is that the key used to create digital signatures — the signing key — be generated and securely stored in a manner under the sole control of the user at all times.

It is not acceptable to back up the signing key. Unlike encryption key pairs, there is no technical or business requirement to back up or restore previous signing key pairs when users forget their passwords or lose, break, or corrupt their signing keys.

To support key backup and recovery, the decryption keys must be backed up securely. But to support non-repudiation, the keys used for digital signature cannot be backed up and must be under the sole control of the user at all times. To meet these requirements, a PKI must support two key pairs for each user. At any point in time, a user must have one current key pair for encryption and decryption, and a second key pair for digital signature and signature verification.

Over time, users will have numerous key pairs that must be managed appropriately. Cryptographic key pairs should not be used forever — they must be updated over time. As a result, every organization needs to consider two important issues:. The key history must also be securely managed by the key backup and recovery system. This allows encrypted data to be recovered securely, regardless of what encryption public key was used to originally encrypt the data and, by extension, regardless of when the data was encrypted.

When a signing key pair is updated, the previous signing key must be securely destroyed. As mentioned earlier, the CA acts as a trusted third party, issuing certificates to users. Businesses also must distribute those certificates so they can be used by applications.

Certificate repositories store certificates so applications can retrieve them on behalf of users. Over the past few years, the consensus in the IT industry is that the best technology for certificate repositories is provided by directory systems that are LDAP Lightweight Directory Access Protocol -compliant.

LDAP defines the standard protocol to access directory systems. In addition, the directories that support certificate distribution can store other organizational information. As discussed in the next section, the PKI can also use the directory to distribute certificate revocation information.

For instance, if you're trying to buy an SSL certificate for a website at example. Once you acquire the certificate, you can upload it to your web server.

The next obvious question, of course, is how you know you can trust the CA: after all, in the case of TLS, there's no centralized body in charge of the standard and anyone can set themselves up as a certificate authority. A bad actor in that role could wreak havoc.

In practice, OS and browser makers like Apple, Microsoft, and Mozilla are the de facto gatekeepers here, maintaining lists of trusted CAs and blacklisting those who slip.

The decisions on which CAs to trust have high stakes, as a showdown between Google and Symantec over what Google felt were Symantec's lax standards made clear. But as we'll discuss in a moment, it isn't the only kind. Other PKIs will have different standards for issuing certificates, but the important thing to keep in mind is that any PKI system must have some method by which CAs can authenticate users, and that all participants in the PKI system trust that method.

A web of trust system is better suited to self-contained networks or organizations, or small communities of users. PKI is great for securing email for the same reason that it's great for securing web traffic: because data flowing over the open internet can be easily intercepted and read if it isn't encrypted, and because it can be difficult to trust that a sender is who they claim to be if there isn't some way to authenticate their identity.

As we've seen, establishing near-universal PKI for web traffic has been relatively easy because most of the necessary infrastructure is built into web browsers and servers.

Email is accessed through more heterogenous clients, which makes things a bit trickier. Support for these kinds of email protections are built into clients like Microsoft Outlook.

The rise of web-based email in recent years has seen a step backwards in this regard. Having PKI in place does not guarantee security. Companies sometimes fail to deploy or manage it properly. A recent study by the Ponemon Institute surveyed nearly 17, IT and security practitioners about their key and certificate management practices.

The report identified the most significant risks associated with securing digital identities using PKI:. Fifty-five percent said their organizations had experience four or more incidents in the past two years. Unsecured digital identities undermine trust. Fifty-nine percent of respondents say cybercriminals misusing keys and certificates increases the need to secure them.

Failed audits and CA compromise are the biggest threats. Attackers can use compromised or rogue CAs to deliver malware to conduct man-in-the-middle or phishing attacks. Security or compliance audits might fail to detect vulnerabilities due to unenforced key management policies or inadequate key management practices. More encryption increases operational complexity and cost.

Two -thirds of respondents are adding layers of encryption to meet regulatory and IT policy requirements. Most organizations lack resources to support PKI or do not assign clear ownership of it. Skip to main content. Toggle navigation Fed ID Card. You are here Home. How are USAccess credentials shipped? How do I officially decommission a Fixed Station?

Does the USAccess system support temporary issuance of credentials, including certificates? How do I purchase a Light Activation Kit? What is in a Light Activation Kit? What actions can I perform using the Light Activation Service?

What information will be on my invoice? What other status might the certificate be in? If you send a document or email signed with a PKI certificate, can the recipient open it up and see the signature without having a PKI certificate? If the recipient needs a PKI certificate is there anything else the recipient needs? What forms do I need to complete to submit funding to the MSO? Is it the same form for new and existing customers?