What is Public Key Infrastructure (PKI)

What is Public Key Infrastructure (PKI)? what are they for？

● Public Key Infrastructure (PKI) is a set of hardware, software, policies, processes and procedures required to create, manage, distribute, use, store and revoke digital certificates and public keys. PKI is the basis for technologies such as digital signature and encryption to be used by a large number of user groups. PKI is integral to creating a secure and trusted business environment for e-commerce and the growing Internet of Things.

● PKI helps establish identities for people, devices, and services—enabling controlled access to systems and resources, data protection, and transactional accountability. Next-generation business applications increasingly rely on PKI technology for high assurance, as evolving business models increasingly rely on electronic interactions that require online verification of identity and adherence to stricter data security regulations.

The role of the Certificate Authority (CA)

● PKI binds the public key with the associated user (owner of the private key) by means of a digital certificate. A digital certificate is a credential that facilitates mutual verification of identities between users in transactions. Just like a passport can prove a person's identity as a citizen of a country, a digital certificate can establish an identity for a user within an ecosystem. Because digital certificates are used to identify users who receive encrypted data or verify the identity of the signer of a message, protecting the authenticity and integrity of the certificate is critical to maintaining the trustworthiness of the system.

● The certificate issuing authority (CA) issues digital certificates for authenticating user identities. CAs underpin the security of PKI and the services supported by PKI, so they are inevitably the focus of sophisticated targeted attacks. In order to reduce the attack risk faced by issuing authorities, physical and logical controls and hardening mechanisms (such as hardware security modules) have become necessary to ensure the integrity of PKI.

PKI deployment

● PKI provides a framework to enable large-scale and effective deployment of cryptographic data security technologies such as digital certificates and signatures. PKI supports identity management services within and across networks, while also supporting online authentication inherent in Secure Sockets Layer (SSL) and Transport Layer Security (TLS) to protect Internet communication flows as well as document and transaction signing, application code signature and timestamp. PKI supports solutions such as desktop login, citizenship identification, public transportation, mobile banking, and plays a key role in IoT device authentication. And device authentication plays an increasingly important role in delivering identity to the ever-growing number of cloud-based and Internet-connected devices, which range from smartphones to medical devices.

PKI的密码安全

● Based on the principles of asymmetric and symmetric encryption, PKI facilitates the establishment of secure data exchange between users and devices - ensuring the authenticity, confidentiality and integrity of transactions. Users (also called "subscribers" in PKI vocabulary) can be individual end users, or they can be web servers, embedded systems, interconnected devices, or programs/applications that are executing business processes. Asymmetric cryptography provides users, devices or services in the ecosystem with a key pair consisting of a public key and a private key. The public key is provided to anyone in the user group for use in encrypting or verifying digital signatures. A private key, on the other hand, must be kept secret and can only be used by the entity to which it belongs, usually for tasks such as decrypting or creating digital signatures.

The growing importance of PKI

● As evolving business models increasingly rely on electronic transactions and digital documents, and as more and more Internet-aware devices are connected to corporate networks, the role of PKI is no longer limited to isolated systems such as secure email, A smart card used for physical access or encrypted network traffic. Today's PKI is expected to support more applications, users and devices in complex ecosystems. As government and industry data security regulations tighten, mainstream operating systems and business applications rely more than ever on institutional PKIs for trustworthiness.

What is a Certificate Authority or root private key theft?

● Theft of a certificate authority (CA) or root private key could allow an attacker to take over an organization's public key infrastructure (PKI) and issue fake certificates, as was the case with the Stuxnet attack. Any such breach has the potential to force some or all previously issued certificates to be revoked and reissued. A root compromise like a stolen root private key can destroy the trustworthiness of your PKI, easily forcing you to rebuild a new root and its accompanying CA signing infrastructure. In addition to damaging your company's corporate image, this also means you need to pay a high cost.

● In terms of the entire infrastructure from the root to the issuing authority, the integrity of the institution's private key is the core trust foundation of PKI, so it must be strictly protected. The accepted best practice for securing these critical keys is to use a FIPS 140-2 Level 3 certified Hardware Security Module (HSM), a tamper-resistant device that meets the highest standards of safety and security.

What is Improper PKI Segregation of Duties?

● Inadequate control over the use of signing keys can lead to misuse of certificate authorities (CAs)—even if the keys themselves are not compromised. Malicious actors could issue malicious certificates, allow devices or users to impersonate legitimate users and perform man-in-the-middle attacks, or digitally sign subsequently propagated malware to make them appear to come from trusted sources.

● When designing an institutional public key infrastructure (PKI), establish appropriate security controls. This includes segregating CA roles and developing policies so that individual attempts to perform multiple CA roles fail. Ensuring proper segregation of duties through the development of policies and procedures, including establishing contingencies for the departure of team members, is critical to the security and integrity of the PKI and must be part of the initial PKI design. The best way to do this is to adopt a technology that automates the implementation of the separation of duties strategy through technical solutions. For example, an "N of M" smart card group can enforce a strong separation of duties policy by simply not allowing a single person to issue certificates without the presence of others, such as a security officer.

What is PKI Insufficient Scalability?

● A public key infrastructure (PKI) that is not designed to take into account the growth factors of the organization and its users will eventually have to be redesigned due to the continuous expansion of the business scale, which will have a negative impact on the organization's production and customers. As new applications are launched every day, more and more users require access through multiple devices. Good business planning requires consideration of the scalability of PKI from the very beginning of design.

● Many organizations will need to have multiple Certificate Authorities (CAs) to meet their growing needs—certificates can be used for login authentication, digital document signing, e-mail, and more. Organizations can set up a root CA to act as a "primary CA", supplemented by multiple subordinate CAs to cover various purposes. Organizations can also plan the scale of CAs by establishing multiple root CAs and multiple hierarchical structures. No matter which strategy is adopted, the goal is to get things done right the first time, ensuring that the organization's PKI can meet the growing needs of the unit.

What is Online Certificate Verification Subversion?

● Subversion of the online certificate validation process could lead to malicious exploitation of revoked certificates. Attackers with the ability to prevent certificates from reaching Certificate Revocation Lists (CRLs) can impersonate legitimate actors and carry out malicious activities without the victim knowing that they are communicating with illegitimate actors.

● Developing certificate authentication policies and procedures is an important part of public key infrastructure (PKI) design. Additionally, proper enforcement and enforcement of these policies and procedures will ensure that revoked certificates and users are denied access. While there will be many organizations using CRLs, some organizations may choose a different approach, such as the Online Certificate Status Protocol (OCSP) or the Authentication, Authorization, and Accountability Act (AAA).

Such decisions must be made during the initial PKI design discussions based on the needs of the organization. It is important to note that any private keys deployed during the certificate revocation process must be protected in the same way as keys issued by the key signing process.

What is PKI lack of credibility and non-repudiation?

● A public key infrastructure (PKI) with insufficient security, especially in terms of key management, exposes organizations to the risk of loss or disruption of business processes when organizations encounter situations where they cannot legitimately verify that a message is from a particular user under.

● The PKI built with security and integrity as the core can provide you with legal protection when user activities are disputed. A secure digital signature provides irrefutable proof of who sent the message and when it was sent, but it is only defensive if the PKI is strong. As long as it turns out that the signing key has been adequately protected from the root key onwards, your organization must be able to deal with any legal challenges regarding the authenticity of a particular user and their actions.