Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
March, 2007<br />
of keying material and other related information. An “OK” indicates that storage is permissible,<br />
but not necessarily required. The final determination for backup should be made based on the<br />
application in which the keying material is used. A detailed discussion about each type of key<br />
and other cryptographic information is provided in Appendix B.3.<br />
Keying material maintained in backup should remain in storage for at least as long as the same<br />
keying material is maintained in storage for normal operational use (see Section 8.2.1). When no<br />
longer needed for normal operational use, the keying material and other related information<br />
should be removed from backup storage. When removed from backup storage, all traces of the<br />
information shall be destroyed in accordance with Section 8.3.4.<br />
A discussion of backup and recovery is provided in [ITLBulletin].<br />
Table 7: Backup of keys<br />
Type of Key Backup?<br />
Private signature key No (in general); non-repudiation would be in question.<br />
However, it may be warranted in some cases - a CA’s<br />
signing private key, for example. When required, any<br />
backed up keys shall be stored under the owner’s control.<br />
Public signature verification key OK; its presence in a public-key certificate that is available<br />
elsewhere may be sufficient.<br />
Symmetric authentication key OK<br />
Private authentication key OK, if required by an application.<br />
Public authentication key OK; its presence in a public-key certificate that is available<br />
elsewhere may be sufficient.<br />
Symmetric data encryption key OK<br />
Symmetric key wrapping key OK<br />
Random number generation key Not necessary and may not be desirable, depending on the<br />
application.<br />
Symmetric master key OK<br />
Private key transport key OK<br />
Public key transport key OK; its presence in a public-key certificate that is available<br />
elsewhere may be sufficient.<br />
Symmetric key agreement key OK<br />
Private static key agreement key No, unless needed for reconstruction during key recovery.<br />
However, when ephemeral information (e.g., a private<br />
ephemeral key agreement key) is used in a key agreement<br />
scheme, knowledge of the private static key agreement key<br />
and any public keys will not be sufficient.<br />
104