The main benefits available from a Public Key Infrastructure (PKI) are as follows (not in any order of importance – they are all important). Some are simply ways of doing tasks which could be accomplished, usually less well, by other means, but in most cases, the tasks could not otherwise be accomplished at all. The technical basis is asymmetric key encryption, involving a public/private key pair, whereby data encrypted using the private key, known only to the owning user, can only be decrypted using the corresponding public key, available to anybody, and data encrypted using the public key can only be decrypted using the corresponding private key. Digital Certificates (DCs) are the means by which public keys are actually published and made available to anybody, by a trusted Certification Authority (CA), and the PKI is the infrastructure which enables and supports this. The crucial fact to bear in mind is that a DC cannot be forged, short of compromising the CA which issued (and digitally signed) it.
1. Smart-Card Logon. This is 2-factor authentication – something you have and something you know. The smart card (the thing you have) contains the private key of the user, which is used to encrypt a message to the authenticating service, which can be decrypted only by using the public key of the user, which is held within the user’s DC, which the authenticating service already holds. But first the user must identify him/herself to the smart card, by means of a password or PIN (the thing you know), before the private key can be read and authentication take place. So a stolen card would be no use unless the thief also knew the password/PIN.
2. Digital Signature. The originator of a collection of data, which may, but need not, be textual, can digitally sign the data, using the originator’s private key. The recipient of the data can decrypt the signature using the DC of the sender. This has three important consequences: the communication did come from the sender and can have come from nobody else, there has been no change made during transit, and finally, the sender cannot subsequently deny having sent it.
3. Software Code Signing. This is a particular, very important use of digital signatures. A piece of code is signed by the originator. The recipient can then be sure that the code is as sent, in particular that it has not subsequently been infected by a virus. So if the recipient trusts the originator, he/she can accept the code, (usually downloaded from the web,) with confidence.
4. Secure E-Mail. E-mail messages can be digitally signed by the originator, and then encrypted using the DC of the recipient. What this means is that only the intended recipient can decrypt the message, and can then be sure that it came from the declared source, has not been altered in transit, and is non-repudiable,
5. Encrypted File System. This is particularly important with laptops, which can easily be stolen. Confidential files can be encrypted. They are then unreadable by anyone other than the owner. The opposite risk, that they would also be unreadable by the owner should the key be lost, can be avoided by the use of Data Recovery Agents or Key Recovery Agents (but these are securely organised within the enterprise, so would not be available to a thief).
6. Web Authentication and Encryption (SSL). In an e-commerce transaction, when it is time to pay, the website sends its digital certificate to the client. This serves two purposes: the client can be certain that the vendor is who they purport to be (so the client is not dealing with a rogue website), and the subsequent transmission from the client containing credit card and other payment details, is encrypted for transmission over the web, so that only the vendor can decrypt it. Note that the authentication and encryption are each one way only, since that’s all that is needed – there is normally no requirement to authenticate the client to the vendor, and communications from the vendor to the client are not confidential
7. IP Security. This is a technique primarily for ensuring secure communications between two endpoints (it has other uses, such as the filtering of permitted traffic types). The two endpoints must mutually authenticate to each other before the session can begin. DCs can be used for this authentication. (The subsequent digital signing and/or encryption is handled by IPSec itself.) If the two communicating endpoints are on a LAN, (and Windows 2003/2000 is the NOS,) then DCs would normally not be used in this context, since standard Kerberos authentication is available, which is at least as good.
8. Virtual Private Networks (VPNs). IPSec is also used for VPNs. (There are other techniques available, but L2TP/IPSec is the best and most secure.) In this context, DCs are essential for the authentication.
9. 802.1x Port-Based Authentication. The most secure form of this, EAP/TLS, requires the use of DCs when authenticating to a RADIUS server. This is mostly used for wireless networks, but could also be used on LANs (though it’s not clear why anyone would bother).
Windows Server 2003 (as also Windows 2000) makes available Certificate Services out-of-the-box – no extra charge. This allows any organisation to run its own PKI and issue certificates for internal use (and perhaps also by trusted partners on an extranet). For interactions with the general public, certificates issued by an external provider will usually be needed, since the public does not generally trust a private PKI. This applies to items 3 and 6 in the above list, but an internal PKI would be effective for all the rest.
A general point is worth stressing. A PKI, as with any security technique, yields maximum benefit only within the context of a Security Policy. It is necessary to formulate and document precisely what the organisation aims to achieve, in the area of security. The various security techniques, including PKI, can then be linked to specific aims. It is unfortunately the case that security is both costly in itself and is in opposition to usability – the more secure an environment is, the more costly and the less usable; the most usable environment is always the least secure (albeit not necessarily the least costly). A balance has to be struck between a particular level of security and an acceptable cost (in terms of both money and usability). On the other hand, the cost of a severe security breach, in direct financial loss, the costs of rectification, and possible subsequent legal liabilities, can be crippling. The security policy, by documenting what the organisation aims to achieve and the methods it uses to achieve this, serves to concentrate minds and provide a quantitative measure against which to judge performance. It also demonstrates due diligence, and serves as a defence against charges of negligence.