The promise of public key technology seemed appealing a decade ago, with predictions abounding on how it would enable super-secure transactions and encrypted storage everywhere. Those predictions never really panned out, and the reason most cited was cost.
In practice, the implementation of public key systems typically involved an amalgamation of policies, procedures, hardware, software and IT personnel. Because of this, implementing a public key infrastructure (PKI) project generally meant heavy management overhead, which translated into heavy cost.
“A number of companies had a real problem with PKI,” says Richard Mackey (left), vice president at SystemExperts, a provider of professional IT compliance and security consulting services. “When they saw the implications of the infrastructure, and the cost and effort of it, they backed away.”
PKI's prospects never really died, however. “Despite all the prognostications, it still is alive and well,” says Adam Geller, VP of enterprise and government authentication at VeriSign. “We have customers, we garner new customers, and we have customers that are adding new services.”
Still, any overweening excitement about PKI's potential has been considerably toned down. “Is it living up to false expectations it had originally?” Geller asks. “The answer is clearly ‘No.' It will not solve all problems, cure all wounds, and make you a pot of coffee.”
The marketers are being much more circumspect, with very few omnibus cures being touted. “PKI is not represented that way anymore. It is not some huge overarching architecture that must be overlaid everyway to make it the foundation of an entire organization,” says Geller.
PKI's potential stems from its underlying technology – public key encryption – developed by Whitfield Diffie, Martin Hellman and Ralph Merkle, who created an algorithm called the Diffie-Hellman-Merkle key exchange. The concept, simply, is that a person can create a key that is separable into two related parts. One part, which remains private, is retained by the key originator, and the other part is sent out to anyone who wants to encrypt messages destined for the key originator. The first part is called, aptly, the “private key,” and the second a “public key.” Anything encrypted by the public key can only be deciphered by a combination of the public and private key (the latter is always held in secret).
“What we did was to break the key into two parts, one public and one private,” says Martin Hellman (left), professor emeritus at Stanford, and one of the namesakes of the Diffie-Hellman-Merkle key exchange scheme. “All the security resides in the secrecy of the private key.”
As sometimes happens with conceptual breakthroughs, the idea took a while to gain attention. “I was surprised that it took as long as it did for our idea to get accepted,” Hellman says. “It took almost 20 years for widespread acceptance to occur.”
The concept also paved the way for secure authentication of data – that is, the ability to create “digital signatures,” so that a recipient of a message can verify its origin and integrity.
This is where PKI comes in. True message authentication requires some way to be sure the public key is associated with the holder of the private key. That is done through the use of identity certificates, which are electronic “documents” linking a public key with a certifiable identity.
It's easy to see how PKI costs can mount if the overhead burden is taken into account. As it stands, PKI involves the creation, management and destruction of digital certificates – a total lifecycle concern with attendant cost structures.
“PKI is a perfectly good technical mechanism, but it ends up having uninviting management and legal implications,” says SystemsExperts' Mackey.
He means that, for example, all parties to contractual arrangements must agree to what is meant by “digital signing.” Does it mean that the digital signature is good for all contract agreements? For any transaction? That could open up an exposure that some companies wish to avoid, especially should a signature be compromised somehow.
In other words, one reason PKI was not universally adopted is that companies steered clear from putting a legal structure in place that would enable a signature to be construed as being the same as a signature on a piece of paper. To do that, companies would have to maintain very strict controls over the infrastructure once it's in place to be sure no one undermined the security of the infrastructure.
“The problem is that you have to have a comprehensive legal framework in place to give meaning to the technical implementation,” Mackey says, referring to PKI's legal implications. “That means more work, time and effort, over and above the implementation cost, key management problems, lifecycle issues – all the issues that go along with PKI that must be addressed on an ongoing basis.”
Of course, that doesn't mean that PKI cannot be cost-effective. It can meet certain specific needs in particular use cases, such as for a “root of trust” sort of framework to support a particular application. Indeed, for some applications, PKI is the preferred solution, though the choice may be narrowly application-driven.
“If there is a scenario into which PKI fits well and it's cost-effective, that market could grow,” says Guy Snyder (right), secure communications technology programs manager at ICSA Labs, an independent division of Verizon Business. “If a competing technology exists that is more cost-effective, the market will run there, but that could mean a series of incompatible systems overall.”
By only considering cost-driven strategies, it's possible to deploy incompatible systems, which could bring additional problems, he says.“With PKI, targeting is where you have to start. You have to look at the desired application carefully,” says Snyder.
In the United States, the government drives the market with its PKI deployment for the personal ID systems that it is trying to foster, as well as with the PKI-based Federal Bridge Certification Authority, which enables suppliers to connect to the government to communicate.
“Drivers include financial institutions and bio-pharma organizations, which are major users as well,” says Francois Lasnier (left), vice president and general manager of security for Gemalto North America. “PKI is useful because of what companies can do in terms of filing drug applications through the federal bridge.”
For any PKI scheme to be widely adopted and cost-effective, more must be done, experts agree. That could be said for any system based on encryption.
“I have said many times during the past 30 years that for encryption to be widely used, it's got to be integrated, automatic and transparent,” says Hellman. “Integrated means you do not have to do anything extra to get it – for example, you do not have to go out and download SSL, it's part of your browser. Automatic means you do not have to say, ‘I want to encrypt my credit card number.' It just works. And transparent means you do not have to know it is happening.”
But there is hope for the future. For one thing, efforts are underway to make PKI easier to adopt, deploy and use.
“There has always been a bad connotation on PKI technology because people think that it is complex to deploy and complex to administer,” says Gemalto's Lasnier. “But there have been many efforts to hide the complexity and initiatives to make it easier to deploy and more acceptable to the market.”
PKI still is technically appealing, and where the users exist in a small community – inside a company or for a limited number of users in a service offering – it's easier to guarantee that there are adequate controls and management mechanisms in place to use the technology efficiently and effectively. Thus, it can be cost-effective.
Given the manner in which PKI can meet the specific demands particular to any market that lends itself to the technology, PKI is likely to be around for a long time to come, say experts.