PKI Primer
Understanding PKI is a compelling read that proves itself as an (almost) complete introduction to PKI.
by Roberta Bragg
3/12/2001 --
 |
|
|
| Title |
|
|
|
Understanding Public-Key Infrastructure: Concepts, Standards and Deployment Considerations |
|
| Authors |
|
|
|
Carlisle Adams, Steve Lloyd |
|
| Publisher |
|
|
|
New Riders |
|
| Publication Date |
|
|
|
November 1999 |
|
| ISBN |
|
|
|
1-57870-166-x |
|
| Price |
|
|
|
$50.00 (U.S.) |
|
| Pros |
|
|
|
Brings up thought-provoking issues. |
|
| Cons |
|
|
|
Some sections don't go into enough detail. |
|
| Verdict |
|
|
|
This book raises questions about the difficulties that are inherent in PKI. |
|
|
|
|
|
|
|
|
|
|
|
|
|
If you're seeking a general introduction to the nomenclature, operation and pitfalls of Public-Key Infrastructure (PKI) look no further. However, if you are expecting unequivocal support for PKI as the next best thing since sliced bread, you won’t find that here.
In the first section of "Understanding Public-Key Infrastructure" authors Carlisle Adams and Steve Lloyd cover the concepts. This is the part that you will find most interesting and thought-provoking. You'll find the definition of terms and concepts of PKI, as well as exposure of its shortcomings. Super definitions of security terms like non-repudiation ("the service that assures, to the extent technically possible, that entities remain honest about their actions"), and authorization ("what the identity is allowed to see and do") abound the ability of PKI to provide these things is challenged.
The authors don't attack PKI nor do they dismiss it as a security infrastructure; rather, they're attempting to make sure that any consideration of PKI also includes careful consideration of its vulnerabilities. No system is perfect, they point out, and we need to know that if we're going to use it.
A good example of their treatment can be found in their discussion of non-repudiation. Non-repudiation is often referred to as the ability to prevent a user from falsely denying have originated a message or document, or falsely denying having received it. Can this be done? Here's where all that time you spent watching "Matlock" and "Murder She Wrote" comes in.
Imagine that Alice sends Bob a message. If Bob sends Alice a digitally signed receipt, then it seems clear that he received the message. However, what if Bob gave his private key (the key used to digitally sign the receipt) away, or it was stolen? Can he then claim that he didn't send the receipt? What if it could be shown that when his key pair was calculated, it was done so in a manner that it cannot be proven, that someone else could not have gotten a copy of the private key?
Non-repudiation also requires other PKI structures to be in place. A secure time service and a secure data archive are important factors. Every good detective knows that timing is important to an investigation, and factors involving the storage of the receipt and other data are critical. What if Bob claims that he requested the revocation of his certificate and private key prior to the time the message was sent? Can it be proved that the time stamp on the receipt is correct? Is the archive where the receipt is stored tamper proof? What if Bob was on vacation when the message was sent? When he returns he realizes his private key was compromised and requests its revocation, is he still culpable for the uses of the key while he was gone? This text focuses on many of these issues.
The second part of "Understanding Public-Key Infrastructure" introduces the standards as they were at the time of writing. Note the references and give it the biblical treatment (skim through the "begats" to get to the conclusion -- as the authors say "Standards: Necessary but Not Sufficient").
The last section of the book purports to be a treatment of deployment considerations. It seems more like a section that should have been longer and more comprehensive but the authors got tired. I know I was by the time I got there.
While not every concept is challenged, you'll find plenty of intriguing ideas in this book. Overall, this is a well laid out, thought-provoking introduction to PKI by authors with the credentials to back up their statements. I think this book is a must (and bargain at the price) for anyone who is or is considering the implementation of PKI, or just wants to know what all the fuss is about.
Have you read this book? Let us know what you think! Rate it below or enter our Forums.
Roberta Bragg, MCSE, MCT, CISSP, runs her company, Have Computer Will Travel Inc., out of a notebook carrying case. She's an independent consultant specializing in security, operating systems and databases. She is a contributing editor for Microsoft Certified Professional magazine. You can reach her at .
More articles by Roberta Bragg:
|
