Public Key Infrastructure

A Public Key Infrastructure (PKI) is used to manage and distribute keys and digital certificates in publicly accessible networks to ensure secure digital communications. The exchange of data, information and messages via the Internet takes place in a PKI through a key pair consisting of a public key and a private key. The keys are linked by a mathematical function so that data which is encrypted with the public key can only be decrypted with the private key (one-way.) If a sender and a recipient want to exchange sensitive data, various parts of the PKI handle the verification checks of the transmitted data (integrity) and authentication of the communication participants using the key pair (authentication).

The public-key infrastructure issues certificates, passes them on to the communication participants and checks the certificates for authenticity. With this multi-stage check, sender and recipient are authenticated and the data to be transmitted is subjected to an integrity test. Public Key Infrastructures are a combination of symmetric and asymmetric encryption methods that work with two different keys to solve the key exchange problem in cryptography, using an information technology infrastructure and a certification authority that digitally signs data and keys in an automated process. The standard protocol on the Internet is called PKIX (Public Key Infrastructure Exchange). Other similar approaches exist, such as Let’s encrypt or OpenPGP.

General information

The secure transmission of messages between senders and receivers was an important issue with the development of the Internet, which also attracted the attention of the tech-savvy public. The importance of data protection and privacy has grown rapidly with the technological development, especially in e-commerce, B2B commerce, and later also in online banking. The focus was not only on the encryption of data, but also on the threat of communication participants who were able to interfere with the transmission of data using computer-assisted methods, for example, to crack passwords, copy customer data or paralyze whole systems.

While transmitted data has been encrypted with symmetrical methods since the 1950s, the need for a review of the communication participants has become evident. A one-to-one communication between government agencies can be relatively easily protected if the key is kept secret, but one-to-many communication on the World Wide Web requires key distribution and management, because of the quantity of participants. To test the actual identities of transmitters and receivers, new asymmetric as well as hybrid methods were invented and tested. One of the best-known methods still used today is the RSA cryptosystem, which was released in 1977.^[1]

The concepts of public-key infrastructure and public key encryption encompass various approaches which have developed partly in parallel over the past fifty years and built on one another. Some examples of PKIs or similar infrastructures and security protocols:

• SSL/TLS
• HTTPS
• IPsec
• PGP/OpenPGP
• S/MIME

How a public key infrastructure works

Public key infrastructures are characterized in particular by a trusted third party which is responsible for the confidentiality of transmitted messages. This party is called certification authority (CA) in a PKI. It is the hub for managing certificates and can itself be certified, for example, by Internet users (Web of Trust), ISPs, or an Internet Engineering Task Force (IETF).

The most important components of a public key infrastructure:

• Certification authority (CA): The CA is held by the key pair, including the secret key. Both keys have a mathematical relationship to one another, for example via a cryptographic hash function. The CA records each digital certificate using the secret key before verifying or issuing it to persons or companies. The persons or companies do not know the secret key, only the public key is known to them.
• Registration authority (RA): The RA is responsible for the registration of persons and companies. It allows the use of digital certificates for specific applications and also checks the certificates before they are issued by the CA.
• Directory and time stamp service: All certificates and their public keys are stored here. Anyone can search this service for certificates to check if the certificates of certain people or companies are genuine, similar to a whitelist. In real-time, the certificates can also be checked for their validity in time in order to exclude expired certificates.
• Certificate Revocation List (CRL): The CRL generates lists of invalid and rejected certificates whose keys are no longer secure. If the identity of the sender or recipient is not clear, certificates can be rejected. In such cases, the certificate is initially blocked and checked before it is permanently revoked. The CRL is a blacklist for certificates and associated digital signatures.
• X.509 certificates: The digital certificates in the PKI system are called X.509 certificates and are standardized. The authentication of a key is always bound to a sender or recipient, such as an email address or a domain name (DNS). Confidentiality is supposed to be guaranteed through the hierarchical structure of the certification. X.509 certificates contain various data concerning the cryptological hash function, which concerns the encryption of the public key and the validity of the digital signatures. In the latest version, X.509v3, extensions can also be implemented for specific applications.

If a message is to be encrypted and sent, the sender uses the recipient’s public key. The sender signs this message and uses his private key for the digital signature. The receiver decrypts the message again with his private key. The supplied signature is also decrypted. The public key of the sender can be used for this purpose. Thanks to the separate transmission of the digital signature, the recipient can authenticate the sender and, thanks to the private key of the receiver, he can only read the message in the plaintext. The provision of the certificates, which are digitally signed, creates a secure communication channel, which can only be used by trusted transmitters and receivers. However, the certification authority itself must not be compromised, which is an essential problem of the hierarchical model.

Relevance for programming

PKI systems are, in principle, one of the safest methods of digital data transmission. However, the current state of these types of encryption methods and procedures for verifying integrity and authenticity is unclear. Depending on the application, different systems are in use and the variety of providers makes public key encryption sometimes unworkable for the end user. This is because the sender and the recipient have to define a procedure which can be problematic in large, distributed networks such as the World Wide Web.

The result is that there are currently different types of trust models in digital communication, none of which have yet been implemented. The following approaches should be mentioned:

• Strict hierarchy: A higher-level instance is responsible for the root certificates. X.509v3 works with this model.
• Loose hierarchy: Multiple instances are responsible for distributing certificates. The chain of certificates can be arranged differently, but it must not be too complex.
• Hub and spoke: If individual certification bodies want to authenticate each other, a bridge authority is used, which regulates the exchange between certificate users and issues with equal authorization.
• Web of Trust: Trust in the form of certificates or digital signatures is the task of end users in the Web of Trust. OpenPGP is based on this principle.

Only some applications of hybrid encryption methods such as HTTPS, SSL or TLS are often used in practice. For example, HTTPS is the standard in e-commerce, banking, and B2B commerce. In private email communication, public key procedures are less frequent, since recipients of emails can read them only if they are participating in the same process as the sender. In general, the PKIs market is diversified. It remains to be seen what kind of PKI system will protect the Internet of the future from identity theft, man-in-the-middle attacks, and eavesdropping.

References

Web Links

• Definition PKI (public key infrastructure)