1. Building PKI Infrastructure

Scenarios: 6
FFI Functions: ~45
Status: ⏳ Planned

This category encompasses all scenarios for building and managing a Post-Quantum-capable Public Key Infrastructure (PKI). From creating a Root CA through multi-tier CA hierarchies to configuring revocation services (CRL/OCSP).

Scenarios

ID Scenario Description Complexity Status
1.1 Create Root CA Self-signed Root CA with ML-DSA-65 ⭐⭐⭐⭐
1.2 Create Intermediate CA Subordinate CA signed by Root ⭐⭐⭐
1.3 Build CA Hierarchy Multi-tier PKI structure ⭐⭐⭐⭐
1.4 Configure Trust Store Manage trusted CAs ⭐⭐
1.5 Define Certificate Policy Establish issuance policies ⭐⭐⭐
1.6 CRL/OCSP Infrastructure Set up revocation services ⭐⭐⭐⭐

Architecture Overview

flowchart TB subgraph ROOT["🔐 Root CA (Scenario 1.1)"] R[("Root CA
ML-DSA-65/87
20 Years")] end subgraph INTERMEDIATE["📜 Intermediate CAs (Scenario 1.2)"] I1["Intermediate CA
Server
10 Years"] I2["Intermediate CA
Client
10 Years"] I3["Intermediate CA
CodeSign
10 Years"] end subgraph ENDENTITY["🎫 End-Entity Certificates"] E1["Server Certs
TLS/HTTPS"] E2["Client Certs
mTLS/Auth"] E3["CodeSign Certs
Signing"] end R -->|signs| I1 R -->|signs| I2 R -->|signs| I3 I1 -->|issues| E1 I2 -->|issues| E2 I3 -->|issues| E3 subgraph TRUST["🛡️ Trust Store (Scenario 1.4)"] T1["Root CA Certificates"] T2["Cross-Certificates"] end subgraph REVOCATION["🚫 Revocation (Scenario 1.6)"] CRL["CRL Distribution Points"] OCSP["OCSP Responder"] end R -.->|publishes| TRUST I1 & I2 & I3 -.->|publishes| CRL I1 & I2 & I3 -.->|responds| OCSP

Industry-Specific Requirements

Different requirements for PKI lifetimes and compliance apply depending on the industry:

Industry Root CA Validity Specifics Regulation
Energy/SCADA 25 Years Wind turbine lifetime, offline CRL NIS21), KRITIS-VO
Healthcare 20 Years gematik OIDs, ePA compatible GDPR Art. 32, DiGAV
Automotive 30 Years V2X PKI, pseudonym certificates UN R1552), ISO 21434
Industry 4.0 20 Years OT/IT separation, IEC 62443 NIS2, Machine Regulation
Standard IT 15 Years Standard enterprise PKI BSI IT-Grundschutz

Key Types for CAs

CA Type Recommended Algorithm Validity Rationale
Root CA ML-DSA-65 or ML-DSA-87 15-25 Years Highest security, rarely used
Intermediate CA ML-DSA-65 8-12 Years Balance security/performance
OCSP Responder ML-DSA-44 1-3 Years Frequent signing, performance critical

Hybrid Recommendation: For the transition phase, hybrid keys (ECDSA P-384 + ML-DSA-65) can be used to ensure compatibility with classical systems.

Important Extensions for CA Certificates

Root CA

Extension Value Critical
Basic Constraints CA=true, pathLen=1 or 2 ✅ Yes
Key Usage keyCertSign, cRLSign ✅ Yes
Subject Key Identifier SHA-256(publicKey) ❌ No

Intermediate CA

Extension Value Critical
Basic Constraints CA=true, pathLen=0 ✅ Yes
Key Usage keyCertSign, cRLSign ✅ Yes
Subject Key Identifier SHA-256(publicKey) ❌ No
Authority Key Identifier SKI of Root CA ❌ No
CRL Distribution Points URL to CRL ❌ No
Authority Info Access OCSP URL, CA Issuers URL ❌ No
Certificate Policies Policy OID ❌ No

Security Notes

Critical Requirements for CA Operation:

  • Root CA Private Key: Store offline (air-gapped HSM or encrypted USB stick in safe)
  • Intermediate CA Private Key: HSM or strongly encrypted with hardware token
  • Passwords: Minimum 20 characters, high entropy, securely stored
  • Audit Logging: Log all CA operations
  • Backup: Encrypted backups at separate locations
  • Key Ceremony: Documented process for Root CA operations

Never:

  • Store Root CA private key on networked systems
  • CA passwords in plain text in scripts/configs
  • Issue CA certificates without pathLength restriction
  • Use self-signed end-entity certificates in production

Typical Workflow

flowchart TB subgraph P1["1️⃣ PREPARATION"] V1["Prepare air-gapped system"] V2["Document certificate policy"] V3["Define DN structure"] V4["Plan validity periods"] end subgraph P2["2️⃣ CREATE ROOT CA"] R1["ML-DSA-65/87 key pair"] R2["Self-signed certificate"] R3["Encrypt private key"] R4["Export root certificate"] end subgraph P3["3️⃣ INTERMEDIATE CA"] I1["ML-DSA-65 key pair"] I2["Create CSR"] I3["Root signs certificate"] I4["Deploy online"] end subgraph P4["4️⃣ TRUST & REVOCATION"] T1["Configure trust stores"] T2["CRL distribution points"] T3["OCSP responder"] T4["Publish first CRL"] end subgraph P5["5️⃣ OPERATION"] B1["Issue certificates"] B2["Update CRLs"] B3["OCSP responses"] B4["Monitor audit logs"] end P1 ==> P2 ==> P3 ==> P4 ==> P5 style P1 fill:#e3f2fd style P2 fill:#e8f5e9 style P3 fill:#fff8e1 style P4 fill:#fce4ec style P5 fill:#f3e5f5

Quick Start Code

Minimal Example: Create Root CA (C#)

using WvdS.Security.Cryptography.X509Certificates.Extensions.PQ;
 
using var ctx = PqCryptoContext.Initialize();
 
// Root CA with ML-DSA-65
using var rootKey = ctx.GenerateKeyPair(PqAlgorithm.MlDsa65);
var rootDn = new DnBuilder().AddCN("My Root CA").AddO("My Org").AddC("DE").Build();
 
using var rootCert = ctx.CreateRootCertificate(rootKey, rootDn,
    validYears: 20,
    extensions: new ExtBuilder()
        .BasicConstraints(ca: true, pathLen: 1)
        .KeyUsage(KeyUsageFlags.KeyCertSign | KeyUsageFlags.CrlSign)
        .SubjectKeyIdentifier(rootKey)
        .Build()
);
 
// Save
File.WriteAllText("root-ca.crt.pem", rootCert.ToPem());
File.WriteAllText("root-ca.key.pem", rootKey.ToEncryptedPem("SecurePassword123!"));

Complete example: Scenario 1.1

Category Relationship
2. CSR CSR creation for Intermediate CAs
3. Issue Certificates Sign end-entity certificates from CA
5. Validation Validate certificates against trust store
6. Revocation CRL/OCSP operations
11. Key Management Manage, rotate, destroy CA keys

« ← Scenarios Overview | 1.1 Create Root CA → »

Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional

, , , , , ,
1)
NIS2 Directive (EU) 2022/2555: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32022L2555
2)
UNECE R155: https://unece.org/transport/documents/2021/03/standards/un-regulation-no-155-cyber-security-and-cyber-security