4 fatal problems with PKI

The Web's security runs on complicated PKI deployments, few of which are implemented correctly, and all of which will soon be at the mercy of Moore's Law

I'm a huge PKI (public key infrastructure) fan. I love the beauty of the mathematics and cryptography. I love its myriad uses and scenarios.

I've been installing PKIs for private and public companies for over two decades. That's always been a big part of my job, and lately, it seems like that’s all I’ve been doing. Demand has never been higher. More and more companies are either installing their first PKI or upgrading their current PKI to be more secure and resilient.

That being said -- and it may surprise you to hear me say this -- PKI is probably not going to solve your biggest security problems. Moreover, there's a good chance that one day PKI will stop working altogether.

Here are four reasons why PKI isn't the awesome security solution most people think it is:

1. PKI has too many moving parts

Complexity is the enemy of good computer security. The more moving parts you have, the easier it is to find weaknesses, and the harder it is to implement And few computer security defenses have more moving parts than a properly set-up PKI.

You need to begin with an offline root CA (certificate authority). It must be truly offline, or it's subject to compromise. Then you need two or more CAs that do the work of issuing certificates. Your CAs need to be protected by an HSM (hardware security module), which is a piece of hardware that guards the most important private cryptography keys of the PKI. Normally, you need a few of these, and the total cost can easily reach $100,000.

You also need two or more websites to store the CA's own certificate and CRLs (certificate revocation lists). You usually need two of these internally, on the network, and perhaps two more externally. These days, most PKI designers recommend two or more OCSP (online certificate status protocol) servers, which are supposed to create less CRL traffic between clients and CA servers.

Most PKIs also include two or more SCEP (simple computer enrollment protocol) servers, so that network and mobile devices can acquire certificates. There are dozens of other parts, such as object identifiers, signatures, etc. Then designers and admins have to figure out how big each key can be and for how long they can be used on a per-application basis.

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!