PKI is a framework used to build a secure infrastructure. It employs many capabilities but can be mistakenly considered the answer for all security within an organization. There are many truths and misunderstandings associated with PKI, which are covered in this section.

PKI is a strong authentication mechanism. The binding of a user to a key pair means that the key pair can be used for digital signing. This task would be difficult in symmetric encryption, for example, because of the need for a new key for each message authentication code. Employing PKI for digital signatures means that a single signing key can be used for multiple documents over a relatively long time period.

PKI provides a mechanism for ensuring that what is being downloaded or read has not been altered. For example, PKI helps protect data from attackers and ensures that attackers are not able to break the communications link and alter the data as they are transmitted over a network. This is beneficial for organizations, particularly if end users are able to download their own software. Ensuring that software has not been altered during the download process assures the end user and the organization that malware was not injected into the software after the download process began.

PKI provides integrity, confidentiality, authentication, and nonrepudiation in a single framework. PKI is a necessary entity in a defense-in-depth security structure. Using the appropriate software, hardware, policies, and community of trust to protect communications between entities within or outside of the organization is paramount to protecting the organization itself. It not only protects the users of an organization but it also protects the consumers who use the organization’s products and services. For example, when a user downloads software, PKI protects the software vendor as much as it protects the user. The user wants to ensure he or she is downloading the correct software from the vendor, but the vendor wants to ensure this too. If there was not a capability provided to ensure integrity of the data, a user could accuse the vendor of injecting malware into the software. The vendor would not be able to prove if this was or was not the case. By comparing the hash values of the correct software and the downloaded software, the vendor can verify what software it developed and intended to be downloaded.

PKI is not an answer to all security questions or concerns. You cannot encrypt all data and communications and assume that everything is fine. Security within an organization requires multiple layers, and PKI is just one layer within the security platform. PKI will not stop attacks on an organization, it will not prevent the downloading of malicious code, and it is not a firewall. PKI does not stop users from making security mistakes. Users will still download software that leaves network ports open, write down passwords, or mistakenly download viruses or Trojan horses to their computer systems. The mere use of a PKI does not ensure an organization is implementing the necessary access controls, training, and standard configurations that help secure an organization.

PKI does not provide authorization. It may authenticate a particular user, but it does not distinguish what that user can or cannot do within the system. Additional tools and capabilities are needed to address this need within an organization.

PKI does not guarantee that the end user can be trusted. PKI employs a community of trust, but it should not be mistaken for trusting the user. For example, Alice trusts that the data she received were sent from Bob, but this does not mean that Bob should be trusted or that the specific information he provided is accurate. This understanding is important when downloading software. You may trust a software vendor and; therefore, you feel comfortable downloading its software. This trust you established was built over time. This may not be the case with other unknown software manufacturers. Just because the data were digitally signed does not mean the original software is secure and that malware has not been incorporated from the start.