Winter 200940

ORIGINALMESSAGE

ENCRYPTED MESSAGE

DECRYPTED MESSAGE

PUBLIC KEYPRIVATE KEY

Joe encrypts a message using his private key and sends it to Sue. She accesses his freely-available public key and decrypts the message. The message will only be legible if Joe indeed encrypted the original mes-sage. Thus Sue can be certain that Joe sent the message and Joe can-not deny he sent it (a concept called non-repudiation).

uuuu

In discussions of identity, Public Key Infrastructure (PKI) is often men-tioned in the same breath as smart cards and biometrics. While the lat-ter two are widely known and becoming familiar to their many users, PKI can still be confusing.

PKI stands behind the smart card and provides the platform for it to be successful. So with more digital identity documents being issued and PKI becoming more prevalent it’s important to get a handle on the technology. PKI can be expensive and could be hard to deploy when it was a new technique, but now it’s become mainstream and is com-monly deployed in identity projects.

So what is a PKI and how does it work?

Let’s break down the term into two pieces – Public Key and infrastruc-ture. The term “public key” represents one technology that can be used to encrypt and decrypt information. The term “infrastructure” repre-sents the notion that there is a wide-spread network of connected items. Thus Public Key Infrastructure, or PKI, is a wide network of con-nected technologies that are specifically Public Key related.

So let’s understand what Public Key technology is, but first a little back-ground and scene setting.

In today’s world, individuals, corporations and governments are using the Internet as the primary method for communicating information and conducting business. As we all know, it can be difficult to deter-mine, with any amount of certainty, who you are dealing with at the other end of the connection.

Specifically, there are three basic concerns.Is the information being exchanged private and secure? Can I rest 1. assured that nobody has tampered with the data?Is the person with whom I am dealing with really the person I think 2. it is?Once I conduct a transaction, can anyone deny participation after 3. the fact?

In dealing with people face-to-face, there is an element of trust backed up with receipts and signatures that give us a degree of comfort in conducting business. There is also the assurance we receive simply by looking at a person and recognizing them. If we require additional lev-els of assurance, we employ the services of notaries, or bring witnesses to bear. In dealing with people electronically, those assurances are lost, so how do we establish this type of trust in an online environment?

First, we must establish the true identity of an individual to some rea-sonable level of certainty. Driver licenses, birth certificates, witnesses and passports all may be used, depending on the level to which we will need to trust future interactions and transactions, e.g., the department of motor vehicles might require a lower assurance for registering an automobile than a central bank would for transferring a huge sum of money to another central bank.

Second, having completed our “identity proofing” we give the individ-ual something very special, a secret and personal “Private Key” estab-lished with Public Key technology. That’s right, Public Key technology generates a Private and Public key set for an individual – and the two keys fit the same lock. Let’s look at this further!

Public Key Infrastructure Primer: Why is PKI important?

Bryan IchikawaUnisys Corp.

Winter 200940

Sue encrypts a message using Joe’s freely-available public key and sends it to Joe. Using his private key, Joe is able to encrypt the message but only he can do so. Both parties can be confident that no other person else can decrypt the message as only Joe is in possession of his private key.

uuuu

Public Key technology is based on Public Key cryptography, a technolo-gy that itself is mathematically complex. Essentially, it is a cryptograph-ic technique that enables one person to encrypt some data with one key and this data can only be decrypted with another, related, key. You can also encrypt data with the related key and it can only be decrypted with the original one key. These key “pairs” are related and no other key or key pair can encrypt or decrypt data outside of this pair. This is the notion that two keys can fit the same lock, as mentioned above.

This basic concept is transformed into a powerful utility once a basic premise is applied. And this premise is – make one key of the key pair a secret and make the other key publicly available. The “secret key” is only known to the holder of that key, and the “public key” is known to all, and is known by all as belonging to holder of the corresponding secret key.

This truly amazing technology can now be applied to accomplish all of the three concerns mentioned above. How?

Consider the diagram below. Any data encrypted using Key A, the “pri-vate key” can only be decrypted with Key B, the “public key.” Since Key B is public, anything encrypted by Key A can be decrypted using Key B. The point in encrypting here is not to make anything a secret (if you think that the only reason to encrypt something is to make it a secret – not so!).

Since Key B is a public key, anyone in the world has access to it and any-one in the world can decrypt the data encrypted by Key A. So what? So that means by virtue of being able to decrypt the message, you know 2 things – it was encrypted by Key A (any message encrypted by any other key would result in junk data), and the message was not tam-pered with (had anyone messed around with the encrypted data, the result would also have been junk data).

This is the same thing the medieval king did when he put his signet ring into a gob of wax on a proclamation to be posted in the castle. It

was guaranteed authentic and unchanged. (Well, a clever fellow might be able to scrape the parchment and change the message, so PKI sig-natures are better!)

Conversely, if anyone were to encrypt data using the Public Key B – which, remember, everyone has – then only the corresponding Key A would be able to decrypt it. In this case, we are keeping secrets and only the holder of Key A could see the message. Now the king has put the parchment into a secure envelope and put a seal on the flap!

So the notion of Public Key technology – the ability to have related key pairs that only work with one another where one of which is kept secret and the other made public, makes for a powerful utility that can protect data, provide knowledge about the other party, and secure transactions.

The other part of PKI, the “I” or infrastructure component, is what makes Public Key technology work in a global arena, enabling individuals and organizations to trust one another.

Key to this infrastructure are the concept of certificates and authori-ties.

The Public Key pairs and identities mentioned above are of little value without something to guarantee their authenticity. One must be able to associate a person, or entity, with their keys. This is accomplished via something called certificates. A certificate is basically a container that holds the Public Key (of the public/private key pair) and data associ-ated with that key such as the individual’s name, the key’s expiration date and other pertinent data elements. The certificate becomes the essential component that relates a key to its owner.

Certificates are issued by authorities. Authorities are high-level entities that establish the notion of a trust center. All certificates issued by an authority can be trusted if one trusts the authority. All certificates is-sued by an authority are all a part of the family of that authority.

Winter 2009 41

ORIGINALMESSAGE

ENCRYPTED MESSAGE

DECRYPTED MESSAGE

PUBLIC KEY PRIVATE KEY