Key Management in Cryptography

What

is key management?
Why are we talking about key
management?
Key management techniques
Key management life cycle

What is key management?

Definition: Key management is the set of techniques

and procedures supporting the establishment and
maintenance of keying relationships between
authorized parties.
A keying relationship is the state wherein
communicating entities share common data(keying
material) to facilitate cryptography techniques. This
data may include public or secret keys, initialization
values, and additional non-secret parameters.

What is key management (cont.)?

Key management encompasses techniques and

procedures supporting:
1. initialization of systems users within a domain;
2. generation, distribution, and installation of keying
material;
3. controlling the use of keying material;
4. update, revocation, and destruction of keying material;
and
5. storage, backup/recovery, and archival of keying
material.

Why are we talking about key management?

Most

attacks aimed at key management

level rather than cryptographic algorithm
itself?

Key

management objectives, threats, and

policy

Why are we talking about key management?

Objectives
The objective of key management is to maintain
keying relationships and keying material in a
manner that counters relevant threats
In practice an additional objective is conformance to
a relevant security policy

Why are we talking about key management?

Threats
1. compromise of confidentiality of secret keys
2. compromise of authenticity of secret or public keys.
3. unauthorized use of public or secret keys

Why are we talking about key management?

Security policy
Security policy explicitly or implicitly defines the
threats a system is intended to address
Security policy may affect the stringency of
cryptographic requirements, depending on the
susceptibility of the environment in questions to
various types of attack.

Why are we talking about key management?

Security policies also typically specify:
1. practices and procedures to followed in carrying out
technical and administrative aspects of key
management, both automated and manual;
2. The responsibilities and accountability of each party
involved; and
3. The types of tecords to be kept, to support subsequent
reports or reviews of security-related events.

Key management techniques

Public-key

vs. symmetric-key techniques

Primary advantages offered by public-key (vs.

symmetric-key) techniques for applications related to
key management include:
1. simplified key management
2. on-line trusted server not required
3. enhanced functionality

Key management techniques

a)

Key management
Symmetric-key encryption
plaintext

ciphertext
encryption
secret key

symmetric
key generator

decryption

plaintext

secret key

Key management techniques

b) public-key encryption
plaintext

plaintext

ciphertext
encryption

decryption

public key

private key
asymmetric key pair
generation

secure channel (private and authentication)

secure channel (authentication only)
unsecured channel (no protection)

Key management techniques

Techniques

for distributing confidential keys

- Key layering and symmetric-key certificates

Key layering:
1. master keys keys at the highest level in the hierarchy
2. key-encrypting keys symmetric keys or encryption public
keys used for key transport or storage of other keys
3. data keys used to provide cryptographic operations on user
data

Key management techniques

symmetric-key certificates:
Symmetric-key certificates provide a means for a KTC(Key
Translation Center) to avoid the requirement of either maintaining
a secure database of user secrets (or duplicating such a database
for multiple servers), or retrieving such keys from a database upon
translation requests.

Key management techniques

Techniques for distributing public keys

- Authentication trees
Authentication trees provide a method for making public data
available with verifiable authenticity, by using a tree structure in
conjunction with a suitable hash function, and authenticating the
root value.
- Public-key certificates
Public-key certificates are a vehicle by which public keys may be
stored, distributed or forwarded over unsecured media without
danger of undetectable manipulation

Key management techniques

- Two public-key systems
a) Identity-based system
b) asymmetric system with implicitly-certified public
keys

Key management techniques

Techniques for controlling key usage

- Key separation and constraints on key usage
Information that may be associated with cryptographic keys includes
both attributes which restrict their use, and other information of
operational use.These include:
1. owner of key
2. validity period
3. key identifier
4. intended use
5. specific algorithm
6. system or environment of intended use, or authorized users of key
7. names of entries associated with key generation, registration, and
certification
8. integrity checksum on key

Key management techniques

- Key

separation and threat of key misuse

The principle of key separation is that keys for different purposes

should be cryptographically separated. The threat of key misuse
may be addressed by techniques which ensure that keys are
used only for those purposes pre-authorized at the time of key
creation.
Techniques for controlling use of symmetric keys
The main technique is the use of control vectors:
Control vectors provide a method for controlling the use of keys, by combing
the idea of key tags with the mechanism of simple key notarization.

Key management techniques

Key

management involving multiple domains

- Definition A security domain is defined as a (sub)system

under the control of a single authority which the entities therein
trust.

Trusted between two domains

Two parties A and B, belonging to distinct security domains D A
and DB with respectively authorities TA and TB, may wish to
communicate securely. This can be reduced to the requirement
that A and B either:
a) Share a symmetric key b) share trusted public keys

Key management life cycle

Key

management life cycle

Key management is simplest when all cryptographic

keys are fixed for all time. Cryptoperiods necessitate
the update of keys.
Key update necessitates additional procedures and
protocols, often including communications with third
parties in public-key systems. The sequence of states
which keying material progresses through overt its
lifetime is called the key management life cycle. Life
cycle stages may include:

Key management life cycle

1. user registration
2. user initialization
3. key generation
4. key installation
5. key registration
6. normal use
7. key backup
8. key update
9. archival
10. key de-registration and destruction
11. key recovery
12. key revocation