NSA concerned about PKI scalability

Protecting access to Defense Department information systems with public-key infrastructure software tokens presents an "enormous problem'" because of the scale of the effort involved in issuing digital certificates to a uniformed and civilian work force that totals more than a million users, a top National Security Agency official said.

Mike Jacobs, deputy director for information systems security at the NSA, said the scalability challenges of providing PKI to all DOD users — as well as military dependents for access to benefit systems — is an effort that will test both the agency and industry, adding that officials "don't know whether or not you can scale up" to millions of users.

Jacobs, speaking last week at the West 2000 conference sponsored by the Armed Forces Communications and Electronics Association and the U.S. Naval Institute, also said DOD has to follow the PKI route because highly secure encryption algorithms housed in hardware — PCMCIA cards, developed by the NSA — cost too much.

Jacobs added that NSA will soon "put out to bid" its PKI requirements, trying to determine "if it is possible" to field the kind of certificates it requires to protect its global enterprise.


  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

  • IT Modernization
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    VA plans 'strategic review' of $16B software program

    New Veterans Affairs chief Denis McDonough announced a "strategic review" of the agency's Electronic Health Record Modernization program of up to 12 weeks.

Stay Connected