公钥基础设施的演进——PKI的下一步

最新推荐文章于 2023-02-16 17:04:24 发布

蓝月心语

最新推荐文章于 2023-02-16 17:04:24 发布

阅读量459

点赞数

分类专栏：计算机安全文章标签： PKI

计算机安全专栏收录该内容

1 篇文章 0 订阅

订阅专栏

作为委托持续庆祝公钥基础设施（PKI）二十周年的一部分，我们回顾了四部分系列，介绍了不断发展的技术的先驱，流程和事件。
在前三个部分，我们追溯了PKI的早期历史，并强调了迄今为止技术形成的一些挑战和创新。今天我们来看看PKI的未来，以及制定安全的政策和做法的复杂性，这些政策和做法超越了国界，以保护全世界的公民和数据。

公钥基础设施的演进 - PKI的下一步

多年来，专利和政府参与推迟了基于公钥技术的安全解决方案的获取和采用。一个主要考虑因素包括用户以有效和安全的方式管理其关键材料的能力，而不会成为恐怖分子和敌国的工具。今天，这个问题在很大程度上被克服了。

另一个常见的问题是，如果量子计算机成为现实，那么可以考虑大型复合数字，并在多项式时间内找到离散对数 - 这意味着当前的公钥技术将被破坏。但是，目前看来，这是一个不确定和遥远的可能。如果不知何故，我们会有足够的警告 - 足够时间适应。

随着PKI的长期成功，毫不奇怪，它已经在越来越多的情况下出现，从网络到身份证件到移动设备，到今天的“智能”设备，远程控制的家庭系统和整个互联网（IOT）。 PKI将强大的保护与成本效益管理和用户友好性相结合的能力现在成为其成功的核心。随着移动设备的兴起，越来越多的“智能”应用和使用，预计将大幅增加。

1 移动增长

PKI将继续在移动信任锚定，设备身份认证和认证方面发挥关键作用。随着越来越多的组织使用证书进行Wi-Fi和VPN网络的安全移动连接，PKI满足了对安全，安全传输各种数据的更高要求。

这包括广泛的移动应用，移动支付，云服务以及物理和逻辑资产的访问。移动证书对于识别和保护企业发行的设备以及越来越多的自带设备也至关重要。（BYODs）

2 物联网（IOT）

广泛地预测，未来的IT基础设施和身份认同是物联网的重要因素，物联网将依靠PKI在大量互联应用和设备中发挥重要作用。

这些网络连接的东西已经包括ATM和金融帐户，照明系统和恒温器，家庭监视设备，医疗设备，各种智能电表，电子门，电视机，家用电器甚至飞机，火车和汽车。

所有这些都需要透明，一致的形式的基于证书的身份认证。已经处理了网络连接的设备数十年，PKI是高速传送和管理大量证书的理想解决方案。

尽管移动性和物联网是相对较新的市场驱动力，但它们的要求与早期的网络连接设备基本相同。鉴于PKI的显着实力及其适应新应用的灵活性，人们可以期待技术能够持续相当长的一段时间，因为它能够做得很好。

3 未来是PKI

回顾公共关键技术的早期阶段，最受欢迎的方案的固有简单性是许多人关注的问题。我们如何将这个简单的数学运算的长期安全置于信心？

虽然在一些围绕基本方案的装饰品中发现了这些技术，但是技术本身在过去四十年中受到无数专家的重视。在许多方面，我们对PKI的有效性的信心比以往任何时候都更强大 - 它仍然是我们日益增长的安全挑战中最实际和最具成本效益的解决方案。

4 原文

As part of Entrust’s ongoing celebration of our 20th Anniversary of Public Key Infrastructure (PKI), we’re looking back in a four-part series on the pioneers, processes and events that have shaped this ever-evolving technology.

In the first three parts, we traced the early history of PKI and highlighted some of the challenges and innovations that shaped the technology thus far. Today we look at the future of PKI and the complexities of creating secure policies and practices that extend beyond borders to protect citizens and data worldwide.

The Evolution of Public Key Infrastructure – What’s Next for PKI?

For many years, the access and adoption of security solutions based on public-key technology was delayed by patents and government involvement. One primary concern surrounded the ability of users to manage their key material in an effective and secure manner – without becoming a tool for terrorists and enemy states. Today, this issue has been largely overcome.

Another concern often reported was that, should quantum computers ever become a reality, it will become possible to factor large composite numbers and find discrete logarithms in polynomial time – meaning that current public-key techniques will be broken. However, at the moment, this looks like an uncertain and distant possibility. If it were somehow to come about, we would have plenty of warning – and time enough to adapt.

With the long-term success of PKI, it’s no surprise that it has been popping up in an increasing number of situations – from the Web to identity documents to mobile devices to today’s “smart” appliances, remote-controlled home systems and the entire Internet of Things (IOT). PKI’s ability to combine strong protection with cost-effective management and user-friendliness is now at the core of its success. And it is expected to increase sharply as mobile devices proliferate, with more and more “smart” applications and uses.

1 The Growth of Mobile

PKI will continue to play a key role in the growth of mobile for trust anchoring, device identity and authentication. As more and more organizations use certificates for secure mobile connection to Wi-Fi and VPN networks, PKI meets the increased demand for safe, secure transmission of all kinds of data.

This includes a wide range of mobile apps, mobile payments, cloud services and access to physical and logical assets. Mobile certificates are also essential in identifying and securing corporate-issued devices and the growing number of Bring-Your-Own-Devices. (BYODs)

2 Internet of things (IOT)

Widely predicted to be a major factor in future IT infrastructure and identity, the Internet of Things will rely on PKI to play an essential role in a vast number of interconnected applications and devices.

These network-connected things already include ATMs and financial accounts, lighting systems and thermostats, home surveillance equipment, medical devices, smart meters of all varieties, electronic doggie doors, TV’s, home electronics – even planes, trains and automobiles.

All of these require a transparent, consistent form of certificate-based identity authentication. And having dealt with network connected devices for decades, PKI is the ideal solution to deliver and manage large numbers of certificates at high speed.

Even though mobility and IoT are relatively new market drivers, their requirements are essentially the same as those of earlier network connected devices. Given the remarkable strength of PKI and its flexibility in adapting to new applications, one can expect the technology to continue for quite some time, because it does what it does really well.

3 The Future is PKI

Looking back to the early days of public-key technology, the inherent simplicity of the most popular schemes was a concern to many. How could we place our faith in the long-term security of such simple mathematical operations?

While chinks have been discovered in some of the embellishments surrounding the basic schemes, the technology itself has withstood close scrutiny by countless experts over the past forty years. In many ways, our confidence in the effectiveness of PKI is stronger than ever – and it remains the most practical and cost-effective solution to our ever-growing security challenges.