Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
3. Determined by a key update process (see Section 8.2.3.2), or<br />
4. Derived from a master key (see Section 8.2.4).<br />
March, 2007<br />
8.1.5.2.1 Key Generation<br />
Symmetric keys determined by key generation methods shall be either generated by an<br />
Approved random number generation method, created from the previous key during a key update<br />
procedure (see Section 8.2.3.2), or derived from a master key (see Section 8.2.4) using an<br />
Approved key derivation function.<br />
When split knowledge procedures are used, the key shall exist as multiple key components. The<br />
keying material may be created and then split into components, or may be created as separate<br />
components. Each key component shall provide no knowledge of the key value (e.g., each key<br />
component must appear to be generated randomly). If knowledge of k (where k is less than or<br />
equal to n) components is required to construct the original key, then knowledge of any k-1 key<br />
components shall provide no information about the original key other than, possibility, its length.<br />
Note: A suitable combination function is not provided by simple concatenation; e.g., it is not<br />
acceptable to form an 80 bit key by concatenating two 40-bit key components.<br />
All keys shall be generated within a FIPS 140-2 validated cryptographic module or obtained<br />
from another source approved by the U.S. Government for the protection of national security<br />
information.<br />
8.1.5.2.2 Key Distribution<br />
Keys generated in accordance with Section 8.1.5.2.1 as key encrypting keys (used for key<br />
wrapping), as the initial key for key update, as master keys to be used for key derivation, or for<br />
the protection of communicated information are distributed manually (manual key transport) or<br />
using an electronic key transport protocol (electronic key transport).<br />
Keys used only for the storage of information (i.e., data or keying material) should not be<br />
distributed except for backup or to other authorized entities that may require access to the<br />
information protected by the keys.<br />
8.1.5.2.2.1 Manual Key Distribution<br />
Keys distributed manually (i.e., by other than an electronic key transport protocol) shall be<br />
protected throughout the distribution process. During manual distribution, secret or private keys<br />
shall either be encrypted or be distributed using appropriate physical security procedures. If<br />
multi-party control is desired, split knowledge procedures may be used as well. The manual<br />
distribution process shall assure that:<br />
1. The distribution of keys is from an authorized source,<br />
2. Any entity distributing plaintext keys is trusted by both the entity that generates the keys<br />
and the entity(ies) that receives the keys,<br />
3. The keys are protected in accordance with Section 6, and<br />
4. The keys are received by the authorized recipient.<br />
When distributed in encrypted form, the key shall be encrypted by an Approved key wrapping<br />
scheme using a key encrypting key that is used only for key wrapping, or by an Approved key<br />
transport scheme using a public key transport key owned by the intended recipient. The key<br />
99