PKI 101

The Need For Online Security

In today's online world, email communication has joined telephone conversations and face-to-face meetings as the primary means of communicating. While email allows us to communicate with speed and effectiveness, it lacks the security of a phone call or a face-to-face meeting. Simply put, when you send or receive email, it is not possible for you to know with complete certainty that the sender or receiver is actually the person they claim to be. Similarly, the act of logging on to an application using a username and password guarantees that you know a valid username and password but it does not guarantee that you are the person to whom the username/password combination was originally issued. Obviously, this situation can lead to serious security breaches while conducting Government business since it fails to provide you, the user, with a means of validating the true identity of the person or application with whom you are communicating.

In order to fully understand how the HHS PKI enhances digital security, we must first understand how PKI works.

What is Cryptography?

Cryptography is the science of secret writing. The word itself is derived from Greek - kyptos (which means hidden) and graphen (which means to write). Simple ciphers have been with us for many hundreds of years. Simply put, cryptography involves two processes - encryption, which converts plaintext to cyphertext, and decryption, which converts the cyphertext back into readable form.

A simple form of encryption that is used is called Symmetric Encryption. Symmetric encryption works on a "shared secret" principle in which the creator of an encrypted message provides the recipient of the message with means to decode the message. The appeal of this approach lies in its simplicity, but symmetric encryption has a major security drawback. Any encryption scheme that relies on a shared secret is vulnerable the moment the secret key is discovered by third parties. The likelihood of the secret key being discovered increases each time you share your key with another party. Further, keeping track of the secret keys of all of the people you correspond with is no small challenge in and of itself.

Asymmetric Encryption

Asymmetric Encryption avoids this problem by not relying upon a shared secret key. Instead, asymmetric encryption uses two mathematically related keys - a Public Key which is published for all to see and a Private Key which is a closely held secret of its owner. While it is not possible to derive one key from the other, the keys can in fact be used to together to encrypt and decrypt a message. This process is known as Public Key Cryptography.

As you can see in the illustration below, the sender of an encrypted email uses the recipient's public key to encrypt the email (ie. convert it into unreadable ciphertext) and the recipient decrypts the message using his or her private key.

Encryption and decryption diagram

The Key Pair makes it possible for a private key and public key to work together to encrypt your email message. Once encrypted, only the designated recipient of the message will be able to decrypt it.

Since public keys are published in a central repository, key management is greatly simplified over the symmetric model.

What Is a Digital Signature?

Encrypting the contents of your email ensures that only the designated recipient can read your message. How can you ensure, however, that the sender of the message really is who they claim to be? The answer lies in the use of a digital signature.

First, it is important to note that a digital signature and an electronic signature are not the same! An electronic signature is merely an electronic sound, symbol, or process that you and another individual have agreed represents your identification. A digital signature, on the other hand, provides the recipient with a guarantee that a) you are indeed the sender of the message, and b) the contents of the message have not been modified or otherwise tampered with.

How Does a Digital Signature Work?

When you add a digital signature to an email message, a special algorithm called a Hash Function is used to generate a Hash Value. A hash value can be thought of as a numeric representation of your message. Your private key is then used to encrypt the hash value and the result becomes the digital signature associated with the message.

Message and Private Key Diagram

When the message is received, the recipient verifies that the message is indeed from you by making a hash of the received message. The recipient then uses the sender's public key to decrypt the message. If the hashes match, the received message is indeed valid and must have come from the sender since only the sender could have encrypted the hash in the first place.

Encryption and decryption diagram

Your Digital Signing Certificate Allows You To Validate the Identity of the Sender and Feel Confident that the Contents of the Message Have Not Been Altered.

Public Key Infrastructure

At this point, you may be asking where keys come from and where the Public Key is stored. That's where PKI (Public Key Infrastructure) comes in. Public Key Infrastructure provides the means to bind public keys to their owners and helps in the reliable distribution of public keys.

There are five major components to PKI:

  • Certification Authority (CA) - A trusted third-party who issues digital certificates.
  • Local Registration Authority (LRA) - An individual who performs identity proofing on behalf of the Certification Authority.
  • Directory - A centralized depository of all public keys.
  • Archive - A permanent record maintained for the purpose of verifying the validity of records.
  • Users - there are two types of PKI users:
    1. Subscriber - the owner of a digital certificate who uses it to send a digital signed message or receive an encrypted email
    2. Relying Party - a user who depends upon a senders certificate to verify their digital signature or a recipient's certificate to send them an encrypted email.

Your digital certificate contains information that uniquely identifies you. It contains your name, a serial number, expiration date, a copy of your Public Key, and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real.

Certificate Components

Your Digital Certificate Contains Information That Uniquely Identifies You Within the Universe of HHS Certificate Holders

Over time, you may acquire many different digital certificates from many different sources. Your web browser keeps track of digital certificates that you have obtained and helps to make your digital certificates available to other applications that you use - Microsoft Outlook for example.

Making it easy for you to request certificates and manage their use once the certificates have been obtained is what the HHS PKI is all about!