I. Overview of public key infrastructure
The success of enterprise business depends largely on whether the enterprise has a safe and reliable network system. At present, IT managers in most enterprises have adopted some form of encryption and authentication scheme for their enterprise network systems. Network administrators of many enterprises are using the Web to provide secure Internet commerce, virtual private network (VPN) and remote authentication services for enterprises, so that their remote employees can access the enterprise network. However, at present, most security technologies (such as user name and password, one-time password and two-way authentication) are not suitable for the security needs of enterprises, and these traditional technologies usually require different maintenance and management measures.
At present, more and more enterprises need to use the network to connect their branches and remote employees all over the world, so they need to take the most effective security measures to protect enterprise resources. However, the strengthening of security precautions has also led to more additional management work. Fortunately, public key infrastructure (PKI) can help enterprises solve this problem, and it can help enterprises to establish a safe and reliable network management system. PKI is a centralized network security scheme that is easy to manage. It can support various forms of digital authentication: data encryption, digital signature, non-repudiation, identity authentication, key management and cross-authentication. PKI can handle all data encryption and digital signature through an authentication-based framework. The development of PKI standards and protocols has a history of 15 years, and the current PKI can completely provide effective security for enterprise networks.
In terms of operating mechanism, 15 years has unified nearly 50 PKI standards, and the unremitting efforts of manufacturers have better solved the interoperability of their back-end databases. PKI consists of many components, which fulfill two main functions: encrypting data and creating digital authentication. Server (back-end) products are the core of this system. These databases manage digital authentication, public key and private key (for data encryption and decryption respectively). CA(Certificate Authority) database is responsible for publishing, revoking and modifying X.509 digital authentication information, which contains the user's public key, the validity period of the certificate and authentication functions (such as data encryption or digital signature verification). In order to prevent tampering with data signatures, CA needs to authenticate each digital signature before sending it to the requesting client. Once a digital certificate is created, it will be automatically stored in the X.500 directory, which is a tree structure. The LDAP (Lightweight Directory Access Protocol) protocol will respond to requests to submit stored public key authentication. CA generates two independent pairs of public and private keys for each user or server. One pair is used to encrypt and decrypt information, and the other pair is used by client applications to create digital signatures in document or information transmission.
Most PKI supports certificate distribution, which is a process of storing issued or extended certificates. This process uses public query mechanism, and the X.500 directory can automatically complete this storage process. A big obstacle that affects enterprises' general acceptance of PKI is cross-certification between different CAs. Suppose there are two companies, each using CA from different suppliers, and now they want to host each other for a while. If their backup database supports cross-authentication, then the two companies can obviously host their CAs with each other, so all users they host can be hosted by the CAs of the two companies.
Second, the basic composition of PKI system
PKI is a standard key management platform, which can transparently provide key and certificate management necessary for all network applications to adopt cryptographic services such as encryption and digital signature. PKI must have basic components such as CA, certificate base, key backup and recovery system, certificate invalidation processing system and client certificate processing system, and the construction of PKI will also focus on these five systems.
* Certification Authority
CA is the issuing authority of certificate and the core of PKI. As we all know, the core content of building a cryptographic service system is how to realize key management. A public key system involves a pair of keys, namely a private key and a public key. The private key is only held by the holder in secret and does not need to be transmitted online, while the public key is public and needs to be transmitted online. Therefore, the key management of public key system is mainly a public key management problem. At present, a better solution is to introduce certificate mechanism.
Certificate is the key management medium of public key system. It is an authoritative electronic document, similar to the ID card in the network computing environment, which is used to prove the identity of the subject (such as people, servers, etc.). ) and the legitimacy of its public key. In the network environment using public key system, it is necessary to prove the true legitimacy of public key to the users of public key. Therefore, in the public key system environment, there must be a credible institution to notarize the public key of any subject and prove the identity of the subject and its matching relationship with the public key. CA is such an institution, and its responsibilities can be summarized as follows:
1. Verify and identify the identity of the certificate applicant;
2. Ensure the quality of asymmetric keys used by CA to sign certificates;
3. Ensure the security of the whole visa process and the security of the signature private key;
4. Certificate information management (including public key certificate serial number, CA identification, etc.). );
5. Determine and check the validity period of the certificate;
6. Ensure the uniqueness of the certificate subject identification and prevent duplicate names;
7. Publish and maintain invalid certificate forms;
8. Record the whole certificate issuing process;
9. Send a notice to the applicant.
One of the most important is the management of CA's own pair of keys, which must be highly confidential to prevent others from forging certificates. The public key of CA is made public on the Internet, and the integrity of the whole network system must be guaranteed.
* certificate storage
Certificate repository is a centralized storage place for certificates, similar to "white pages" on the Internet, and it is a public information base on the Internet, from which users can obtain certificates and public keys of other users.
The best way to build a certificate repository is to adopt a directory system that supports LDAP protocol, and users or related applications can access the certificate repository through LDAP. The system must ensure the integrity of the certificate repository and prevent forgery and tampering with certificates.
* Critical backup and recovery systems
If the user loses the key used to decrypt the data, the ciphertext data will not be decrypted, resulting in data loss. In order to avoid this situation, PKI should provide a mechanism for backing up and restoring decryption keys. The backup and recovery of keys should be done by trusted institutions, such as CA. It is worth emphasizing that key backup and recovery can only be aimed at decryption keys, not signature private keys.
* Certificate invalidation processing system
Certificate invalidation processing system is an important part of PKI. Like all kinds of certificates in daily life, certificates may need to expire within the validity period signed by CA. For example, employee A of Company A resigns and leaves the company, which needs to terminate the life cycle of certificate A. In order to achieve this, PKI must provide a series of mechanisms to revoke certificates. There are three strategies for revoking certificates:
1. Invalidates the certificate of one or more subjects;
2. Invalidate all certificates issued by a pair of keys;
3. Invalidate all certificates issued by CA.
Revocation of certificates is usually accomplished by listing them in the CRL. Generally, in the system, CA is responsible for creating and maintaining a CRL updated in Zhang Jishi, and users are responsible for checking whether the certificate is in the CRL when verifying the certificate. CRL is usually stored in the directory system. The revocation of the certificate must be carried out in a safe and verifiable way, and the system must also ensure the integrity of the CRL.
* PKI application interface system
The value of PKI lies in enabling users to conveniently use security services such as encryption and digital signature. Therefore, a complete PKI must provide a good application program interface system, so that various applications can interact with PKI in a safe, consistent and credible way, ensure the credibility of the established network environment, and reduce the management and maintenance costs. Finally, PKI application interface system should be cross-platform.
Thirdly, the functions of PKI are summarized. PKI should provide the following security support for the application:
* certificate and CA, PKI should realize basic certificate management functions such as CA, certificate base and CRL.
* key backup and recovery certificate.
* The automatic replacement certificate and key of key pair have a certain life. When the user's private key is leaked, the key pair must be changed; In addition, with the increase of computer speed, the key length must be correspondingly longer. Therefore, PKI should provide completely automatic (without user intervention) key replacement and new distribution.
* Cross-validation
Each CA can only cover a certain range, that is, the domain of the CA. For example, different enterprises often have their own ca, and the certificates issued by them are only valid within the enterprise. When users belonging to different CAs need to exchange information, it is necessary to introduce cross-certificate and cross-authentication, which is also the work that PKI must complete.
* Separation of encryption key and signature key
As mentioned above, the key management requirements of encryption key and signature key are contradictory, so PKI should support the separate use of encryption key and signature key.
* Support the non-repudiation of digital signatures
Any type of e-commerce is inseparable from digital signature, so PKI must support the non-repudiation of digital signature, and the non-repudiation of digital signature depends on the uniqueness and confidentiality of the signature private key. In order to ensure this, PKI must ensure that the signature key and encryption key are used separately.
:: Management of key history
After each update of the encryption key, the corresponding decryption key should be archived so as to recover the data encrypted with the old key in the future. After updating the signature key every time, the old signature private key should be properly destroyed to prevent its uniqueness from being destroyed; The corresponding old verification public key should be archived for verification of the old signature in the future. These tasks should be completed automatically by PKI.
Fourthly, the development prospect of PKI system.
As mentioned above, PKI is very important for the success of enterprise business, which enables enterprises to have a public security infrastructure-an infrastructure on which all security applications depend. Many secure e-mails, Internet business applications, VPN and single signature functions in enterprises will rely on X.509 authentication. PKI realizes the unified and centralized management of data encryption, digital signature, anti-denial, digital integrity, keys and authentication required for authentication.
Every enterprise can benefit from the structured management scheme of PKI. Unfortunately, so far, only a few industries (including banking, finance and health insurance) have adopted this system. Some enterprises that dare to try new things, such as Automotive Network Exchange (made up of several largest American automakers), have begun to benefit from this security technology.
It is predicted that when the business of enterprises becomes more and more dependent on the Web, more and more enterprises will turn to PKI to ensure the safe handling of customer information. However, so far, few enterprises have adopted PKI. The problem of PKI itself is the main reason that restricts users' wide adoption. Due to the lack of uniform standards, many American enterprises are excluded from the PKI program. In fact, there are quite mature standards for developing PKI products. Lack of good interoperability is also one of the main obstacles to the wide adoption of PKI. Before PKI vendors can support all standards, many enterprises need to use patent toolkits on their clients, which will greatly limit the rapid popularization of PKI.
However, the main obstacle to the widespread adoption of PKI is still the complexity of its design and implementation. However, it is predicted that with the gradual unification and merger of PKI suppliers, the process of realizing PKI will become simpler and simpler. If the complex implementation makes you flinch, you can outsource the enterprise's system to a third-party supplier.
Many authoritative authentication scheme providers (such as VeriSign, Thawte and GTE) are currently providing outsourced PKI. The biggest problem of PKI outsourcing is that users must entrust the enterprise to a service provider, that is, give up control over network security. If you don't want to do this, you can set up a special PKI. Dedicated solutions usually need to combine various server products of Entrust, Baltimore Technologies and Xcert with the products of mainstream application providers such as Microsoft, Netscape and Qualcomm. Private PKI also requires enterprises to invest a lot of financial and material resources in the process of preparing infrastructure.
For those high-risk industries (such as banking, finance and insurance), PKI is very important for their long-term security needs in the next 10 year. With the widespread popularity of PKI technology, the implementation of PKI will become simpler and the cost will gradually decrease. Because PKI has only recently become a feasible security scheme, this technology still needs further improvement. If your enterprise can't wait for the maturity of this technology, then adopt it now, because its current function is enough to meet most of the security needs of ordinary enterprises.