Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
March, 2007<br />
2. The application in which the key will be used (e.g., interactive communications, file<br />
storage),<br />
3. Whether the key is "owned" by the local entity (e.g., a private key) or by another entity<br />
(e.g., the other entity's public key) or is shared (e.g., a symmetric data encryption key<br />
shared by two entities),<br />
4. The role of the entity in a communication (e.g., sender of receiver), and<br />
5. The algorithm or computation in which the key will be used (e.g., does the entity have the<br />
necessary information to perform a given computation if the key were to be recovered) 28 .<br />
The factors involved in a decision for or against key recovery should be carefully assessed. The<br />
trade-offs are concerned with continuity of operations versus the risk of possibly exposing the<br />
keying material and the information it protects if control of the keying material is lost. If it is<br />
determined that a key needs to be recovered, and the key is still active (i.e., the cryptoperiod of<br />
the key has not expired), then the key may be replaced in order to limit the exposure of the data<br />
protected by that key (see Section 8.2.3).<br />
Issues associated with key recovery and discussions about whether or not different types of<br />
cryptographic material need to be recoverable are provided in Appendix B.<br />
8.2.3 Key Change Function<br />
Key change is the replacement of a key with another key that performs the same function as the<br />
original key. There are several reasons for changing a key.<br />
1. The key may have been compromised.<br />
2. The key’s cryptoperiod may be nearing expiration.<br />
3. It may be desirable to limit the amount of data protected with any given key.<br />
A key may be replaced by re-keying or by key update.<br />
8.2.3.1 Re-keying<br />
If the new key is generated in a manner that is entirely independent of the “value” of the old key,<br />
the process is known as re-keying. This replacement shall be accomplished using one of the key<br />
establishment methods discussed in Section 8.1.5. Re-keying is used when a key has been<br />
compromised (provided that the re-keying scheme itself is not compromised) or when the<br />
cryptoperiod is nearing expiration.<br />
8.2.3.2 Key Update Function<br />
If the “value” of the new key is dependent on the value of the old key, the process is known as<br />
key update (i.e., the current key is modified to create a new key). This shall be accomplished by<br />
applying a non-reversible function to the old key and other data. Unlike re-keying, key update<br />
does not require the exchange of any new information between the entities that previously shared<br />
the old key. For example, the two entities may agree to update their shared key on the first day of<br />
each month. Since a non-reversible function is used in the update process, previous keys are<br />
28<br />
This could be the case when performing a key establishment process for some key establishment schemes (see SP<br />
800-56).<br />
106