Public key infrastructure (PKI) is an excellent technology to help users certify that the people or companies they are corresponding with are who they say they are. It has proven itself invaluable in e-commerce among other areas. As with any technology, however, it is not without its own security risks. Eliana Stavrou discusses these risks, and ways to minimize them.

The generation of the public and private key is done using a cryptographic algorithm, and the generation of a digital signature is done using a hash algorithm. Examples of well known cryptographic algorithms are RSA (Rivest - Shamir - Aldeman), Diffie – Hellman, Elliptic Curve and DSS (Digital Signature Standard). Examples of well known hash algorithms are MD2, MD4, MD5 and SHA (Secure Hash Algorithm).

The risk associated with the cryptographic or hash algorithm used to generate the keys or digital signature respectively, pertains to the length of the keys that define the strength of the algorithm. By using a limited bit length to generate the keys or the digital signature, you face the risk of a brute force attack, in which an intruder tests every possible key combination to break the cryptographic or hash algorithm. These days, a brute force attack is easily made as computers get faster and cheaper.

Keep in mind that, if an attacker uses brute force, the computing power that is needed to break the algorithm increases exponentially with the length of the key. For example, a 32 bit length key requires 2^{32 }combinations; a key of this length can be easily broken even by you using special software. These days, a 512 bit length key can be broken by major governments or university research groups within a few months.

In theory, any cryptographic method can be broken by trying all possible combinations. Fortunately, at the moment large length keys (i.e. 2048 bits) are unbreakable. By the time a cryptographic algorithm is broken, usually a new, stronger algorithm appears to cover the loss.

How to minimize the risk: There is always the risk of using weak algorithms, which generate the public key from the private key in a manner that allows the value of the private key to be determined. Each issuing authority must use well-known algorithms and a large bit length for the generated keys to prevent an attacker from predicting the keys and causing problems. In addition, anyone requesting a digital certificate should take some time reading the Certificate Practice Statement of the issuing authority; it states the key length and the cryptographic and hash algorithms used. By doing so, all parties could prevent the creation of weak keys that can be determined by an intruder.