Public key infrastructure
The purpose of a public key infrastructure (PKI) is to implement secure electronic transactions over insecure networks such as the internet. A PKI is used to authenticate identities for the purposes of data encryption and signing:
- encryption – scrambles the data in a way that makes it unreadable except to intended recipients
- signing – proves who authored the data and guarantees that it hasn’t been tampered with since
Encryption and signing are provided by public-key cryptography. A PKI supports public-key cryptography by assuring the identities of the entities that encrypt and sign data. It does this by issuing digital certificates. A PKI is therefore used to set up and maintain a network of trusted entities and services. This means that when you send encrypted data you can be certain that only the intended recipient can decrypt it and that when you receive signed data you can be certain who authored it.
Why does GOV.UK Verify use a PKI?
The Identity Assurance Programme (IDAP) runs a PKI to enable secure communication between the entities in the GOV.UK Verify federation, for example, between government services and the GOV.UK Verify hub. For an outline of the technical steps in the connecting process, see the development steps.
The entities in the GOV.UK Verify federation communicate with each other using SAML. Public-key cryptography secures the integrity and privacy of SAML messages sent between the different entities.
What do you need to do?
As part of the GOV.UK Verify federation you need to request certificates from the IDAP PKI certificate authority. When your certificates are due to expire you need to run the key rotation process to update the keys in your certificates.
For more information, see the development steps to integrate GOV.UK Verify into your service.
You are responsible for ensuring that the terms of the IDAP PKI Certification Policy are upheld. To do this, you and your service manager need to refer to a set of documents. Your service manager must request these documents from the IDAP PKI:
- Certification Practice Statement for the Interim PKI for the IDAP Ecosystem – sets out the practices governing cryptographic services for the IDAP federation
- IDAP PKI Relying Party Agreement – sets out the terms for those who do not necessarily hold a certificate, but who, during the course of a transaction, may be a recipient of a certificate and place reliance on a certificate and/or digital signatures created using that certificate
- GOV.UK Verify Certification Process for (Relying Party) Subscribers – indicates the URLs where you can submit certificate requests to the IDAP certificate authority
Public keys, private keys, and certificates
To encrypt and sign data, you need 2 pairs of keys:
- public and private encryption keys
- public and private signing keys
The keys consist of very long numbers linked in a particular way so the public key can be derived from the private key but not the other way around. Entities within a PKI generate their own keys. They always retain their private keys. However, they share their public keys with other entities to allow secure communication through encryption and signing.
Public keys are shared using certificates. A certificate is a file that contains:
- a copy of the certificate owner’s public key
- information about the identity of the certificate owner
- an indication of the purpose of the certificate, for example, encryption or signing
Certificates are issued and signed by a certificate authority. The certificate authority acts as the trust anchor in the PKI. An entity that receives data from a third party can request confirmation from the certificate authority that the third party’s certificate is valid.
Keys and certificates in the GOV.UK Verify federation
The IDAP PKI and GOV.UK Verify federation use the X509 standard for digital certificates.
In the GOV.UK Verify federation, the IDAP certificate authority issues and signs certificates. As a government service using GOV.UK Verify, you must request encryption and signing certificates for your service provider.
If you are running the legacy setup with matching, you must also request encryption and signing certificates for your Matching Service Adapter.
To obtain a certificate:
- Generate pair of keys (private and public). You must generate a pair of encryption keys for each encryption certificate request and a pair of signing keys for each signing certificate request.
- Submit a certificate signing request to the IDAP certificate authority.
- The certificate authority generates your certificate and sends it to you.
The certificate authority also issues certificates for the GOV.UK Verify hub and identity providers.
Data encryption and signing
Encryption certificates provide the sender with assurance that only the intended receiver can decrypt the message.
The sender extracts the public encryption key from the receiver’s encryption certificate and uses it to encrypt a message. The receiver decrypts the message using their corresponding private encryption key.
Signing certificates provide the receiver with assurance of who authored the message. They also guarantee that the message hasn’t been tampered with since the author signed it.
When signing data, you use your private signing key to create a digital signature, and then send the signed message. The receivers check the digital signature using your public signing key from your signing certificate.
You can use encryption and signing together or alone.
When a user indicates that they would like to prove their identity, the government service sends a message to the GOV.UK Verify hub. The message is unencrypted because it contains no personal user information. However, the message is signed because the hub needs assurance that the message originated from the government service.
Encryption and signing
When a user has verified their identity, the identity provider sends a signed message to the hub containing the user’s encrypted personal information. This ensures the confidentiality of the message and that the message originated from the identity provider.
A message can contain embedded messages which may be encrypted and/or signed by different entities within the GOV.UK Verify federation. For more information, see the diagram showing the SAML message flow within the GOV.UK Verify federation.