Introduction

Introduction

Without a doubt, the promise of public-key infrastructure (PKI) technology has attracted a significant amount of attention in the last few years. Virtually every day some facet of PKI addressed in a newspaper, trade journal, or a conference paper. We hear and read about the promise of authentication and non-repudiation services provided through the use of digital signature techniques, and about confidentiality and key management services based on a combination of symmetric and asymmetric cryptography—all facilitated through the realization of a supporting technology referred to as PKI. In fact, many people consider the introduction of PKI technology to be the very enabler of secure global electronic commerce.

Although the foundation for PKI was established over two decades ago with the invention of public-key cryptography, PKI technology has been offered as a commercially viable solution only within the last few years. But what started as a handful of technology vendors a few years ago has seen the birth of dozens, perhaps hundreds, of vendors that offer one form or another of PKI-related service. Further, the commercial demand for PKI-based services continues to increase, and available evidence appears to suggest that the momentum behind PKI may very well continue to grow for the foreseeable future.

Still, as a technology, PKI is fairly new. And to many, PKI technology is shrouded in mystery to some extent. This situation appears to be exacerbated by the proliferation of conflicting documentation, standards, and vendor approaches. Furthermore, there appears to be no comprehensive book devoted to PKI that provides a good introduction to its critical concepts and technology fundamentals.

Thus, the authors share a common motivation in writing this book: To provide a vendor-neutral source of information that can be used to establish a baseline for understanding PKI. In this book, we provide answers to many of the fundamental PKI-related questions, including

• What, exactly, is a PKI?

• What constitutes a digital signature?

• What is a certificate?

• What is certificate revocation?

• What is a Certification Authority (CA)?

• What are the governing standards?

• What are the issues associated with large-scale PKI deployment within an enterprise?

These are just some of the questions we explore in this book.

Motivations for PKI

It is important to recognize that PKI is not simply a "neat" technology without tangible benefits. When deployed judiciously, PKI offers certain fundamental advantages to an organization, including the potential for substantial cost savings. PKI can be sued as the underlying technology to support authentication, integrity, confidentiality, and non-repudiation. This is accomplished through a combination of symmetric and asymmetric cryptographic techniques enabled through the use of a single, easily managed infrastructure rather than multiple security solutions. (See Chapter 2, "Public-Key Cryptography," Chapter 3, "The Concept of an Infrastructure," Chapter 4, "Core PKI Services: Authentication, Integrity, and Confidentiality," and Chapter 5, "PKI-Enabled Services.") PKI offers scalable key management in that the overhead associated with the distribution of keying material to communicating parties is reduced significantly when compared with solutions based solely on symmetric cryptography. (See Chapter 2 for a description of symmetric and asymmetric cryptographic techniques.) Judicious deployment of a single, unifying PKI technology can also help to

• Reduce administrative overhead (when compared with the deployment of multiple point solutions)

• Reduce the number of sign-on events required by end-users

• Reduce paperwork and improve workflow efficiencies through more automated (and more secure) business processes

• Optimize work force productivity (by ensuring that users spend less time contending with the security infrastructure and more time on the job at hand)

• Reduce requirements for end-user training related to the use of the security services (because there is one security solution rather than many)

Not only does PKI technology have the potential to realize cost savings, but in some cases it might even be a source of revenue for an organization (through support for new services that might otherwise not be offered). Benefits and related business considerations associated with PKI technology are discussed further in Part III, "Deployment Considerations."

Audience

The main purpose of this book is to provide a fairly comprehensive overview that will help the reader better understand the technical and operational considerations behind PKI technology. You will benefit from this book if you are responsible for the planning, deployment, and/or operation of an enterprise public-key infrastructure. Those who are simply interested in the basic principles behind a PKI should also find this book useful.

We hope that this book will become an educational tool for many and a handy reference guide for others. This book is not intended to resolve extremely detailed implementation questions, although it can serve as a primer for someone who will eventually be more interested in the finer implementation details.

Organization

The book is organized into three parts. Part I provides essential background information necessary to better understand the concepts and principles behind the PKI. Part II addresses standards and related activities (for example, industry-sponsored interoperability initiatives) related to PKI. There are two primary purposes for including this section in the book. First, it provides an overview of the major standards bodies involved in the PKI arena and discuses the main focus of each group, giving a roadmap to some of these activities. Second, it deonstrates the relative maturity and stability of this area, highlighting the fact that a solid basis for implementation and interoperability has already been laid. Finally, Part III discusses PKI deployment considerations, providing guidance for some of the initial and fundamental decisions that must be made prior to any PKI deployment.

Part I: Concepts

Part I of this book deals with fundamental PKI concepts. This includes background information (for example, a primer on cryptography is included) as well as detailed information with respect to public-key certificates and certificate revocation schemes.

Chapter 1, "Introduction," introduces Part I and provides a list of the contents of Part I on a chapter-by-chapter basis.

Chapter 2, "Public-Key Cryptography," provides a brief, non-mathematical introduction to the concepts of public-key cryptography relevant to the material presented throughout the remainder of the book. It includes the distinction between symmetric and public-key ciphers, the concept of a key pair, the services of this technology, terminology, and sample algorithms.

Chapter 3, "The Concept of an Infrastructure," discusses an infrastructure, highlighting its usefulness as an application enabler, its role in secure single sign-on, and its capability to provide end-user transparency and comprehensive security. This chapter also provides a working definition of PKI.

Chapter 4, "Core PKI Services: Authentication, Integrity, and Confidentiality," and Chapter 5, "PKI-Enabled Services," examine services that a PKI can provide. Chapter 4 discusses the core services of authentication, integrity, and confidentiality; Chapter 5 looks at PKI-enabled services such as digital time stamping, notarization, non-repudiation, and privilege management.

Chapter 6, "Certificates and Certification," introduces the concept of a certificate and discusses the process of certification. Certificate contents and format are described, along with the role of a Certification Authority (CA) and a Registration Authority (RA).

Chapter 7, "Key and Certificate Management," looks at the whole area of key/certificate life cycle management, including generation, publication, update, termination, key history, key backup, and key recovery.

Chapter 8, "Certificate Revocation," discusses common techniques for certificate revocation, both periodic publication mechanisms and on-line query mechanisms. Scalability issues, timeliness, and implementation considerations are discussed with respect to these techniques.

Chapter 9, "Trust Models," examines the concept of a trust model. Strict hierarchies, distributed architectures, the Web model, user-centric trust, and cross-certification are presented and compared.

Chapter 10, "Multiple Certificates per Entity," includes an examination of key pair uses, support for non-repudiation, and independent certificate management.

Chapter 11, "PKI Information Dissemination: Repositories and Other Techniques," looks at the area of certificate dissemination and repositories. It discusses the pros and cons of certificate publication, along with issues of scalability, replication, timeliness, and trusted versus untrusted storage/access.

Chapter 12, "PKI Operational Considerations," discusses client-side software, on-line requirements, physical security, and disaster planning/recovery, along with trade-offs between system security and ease of use.

Chapter 13, "Legal Framework," provides a brief discussion of some of the legal issues associated with PKI, including topics such as the legal status of digital signatures, roles and responsibilities, liability, and mitigation of risk.

Chapter 14, "Conclusions and Further Reading," concludes Part I and suggests some sources to consult for further reading in this area.

Part II: Standards

Part II of this book addresses standards activities and interoperability initiatives.

Chapter 15, "Introduction," introduces Part II and provides a list of the contents of Part II on a chapter-by-chapter basis.

Chapter 16, "Major Standards Activities," discusses some of the most prominent activities taking place within formal standards bodies as well as related efforts being undertaken outside the standards bodies.

Chapter 17, "Standardization Status and Road Map," provides the current and projected near-term standardization status of some of the most significant specifications.

Chapter 18, "Standards: Necessary but Not Sufficient," considers the fact that the existence of a "standard," whether it is the product of a formal standards body or not, is necessary but not sufficient to guarantee that the products of different vendors will interoperate with each other. Some of the reasons for this are given, along with a discussion of the usefulness of profiling activities and interoperability pilots.

Finally, Chapter 19, "Conclusions and Further Reading," provides concluding remarks and some suggestions for further reading.

Part III: Deployment Considerations

Part III of this book addresses deployment considerations. While not intended to be a deployment handbook, the primary purpose of this part of the book is to identify many of the deployment questions that should be asked (and answered) when considering any large-scale enterprise PKI deployment.

Chapter 20, "Introduction," introduces Part III and provides a list of the contents of Part III on a chapter-by-chapter basis.

Chapter 21, "Benefits (and Costs) of a PKI," discusses the benefits realized through the deployment of a PKI. It also discusses cost considerations. This chapter helps to identify sound business reasons for deploying a PKI in the enterprise environment.

Chapter 22, "Deployment Issues and Decisions," discusses a number of issues that should be resolved before initial deployment occurs. Essentially, this chapter provides a basic foundation for product selection.

Chapter 23, "Barriers to Deployment," addresses some of the more common hurdles to deployment, issues that one must consider in terms of long-term strategy.

Chapter 24, "Typical Business Models," explains some of the more common business models one may want to implement. It also provides a brief discussion of some of the global trust initiatives.

Chapter 25, "Conclusions and Further Reading," concludes Part III and offers suggestions for further reading.