PKI primer, Part 1
 
|
|||
 | |||
|
Sign up to receive this and other networking newsletters in your inbox.
Public key infrastructures are the foundation on which digital signatures and secure Internet transactions will be built. This series of newsletter will serve as an introduction to PKI.
A Public Key Cryptosystem (PKC) provides asymmetric encryption of confidential messages and transactions, authenticates the origin of such data, and guarantees data integrity. For each user, two keys are generated at a time; each can decrypt only what the other encrypts; that is, each key cannot decrypt what it encrypts. One key is kept secret; the other becomes a public key known to anyone who wants to use the PKC.
Advertisement: |
To send a message readable only by a specific PKC user, we can encrypt the " cleartext " with the recipient's public key; only the corresponding secret key can decrypt the " ciphertext. " Similarly, to authenticate the origin of a message, we can encrypt the cleartext or a randomized extract of the text (a hash) using our own secret key. Anyone can then decrypt the message using our public key - and only that key. Both of these methods also guarantee the integrity of the cleartext while the ciphertext is in transit, because any tampering with the ciphertext causes errors during verification of the digital signature or decryption of the ciphertext.
HHHHowever, a PKC depends on trust. For example, in the case of a digital signature, the PKC provides proof only of the secret key used to sign a given document. What if a signing key were actually issued to an imposter? What if a person's secret key were compromised? The PKC can be trusted only if there is a trusted link from a public key to a known individual, organization, or device. It is the chief function of a PKI to document a trustworthy linkage between the ostensible owner of a secret key and that key.
There are many questions raised when discussing the PKI. For example,
* What should a certificate that links identity to a key pair contain?
* How should we validate a public key to prevent impersonation?
* How should we handle revocation of certificates?
* What happens to documents signed with keys that have been revoked?
* Should organizations build their own PKI or use third-party certificates?
* Can proprietary formats for certificates lead to successful interoperability?
* What are the costs and benefits of third-party PKIs vs. in-house PKIs?
Thanks to Robert Moskowitz of ICSA Labs for contributing to the white paper on which this series is based.
RELATED LINKS
Check out the new "Computer Security Handbook, 4th Edition" edited by Seymour Bosworth and Michel E. Kabay; Wiley (New York), ISBN 0-4714-1258-9. Available now at your technical bookstore or visit Amazon.
M. E. Kabay, Ph.D., CISSP is Associate Professor of Information Assurance in the Department of Computer Information Systems at Norwich University in Northfield, Vt. Mich can be reached by e-mail by clicking here. He invites inquiries about his information security and operations management courses and consulting services. Visit his Web site for papers and course materials on information technology, security and management.
Archive of Network World Fusion Focus on Security newsletters
Network World Security and Bug Patch Alert
News of the latest security holes and patches.
