Security guidelines for PKI-based transactions
For all the infrastructure advantages and business benefits of PKI, recent breaches clearly indicate that the way in which PKI is implemented may not be as inherently secure as most organizations have mistakenly assumed.
What hasn’t been clearly understood is that the private key system used by PKI to encrypt and decrypt messages creates a single and significant point of vulnerability. A recent flurry of breaches involving certificate authorities have exposed this weakness, and have shaken the very foundation of trust that organizations have in PKI.
In order to help enterprises build greater integrity and reliability into their PKI deployments, eliminate unwanted exposure and close security gaps, SafeNet’s cryptographic experts advise the following actions:
Know your options for securing keys, weigh the risks, and choose wisely. All recent breaches have had a common theme – private keys and certificates were protected in software, and were left vulnerable. Software-based security has many benefits – it’s portable and offers great flexibility. Software can be copied easily and live in multiple locations at the same time, making the very benefits of software the areas of greatest security risk.
A hardware-based security module (HSM) creates the trust anchor that locks the private keys and only allows access to vital information from an authorized source. Similarly, hardware based tokens and cards lock the certificates and avoid software based certificate risks.
Don’t assume that because you are working with a certificate authority your infrastructure is secure. If you rely on the certificate authority to authenticate, authorize, and secure application services, understand that the certificate itself is the vital piece within PKI.
If the certificate private key is compromised, the entire PKI environment is compromised. Utilize layers of secure cryptography and select hardware-based options when securing your critical processing PKI end points.
Plan for the next generation of critical applications. Traditional PKI end points have historically included certificate authorities, registration authorities, SSL servers, and applications servers. These have now expanded to include mission-critical business processing applications, such as the smart grid, financial transactions, digital invoices, code signing, and secure device manufacturing. The nature of advanced PKI applications demands greater diligence, given the risk profile of the applications it enables.
It is critical to establish a trust anchor for the protection and issuance of keys and certificates within these vital applications, ensuring that keys cannot be stolen, and the operations/transactions performed by those keys are auditable.