Should you trust public key infrastructure systems?

E-business managers are being bombarded with hype over public key infrastructure (PKI) systems. The technology is increasingly being touted as a 'must have' e-business application for any enterprise carrying out electronic transactions or data transfers. But experts have warned that managers should not roll out PKI until they have considered the shortcomings that lie hidden.

Internet security analyst firm Counterpane last week published a report, Ten Risks of PKI: What You're Not Being Told About Public-Key Infrastructure, which states that PKI is being over hyped. Bruce Schneier, co-author of the report and creator of the Blowfish and Twofish encryption algorithms, said: "First it was firewalls, then intrusion detection systems, then VPNs, and now certification authorities (CAs) and PKI. Security is never simple, and that is especially true with PKI."

Written by Schneier, CTO of Counterpane, and Carl Ellison, senior security architect for Intel, the report points out that certificates provide an attractive business model for vendors: "Certificates cost almost nothing to make. If a vendor can convince someone to buy a certificate each year for $5, that times the population of the internet is a big yearly income."

Useful, but not vital
Neil McEvoy, director at analysts Consult Hyperion, said that PKI was not absolutely vital to the uptake of e-business, but added: "PKI does solve a number of problems, and is the most cost-effective way of carrying out electronic transactions."

McEvoy added that PKI is more convenient for users as a security system, and said that its widespread use indicated de facto status as an industry standard for internet transactions.

According to Schneier, the assertion that PKI is desperately needed for ecommerce to flourish "is patently false". He said that ecommerce is already flourishing without PKI: "Web sites are happy to take your order, whether or not you have a certificate," he said.

The report found that the biggest problems associated with PKI deployment came from imprecise definitions of trust. CAs are defined as trusted, but this means that they maintain security only when handling their own private keys; it has no bearing on their procedures for the handling of other companies' keys. No authority has the power to grant accreditations, leaving the risk in the hands of the verifier of the certificate.

Another concern raised in the report is protection of the private signing key. Most enterprises will not own a secure computing system with physical access controls and air wall network security. The key is potentially open to attack by viruses and other malicious programs, and could be misused while vulnerable - with disastrous consequences.

Current US state laws say that if a key has been certified by an approved CA, the owner is responsible for whatever that private key does. Regardless of whether or not it was misused, the user is legally responsible.

Authenticating content
In addition, while the CA may be an authority on making certificates, can it offer authentication of what the certificate contains?

The report states, for example, that an SSL server certificate contains two components of security data: the name of the keyholder and the DNS name of the server. There are authorities on DNS name assignments, but none of the SSL CAs is such an authority. That means that the DNS name in the certificate is not an authoritative statement. There are authorities on corporate names, but none for SSLs - CAs can act as such an authority. Single Sign-On (SSO) is touted by vendors as the killer app of PKI, but according to Counterpane the security value of authentication is all but completely defeated by SSO. Schneier said: "Authentication is supposed to prove that the user is present at the controlling computer at the time of the test. Under SSO, the user's account becomes vulnerable if the sign on location is left unattended.

"Security is a chain, and only as strong as the weakest link. The security of any CA-based system depends on many links, and they're not all cryptographic. The human element is involved," he added.

The Counterpane report concludes that security is difficult both to understand and to implement, and system administrators and IT managers do not have the time or resources to learn more about the intricacies of security technology. Schneier said: "PKI vendors offer a minimal-impact solution: 'Buy this and it will make you secure.' Reality falls far short of this promise - that is the caveat emptor."

However, John Elliott, senior consultant at Consult Hyperion, said: "Although some users may not understand what strong encryption offers, those who do know will realise its potential for e-business. PKI definitely appeals to users, particularly those managing an ecommerce strategy."