NSA concerned about PKI scalability

Protecting access to Defense Department information systems with public-key infrastructure software tokens presents an "enormous problem'" because of the scale of the effort involved in issuing digital certificates to a uniformed and civilian work force that totals more than a million users, a top National Security Agency official said.

Mike Jacobs, deputy director for information systems security at the NSA, said the scalability challenges of providing PKI to all DOD users — as well as military dependents for access to benefit systems — is an effort that will test both the agency and industry, adding that officials "don't know whether or not you can scale up" to millions of users.

Jacobs, speaking last week at the West 2000 conference sponsored by the Armed Forces Communications and Electronics Association and the U.S. Naval Institute, also said DOD has to follow the PKI route because highly secure encryption algorithms housed in hardware — PCMCIA cards, developed by the NSA — cost too much.

Jacobs added that NSA will soon "put out to bid" its PKI requirements, trying to determine "if it is possible" to field the kind of certificates it requires to protect its global enterprise.


  • Comment
    customer experience (garagestock/Shutterstock.com)

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected