Public Key Infrastructure with Utimaco HSMs & partner

Public key infrastructure – the root of trust for the IoT?

Why use a public key infrastructure (PKIs)?

Public key infrastructure (PKI) has become the cornerstone in modern IT infrastructures when it comes to ensuring confidentiality, integrity, authenticity and non-repudiation of sensitive information. This information can be as diverse as eID services like passport production to digital rights management in the entertainment industry. It can reach across industries like automotive, smart metering and payment infrastructures. One of the most common use case for PKIs is that of authenticating employees and devices against a company’s IT infrastructure.

Based on the well-studied mathematical schemes of asymmetric cryptography and hierarchical structures, PKI is a powerful tool for securely communicating amongst large groups of users or computing nodes. The principle behind it is simple: a message – or certificate – is encrypted or signed with a private key and can be decrypted or verified with a corresponding public key.

The challenge in this scheme is to reliably distribute the public key, so a reader or recipient of a message can be sure about its origin. This is commonly achieved by establishing a trustworthy third party to assure authenticity and integrity of the public keys – a Public Key Infrastructure, or PKI.

What makes a good PKI: Critical success factors

Obviously, a PKI stands and falls with the trust one can place in the measures deployed to safeguard the cryptographic keys. This is where deploying Hardware Security Modules in a PKI becomes a critical success factor.

Organizations deploying their own internal PKIs have the flexibility to define the security models that fit their specific needs. They face a number of challenges in defining, maintaining and securing their PKI:

Theft of CA signing private keys or root keys. This allows fake certificates to be issued. Even the suspicion that this may have taken place leads to the re-issuance of some or all of the previously issued certificates.
Theft or misuse of keys. Any keys associated with the online certificate validation processes can be used to subvert the revocation processes and thus allow for malicious use of revoked certificates.
Weak controls. Access to the signing keys can lead to the misuse of the CA, if the keys are not compromised.
Scalability & performance: As more and more applications are brought deployed, the HSM performance available for signing activities associated with issuance and validation checking may need to be extended.

What PKI trends are there?

Internal PKI. This is the more traditional approach of setting up and managing a public key infrastructure where organizations setup, deploy and manage a PKI within the boundaries of their IT infrastructure. Setting up and maintaining an internal PKI becomes the favorable choice if the aspects of infrastructural and expertise maintenance costs are affordable for an organization.

PKI as a Service. As virtualization and cloud computing have taken up speed in the past few years; outsourcing of previously in-house kept services has become a cost effective approach for a variety of organizations. Having the option of outsourcing business critical services to economic, trustworthy and highly specialized third party providers has made the idea of outsourcing a PKI a luring alternative for many organizations. Especially in the context of cost and expertise that accompanies setting up and maintaining such an infrastructure within organizational boundaries.