Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
March, 2007<br />
8.1.5.3.5 Intermediate Results<br />
Intermediate results occur during computation using cryptographic algorithms. These results<br />
shall not be distributed.<br />
8.1.6 Key Registration Function<br />
Key registration results in the binding of keying material to information or attributes associated<br />
with a particular entity. This information typically includes the identifier of the entity associated<br />
with the keying material and the intended use of the keying material (e.g., signing key, data<br />
encryption key, etc.). Additional information may include authorization information or specify<br />
the level of trust. The binding is performed after the entity’s identity has been authenticated by a<br />
means that is consistent with the system policy. Human entities are usually required to provide<br />
credentials (e.g., identification card or birth certificate), while system entities are vouched for by<br />
those responsible for their operation. The binding provides assurance to the community at large<br />
that the keying material is used by the correct entity in the correct application. The binding is<br />
often cryptographic, which creates a strong association between the keying material and the<br />
entity. A trusted third party performs the binding. Examples of a trusted third party include a<br />
Kerberos realm server or a PKI certification authority (CA). Identifiers issued by a trusted third<br />
party shall be unique to that party.<br />
When a Kerberos realm server performs the binding, a symmetric key is stored on the server<br />
with the corresponding attributes, In this case, the registered keying material is maintained in<br />
confidential storage (i.e., the keys are provided with confidentiality protection).<br />
When a CA performs the binding, the public key and associated attributes are placed in a public<br />
key certificate, which is digitally signed by the CA. In this case, the registered key material may<br />
be publicly available.<br />
When a CA provides a certificate for a public key, the public key shall be verified to ensure that<br />
it is associated with the private key known by the purported owner of the public key. This<br />
provides assurance of possession. When POP is used to obtain assurance of possession, the<br />
assurance shall be accomplished using the keys for their intended function. For example, the<br />
assurance of possession of a private key transport key is provided using a key transport function,<br />
not a digital signature function.<br />
8.2 Operational Phase<br />
Keying material used during the cryptoperiod of a key is often stored for access as needed.<br />
During storage, the keying material shall be protected as specified in Section 6.2.2. During<br />
normal use, the keying material is stored either on the device or module that uses that material,<br />
or on a readily accessible storage media. When the keying material is required for operational<br />
use, the keying material is acquired from immediately accessible storage when not present in<br />
active memory within the device or module.<br />
To provide continuity of operations when the keying material becomes unavailable for use from<br />
normal operational storage during its cryptoperiod (e.g., because the material is lost or<br />
corrupted), keying material may need to be recoverable. If an analysis of system operations<br />
indicates that the keying material needs to be recoverable, then the keying material shall either<br />
be backed up (see Section 8.2.2.1), or the system shall be designed to allow reconstruction (e.g.,<br />
102