Last updated date : 10 May 2024

Public key infrastructure, or PKI, is an established, comprehensive governing framework to ensure secure end-to-end digital communication. Digital communication here refers to the transfer of data between a client and a server over a communication channel. PKI has a set of mechanisms and protocols to verify the identities of users, devices, applications, programs, etc. To accomplish this, PKI utilizes asymmetric method of encryption, using a public-private key pair.

Three key questions arise:

01. What is asymmetric encryption, the encryption method used in the public key infrastructure?

02. How can you verify the authenticity of a digital entity?

03. What if the public key and identity of the digital entity is mimicked and a man-in-the-middle (MitM) attack occurs?

To answer the first question, let's grasp how asymmetric encryption works. This is the method of encryption used by PKI to ensure end-to-end encryption and facilitate secure communication.

Asymmetric encryption

Asymmetric encryption uses a public-private key pair to establish secure communication. The sender and the receiver share their public keys with each other, and the sender encrypts the message based on the receiver's public key. The receiver then decrypts the message using its private key. The key pairs are generated using a suitable algorithm like the RSA algorithm or the Diffie-Hellman algorithm.

PKI - Asymmetric encryption

 

Click here to learn more about asymmetric encryption.

The second and third questions are interlinked and will be answered after we review the components of PKI, and discover how PKI works.

Components of PKI

01. Public and private keys

Public and private keys encrypt communications utilizing the PKI framework. The public key is visible to all, while the private key is used to decrypt the message and remains private to the entity.

Think of the public key as a lock in the cryptographic sense, unique to users/entities, and used for encryption. The lock, although unique to the entity, is publicly visible to anyone looking to access it. The private key is the unique key for that specific lock, used to decrypt messages. Unlike the public key, the private key isn't shared/visible to anyone and is known only to the user/entity that owns it.

When an encrypted message is sent to the entity, the message is encrypted using its public key. If the message is from an authorized source, the entity will then decrypt it using its own private key.

02. Digital certificates

Digital certificates or PKI certificates are a pivotal component in the public key infrastructure. Certificates in the digital world are the equivalent of passports and identity cards in the physical world; they help ascertain if the digital entity is who they say they are. A certificate contains information about the user or device that the certificate belongs to, along with the entity's public key. Certificates involve expiration dates and need to be renewed periodically.

03. Certificate authorities (CAs)

Certificate authorities form the backbone of the PKI. A certificate authority is a trusted organization that validates the identities of digital entities, and issues signed digital certificates to applicants post verification. The certificate binds a public key and identity details to the subject of the certificate. This ensures that no one can claim to be the entity or replicate it's public key, preventing MitM attacks. Some well known certificate authorities include Comodo, DigiCert, and Let's Encrypt.

04. Registration authorities (RAs)

Certificate authorities use RAs to help verify the identity of certificate applicants. RAs serve as intermediaries between the entity applying for a PKI certificate and the CA. RAs receive certificate signing requests (CSRs) for issuance and renewals, verify the identity details of the applicant, request proof of identity from the applicant, vet the documents, and pass the application to the CA. Registration authorities could include government agencies, banks, other CAs, and so on.

05. Certificate signing requests

A CSR is an encrypted message that contains information about the entity applying for the issuance or renewal of a digital certificate. Typically, a CSR is generated on the server that the certificate will be installed on. The CSR contains information about the applicant such as domain name, organization name, organizational unit, location, country, and email address. It will also contain the public key of the server, along with the key size and type.

How does PKI work?

PKI is a framework that imposes mechanisms to ascertain the identity of digital entities by mapping and binding public keys to the certificate holder. This prevents impersonation and MitM attacks. Since communication in the public key infrastructure is encrypted end-to-end and happens using asymmetric encryption, only a recipient with the right private key can decrypt information passed to it. Digital signatures in certificates ensure that data is not tampered with in transit and assures integrity of the communication.

Let's look at this as a step-by-step process:

  • 01

    The first step in the public key infrastructure process is for the applicant to generate a public-private key pair. Once the public-private key pair is generated for the server, a CSR is generated from the server, depending on the type of certificate needed.

  • 02

    The CSR is then passed on to a certificate authority to be vetted, and for the issuance of a signed digital certificate. The certificate authority, either by utilizing a registration authority or independently, verifies if the information pertaining to the applicant as provided in the CSR is correct, and if the applicant is who they claim to be. Do note that the verification process varies depending on the type of certificate requested.

  • 03

    Post verification, the CA creates and signs the certificate for the server and issues it to the applicant, while also storing a copy. The digital signature of the CA certifies that the information mentioned in the certificate and the public key belongs to the entity holding the certificate. The CA signs certificates using its private key, authenticating the signature, and ensuring that it cannot be duplicated.

  • 04

    When a user or client reaches out to the entity to establish communication, it verifies the digital signature in the certificate using the CA's public key and establishes secure, encrypted communication with the server.

The chain of trust in PKI

The chain of trust in the public key infrastructure helps verify the authenticity of a certificate and the digital signature by tracing it back to the issuing or root CA. It is a sequential trust system, established from the root CA to the digital entity to whom the certificate belongs to. Between the server or digital entity and the root CA, there are usually one or more intermediate certificates.

01. Root certificate

The root certificate is a self-signed certificate of the issuing/root CA and is stored securely in a browser's trust store. The root certificate is an established token of trust and follows the X.509 certificate standard. Since the certificate is signed using the private key of the root CA, if the private key is compromised, all certificates signed by the root CA will have to be replaced.

To prevent this possibility, and to ensure the private key of the root is not exposed, the root does not sign the end-server certificates directly. Instead, there exist one or more intermediary certificates that link the server to the root.

02. Intermediate certificates

Intermediate certificates, as mentioned above serve as connecting links between the end server and the root. In the hierarchical model of the chain of trust, the intermediary certificate that is directly under the root in the chain of trust hierarchy, is signed by the root CA.

If there are more than one intermediary CAs between the root and the end server, then the primary intermediate CA—that is the CA immediately under the root in the chain of trust hierarchy—signs the certificate of the second intermediary, and so on until the end server's certificate.

03. End-entity certificates

The end-entity certificates are installed on the end-server and verify the identity of the certificate holder. This could be an SSL/TLS certificate, email certificate, EMV certificate, code-signing certificate, and so on.

In the context of web communication where a web browser is trying to establish connection with a website or domain, the end server certificate is the SSL/TLS certificate of the domain. The SSL/TLS certificate will contain information about the domain, organization, and public key of the webserver the certificate is stored in, along with the signature of an intermediate CA. This signature can be traced back to hierarchically to the root CA, which serves as the trust anchor at the top of the chain.

The hierarchical trust method, although the most popular, isn't the only method of trust used in the PKI. See here to learn more about the different methods of trust used in PKI.

Different models of trust in PKI

  • 01

    Hierarchical trust model

    The hierarchical method is the method of trust we have seen in the previous section to understand how root, intermediary, and end-entity certificates work. It is a top-down, unidirectional approach to trust, where the root certificate serves as the trust anchor and sits at the top of the chain. Between the end-entity certificate and the root certificate, there exist one or more intermediate certificates that eventually trace back to the root CA.

    Hierarchical trust model - PKI
  • 02

    Single CA model

    The single CA model, like the name suggests, involves only one CA. There is no intermediate CA or certificate between the issuing CA and the end-server. This model poses a risk of collapse; should the private key of the root certificate be altered, all certificates issued by the root CA have to be replaced.

    Single CA model - PKI
  • 03

    Bridge model

    The bridge model involves the root CAs of multiple hierarchical PKI trees/domains connected to each other through one or more bridge CAs. The bridge CAs act as a bidirectional hub for peer-to-peer trust verification between different CAs and establishes trust between different PKI domains. This establishes trust between different PKI domains such that digital certificates of one PKI domain are trusted by entities in the other, enabling secure communication.

    Bridge model - PKI
  • 04

    Mesh model

    Unlike the hierarchical or bridge models, the mesh model has a decentralized trust system, where every local CA serves as a trust anchor in its own right. In the mesh model of PKI, different CAs are interconnected with each other, where they verify information in a bidirectional manner with other CAs connected to them. Since there is no root CA or a superior trust anchor based on hierarchy, the mesh model of PKI does not entail a single point of failure.

    Mesh model - PKI
  • 05

    Hybrid model

    The hybrid model of PKI is a blend of the different models we have seen above. It utilizes characteristics of the hierarchical, bridge, and mesh models where suited in its architecture. The hybrid model is largely built to be flexible—depending on different organizational needs—making it agile and scalable.

    Hybrid model - PKI

What are SSL/TLS certificates in PKI?

SSL/TLS certificates are a fundamental component in ensuring secure web-based communication. They are typically used to establish encrypted communication between a web server and a web browser/client. They protect the integrity of the information that is transmitted and prevent data tampering.

SSL/TLS certificates can be broadly classified into three main subtypes:

  • Domain validation (DV) certificates: These certificates are used verify if the certificate holder has control over the domain. They are the most basic form of SSL/TLS certificates and are usually used for smaller blogs/websites.
  • Organization validated (OV) certificates: Along with verifying the ownership of a domain and if the certificate holder has the rights to use the domain, OV certificates also verify organizational information.
  • Extended validation (EV) certificates: These certificates are subjected to a stringent validation process. EV certificates verify organizational details of the certificate holder such as their legal status and physical existence.

What are the different ways in which SSL/TLS certificates are used in PKI?

  • Code signing certificates: Code signing certificates are certificates that are signed by software developers to certify their code or application, and verify their ownership. The purpose of code signing certificates is to ensure that the code hasn't been tampered with, and verifying that it can be safely downloaded and used.
  • Email signing and encryption certificates: Email signing certificates or secure/multipurpose internet mail extensions (S/MIME) certificates are signed to verify the authenticity of the sender and to protect against email spoofing. While email encryption certificates are used to encrypt email messages to maintain privacy of the contents of the email. They encrypt email messages using the recipient's public key such that only the recipient's private key can decrypt it.
  • Client authentication certificates: Client authentication certificates help authenticate a client—digital entity such as a user or device—and verify their identity. Client authentication certificates convey to the server that the client is trying to connect to, that the client is who they say they are and can be trusted. Servers can implement access control restrictions based on the client certificate.
  • Server authentication certificates: Server authentication certificates are SSL/TLS certificates used to verify the identity of servers when clients attempt to connect to it. Clients (for example, web servers) can verify that they are connecting to the right server (website) and not an imposter or malicious site.

Importance of a certificate management tool in PKI

Modern enterprises usually have thousands of digital entities in their environment, all of which each have a certificate associated with them. Therefore, it becomes impossible to keep track of all of them, their expiration, renewals, and so on. If a certificate renewal is missed for example, an entire domain can go down, causing economic and reputational pitfalls to the organization. If certificates are invalid or expired, the whole public key infrastructure falls apart. Therefore, certificate management tools form an essential cog in the functioning and implementation of PKI.

A comprehensive certificate management tool like ManageEngine Key Manager Plus brings all the certificates in an enterprise environment to a central panel. Using Key Manager Plus, enterprises can manage the end-to-end lifecycles of all of their certificates. This includes, tracking certificate expiry dates and setting up alerts, creating CSRs, mapping certificates to their respective devices, tracking where they are stored, among others.

Frequently asked questions

  • Why is PKI important?

    In a world where the threat landscape is exponentially growing and MitM attacks are becoming increasingly common by the day, PKI is an essential in all forms of digital communication. Not only does PKI verify the identity of the client and server involved by binding their public keys to their respective digital certificates, it also ensures that the session is end-to-end encrypted, preventing snooping and possible MitM attacks.

    Digital signatures, by trusted CAs and in line with PKIs chain of trust mechanisms, ensure that data isn't tampered with in transmission, maintaining integrity. This establishes trust and builds confidence for sensitive online activity such as bank transactions, credential based logins, and confidential data transfer. Additionally, compliance standards like PCI DSS and HIPAA require organizations to utilize PKI for digital communication.

  • What is the difference between PKI and SSL?

    PKI is a complete infrastructure and overarching framework for secure digital communication, that involves multiple protocols and components.

    SSL is one such protocol used in PKI to establish secure data transfer between a user and a web-server.

  • What is the difference between symmetric and asymmetric encryption?

    Symmetric encryption uses the same key for encryption and decryption purposes for secure communication, while asymmetric encryption involves a public key and a private key. The public key is used to encrypt while decryption happens with the help of the private key.