PKI and Digital Certificates

Public key cryptography has widely become a way to protect users, networks, data and critical business systems. Public key operations have become integral to security products and custom built systems to encrypt data and ensure privacy, to digitally sign documents and messages to attest to their integrity and authenticity, or to authenticate users and systems and control access.

E-commerce, online banking, internet gaming, smartphones and cloud computing all depend on the use of digital certificates to authenticate the digital identity of users, connected devices, web services and business applications.

Every digital certificate, issued by a Certificate Authority, is based on a pair of cryptographic keys that create a strong, unique credential which is used to perform secure operations such as encryption or signing.

Challenges:

  • To protect against theft of CA signing private keys or root keys, which enables bogus certificates to be issued and any suspicion of compromise may force re-issuance of some or all of the previously issued certificates
  • To overcome weak controls on the use of signing keys, which risk misuse of CA even if the keys themselves are not compromised

Solutions:

  • PKI and Digital Certificates: To create a high-assurance foundation for digital security, you need to secure the process of issuing certificates and managing signing keys. When you add nShield Hardware Security Modules (HSMs) to your PKI, you are deploying independently certified, tamper-resistant devices that are used to secure some of the most sensitive keys and business processes in the organisation.

Benefits:

  • Taking advantage of easily deployed and independently certified security for all high assurance key management and certificate issuance processes
  • Offloading cryptographic processing to accelerate CPU intensive signing operations, boosting performance and enabling applications and business processes to scale
  • Elimination of risky manual key management processes
  • Simplifying the task of demonstrating compliance and responding to forensic and auditing requests through tightly enforced key management policies
  • A wide range of HSM form factors and performance ratings to suit your PKI requirements

Required Products:

  • General Purpose HSMs

 

 

Get In Touch