GlobalSign Blog

PKI and Blockchain: What’s the Right Technology for Your Use Case?

PKI and Blockchain: What’s the Right Technology for Your Use Case?

WHICH ONE IS REALLY BETTER than the other: Public Key Infrastructure or Blockchain? This has been a topic that’s been brewing for quite a number of years now. BOTH are actually technical solutions to the social problem of trust, but there are definitely many people online showing a lot more interest in understanding what’s the difference and what’s better.

As industry experts, we’re constantly educating the differences whenever possible to help you make well educated decisions. People already think that Blockchain is an indirect rival of PKI, but each has its own pros and cons, and are better used in different things, so what we can do is advise in what situations would PKI be the right technology to adopt.

Before that though, allow us to deny the allegations that Blockchain is simply PKI 2.0, as PKI and Blockchain are apples and oranges to begin with: PKI is a means to encrypt communications and authenticate the originator of a message, while Blockchain provides a secure, immutable shared ledger for recording time-stamped transactions.

PKI is asymmetric encryption utilizing a public key to encrypt and the private key to decrypt, while Blockchain “chains”  blocks utilizing cryptography and adds a hash containing some metadata of the previous block to the current block. This cryptography may or may not use PKI. As Blockchain doesn't have to be used along with an asymmetric key, it cannot be called an improvement to PKI. On top of this, the centralized nature of PKI, relying on Certificate Authorities (CAs), is like a Mac computer that is a closed and proprietary system. On the other hand, Blockchain is like Linux in that it’s open source, decentralized, and allows for more diverse participation in its development and use. This draws parallels between closed vs. open systems and centralized vs. decentralized structures, which illustrates the anatomical distinctions between PKI and blockchain.

The IoT and Cybersecurity Threat Landscape

The rate that we chuck “Internet of Things” into presentations and pitches has made it lose all meaning.

To refresh, it is the network of hardware accessed through the Internet that can introduce and identify themselves to other devices and use embedded technology to interact with internal states and external conditions. It’s an environment where an object that can represent itself becomes greater by connecting to its surrounding whole and the extensive data flowing around it.

When we talk about interconnection, we usually think in terms of what’s visible to the eye, but IoT describes a world where just about anything can be connected and communicated by making sense of simple data and churning out actionable intelligence. With the IoT, the physical world is just One Big Information Ocean with the concluding goal of improving Quality of Life. However, this also means that personal info and business data can be passed back and forth through millions of devices that may have exploitable vulnerabilities.

Public Key Infrastructure: Why Is It My Business to Know about PKI?

PKI is cognizant of myriad different networks which may or may not share a common trust authority. Through PKI, you reach terms on trust with a root, which then gives you access to all other entities that you can trust by default. It’s genuinely like clicking with a (screened, filtered, vetted) friend of a friend.

With this in mind, it’s long been the case that the Industrial IoT (IIoT) Market has been transforming via Artificial Intelligence and robotics, leading to a booming growth of IIoT technologies. There are now primary Internet networking approaches expected for industrial settings, along with primary connectivity needs in top industrial markets. For such, PKI remains a critical technology for securing the industrial Internet and its benefits for industrial organizations.

In the same breath, smart homes have been needing particular attention in terms of energy management, physical security, healthcare, home appliances, as well as smart home network architectures. Managed Service Providers that serve smart homes would definitely do better leveraging digital certificates to enable a wide variety of security capabilities, including authentication and access control, privacy, confidentiality, and data integrity.

Secure Communications, Digital Signatures, and Other Uses of PKI

Digital certificates are well-suited for securing the identity of IoT devices, since the technology behind certificates, PKI, allows for increased visibility of smart home devices and their connectivity to external assets and applications. For a secure Industrial Internet, companies need to consider that identities for millions of industrial devices are necessary. With unique identities, operators can build security policies starting with authentication and access control, and then extending to monitoring, threat detection, and Certificate Lifecycle Management. Whether you are dealing with a smart home device offering, or an Industrial IoT project, PKI forms the core of device identity, allowing for product differentiation, increased visibility, fraud prevention, and attack reduction.

A company that wants to keep information internal and tamper free, and verifiable to the individual level should prefer to use PKI, also to enable these other functions:

  • Encrypting, authenticating, and decrypting emails, documents, files, senders
  • Encrypting, authenticating, and decrypting through digital certificates stored in smart cards
  • Securing internal communications using database servers, IoT gadgets, and other mutually trusted devices
  • Enhancing VPNs and enterprise intranets with another level of authentication and encrypted communication
  • Strengthening e-commerce security and other web communications

Then Why Do We Still Need Blockchain?

Blockchain is a database and a distributed ledger technology that allows information to be stored securely and with failsafe record-keeping. It excels in creating tamper-resistant, transparent, and decentralized systems. It does not rely on a Certificate Authority (CA). It doesn't store people's verifiable credentials. It keeps only anonymous information that is needed to verify the authenticity of people’s credentials.

Blockchain is a means of making our economy more efficient; it is a means of automating trust. Right now, we are building central intermediaries we can all trust so we can talk shop with each other. We can’t simply delay business for a few more years just for the luxury of trust, can we? With Blockchain, we get all the benefits of speed, cheapness, and customization. That's unnatural and a little creepy to be honest, which makes Blockchain quite disruptive. It simply reminds us how unpredictable civilization is sometimes.

Blockchain and Cryptography

Blockchain rose to fame as bitcoin emerged, so discussing how it applies to payments is a no-brainer. Its protocols are automated and decentralized, enabling the creation of cryptoassets without controlling, supervisory, or centralized bodies. Thus, cryptoassets are transferred securely, and fast.

By the nature of what it is, all transactions that occur on Blockchain leave a record, which gives it the potential to reduce fraud, the financing of terrorism, and money laundering, provided that anonymity is prohibited. The first few years of Blockchain technology did see cryptoassets being used for illicit purposes, as the authorities were not yet using Blockchain's traceability to pursue these crimes. Recently though, only 0.15% of cryptocurrency transactions were associated with illegal activities.

Other Uses of Blockchain in Cybersecurity

With applications varying greatly, many are still being discovered and developed, but here are some of its practical applications:

  1. Intellectual property. This is a little tricky to discuss, but Blockchain's intellectual property log was meant to protect the authorship of original works. This involves Non-Fungible Tokens (NTFs) that, when applied to art, can guarantee paid royalties. Suppose an artist paints a picture, they only earn however much the painting sells for. The non-traceability in the next transactions stops the artist from profiting further. Enter NFTs, which are treated as a unique digital copy of that painting. Blockchain lets you know its exact moment of sale and its price, so that the creator can benefit from the revaluation of their work. It sure opens a host of problems, but that’s for a different blog article altogether.
  2. Education. The most technologically advanced universities and certifying associations have already been issuing course certificates through Blockchain. This application prevents fraud in job candidates' curriculum vitae.
  3. Financial markets. The German stock market has trialed Blockchain to issue bonds from different issuers. This offers full traceability of debtors. Future applications in this sector could see the improved efficiency in reconciliation processes and potential replacement of clearinghouses.
  4. Smart contracts. Already used in microinsurance and crowdfunding systems that require a notary public, smart contracts aim to simplify processes based on ITTT (If This, Then That) clause programs.

Different Technologies, Different Purposes

More than half of the world’s Blockchain implementations do use digital signatures; what PKI brings to the digital signature table is the authenticating ownership of a key. Blockchain can’t give you this; you will need to add PKI. Meanwhile, Blockchain contributes an innovative and distributed method of creating and maintaining tamper evidence for a digital ledger. While nothing in a Blockchain guarantees an entry in the block is legitimate or identifies the parties in the transactions on the ledger, you can be sure that a Blockchain has been “fixed”  in that form since being written.

Fairly speaking, PKI enables signing the data you send but that doesn’t help with how other companies are storing the data. You typically have multiple disconnected stores, and communication happens only when one of them initiates - again, it does nothing about real time availability of data. With Blockchain, you actually keep an active single copy of the data that by reaching a consensus of signatures between parties involved can be governed, i.e. modification can be defined and make the data accessible to all parties with low risk of modification. Basically, a Blockchain, relying on PKI, allows you to put a number of companies on the same page.


Blockchain-PKI Fusion on the Horizon?

These days Blockchain and PKI have been running jointly at the hip but as time ticks by, could it be that a blockchain-PKI fusion is on the horizon? Over the years there have been developments showing how Blockchain has secured digital communications by utilizing identity through PKI whilst offering built-in certificate transparency.

Significant human interaction, really, is all about the successful establishment of unbreakable trust, and any organization can thrive with the right solutions to fortify this. To learn more, talk to our experts.

Share this Post

Related Blogs