Is the public key infrastructure (PKI) unbreakable if properly installed and operated?
The answer to this question is: Yes. It is possible to crack the public key encryption algorithm. The crucial element in any security tool like PKI is the cryptographic or hash algorithm used to generate the technology's private and public keys, or digital signatures. In this case, it is the length of the keys used that defines the strength of the algorithm. By using a limited bit length to generate the keys, or the digital signature, it increases the likelihood that a brute-force attack -- where an intruder tests every possible key combination to break the cryptographic or hash algorithm -- will succeed.
Remember that if an attacker uses brute force, the computing power needed to break the algorithm increases exponentially with the length of the key. For example, a 32 bit-length key requires 232 combinations; a key of this length can be easily broken with today's computing power. Even a 512 bit-length key can be broken by large governments or university research groups within a few months. In theory, any cryptographic method can be broken by trying all possible combinations. Fortunately, at the moment, a PKI system using long-length keys (i.e. 2,048 bits) is practically unbreakable due to the level of computing power and time it would take to break the encryption -- if, as you mention, it's properly installed and operated.
- Learn more about updating PKI with secure hash functions.
- Check out this learning guide on PKI and digital certificates.
Dig Deeper on Identity and access management
Related Q&A from Randall Gamby
When it comes to minimum password length, 14-character passwords are generally considered secure, but they may not be enough to keep your enterprise ... Continue Reading
Learn how to create account lockout policies that detail how many unsuccessful login attempts are allowed before a password lockout in order to ... Continue Reading
Simple photography cracking biometric systems highlights the need for two-factor authentication in enterprises according to expert Randall Gamby. Continue Reading