Certificates, again
March 21st, 2004 by Jiri
When designing secure solutions, you always come across someone who thinks the problem at hand can be resolved by public key cryptography. Or more specifically, using personal certificates. And it always take a long time to explain that although making data exchanged between Alice and Bob from Eve looks good on paper, in reality, it is a major pain in the neck. Funny thing is that such people are usually adamant in their views and it is hard to convince them.
The thing is that the reason for PKI not becoming widespread is not a lack of people attempting to make it work. PKI is not widespread simply because too many people failed to make it work.
The following extract (from Jon Udell’s Weblog) is a good testimony for why personal certificates are such a hassle:
You are to be commended for fighting through the free email certificate acquisition and installation process. And to think you just have to do it again next year. Or when you get another computer. Or you want to send email from your office, laptop and home computer using the same email address. Or when you change your email address, and you realize there’s no way to invalidate the certificate for the old email address.
And if just you and the rest of the world would actually do this complicated process, S/MIME would finally become useful for email, provided all those desktops were secure enough to keep hackers and virus writers from stealing your keys. Also, if you encrypt on your desktop using a recipient’s public key, you’ll likely be violating corporate policies because the company will not be able to meaningfully audit or archive the encrypted message.
But do you suppose free email certificates wouldn’t be free today if people actually wanted them? They are free because nobody will pay for them, and even at the cost of nada, few actually do. I think this points out that people as a whole just can’t work with PKI’s complexity, portability and constant renewal hassles. Have you ever tried to validate a digitally signed email from a few years ago? Do you really have the certificates that went with old message today? And even if you’re one of the rare folks who actually keeps all of these thousands of certificates — one per email address per year does add up quickly — because they expire, you will get signature failures and have to note that the error was related to expiration and not because it was tampered with or the cert was revoked.
Public key crypto as a solution should not be completely written off. Where it works, it does the job and I it will have its own place in future innovative security solutions. But it is not certainly a panacea and there are many contexts for which it does not provide good solutions.