Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
March, 2007<br />
8 KEY MANAGEMENT PHASES AND FUNCTIONS ........................................................89<br />
8.1 Pre-operational Phase......................................................................................................92<br />
8.1.1 User Registration Function .................................................................................92<br />
8.1.2 System Initialization Function ............................................................................92<br />
8.1.3 User Initialization Function ................................................................................92<br />
8.1.4 Keying Material Installation Function................................................................92<br />
8.1.5 Key Establishment Function...............................................................................93<br />
8.1.5.1 Generation and Distribution of Asymmetric Key Pairs.......................93<br />
8.1.5.1.1 Distribution of Static Public Keys ........................................................................... 94<br />
8.1.5.1.1.1 Distribution of a Trust Anchor's Public Key in a PKI.......................... 94<br />
8.1.5.1.1.2 Submission to a Registration Authority or Certification Authority...... 95<br />
8.1.5.1.1.3 <strong>General</strong> Distribution............................................................................. 97<br />
8.1.5.1.2 Distribution of Ephemeral Public Keys ................................................................... 97<br />
8.1.5.1.3 Distribution of Centrally Generated Key Pairs ........................................................ 98<br />
8.1.5.2 Generation and Distribution of Symmetric Keys.................................98<br />
8.1.5.2.1 Key Generation........................................................................................................ 99<br />
8.1.5.2.2 Key Distribution ...................................................................................................... 99<br />
8.1.5.2.2.1 Manual Key Distribution ..................................................................... 99<br />
8.1.5.2.2.2 Electronic Key Distribution/Key Transport ....................................... 100<br />
8.1.5.2.3 Key Agreement...................................................................................................... 100<br />
8.1.5.3 Generation and Distribution of Other Keying Material.....................101<br />
8.1.5.3.1 Domain Parameters................................................................................................ 101<br />
8.1.5.3.2 Initialization Vectors ............................................................................................. 101<br />
8.1.5.3.3 Shared Secrets........................................................................................................ 101<br />
8.1.5.3.4 RNG Seeds ............................................................................................................ 101<br />
8.1.5.3.5 Intermediate Results .............................................................................................. 102<br />
8.1.6 Key Registration Function ................................................................................102<br />
8.2 Operational Phase .........................................................................................................102<br />
8.2.1 Normal Operational Storage Function..............................................................103<br />
8.2.1.1 Device or Module Storage .................................................................103<br />
8.2.1.2 Immediately Accessible Storage Media.............................................103<br />
8.2.2 Continuity of Operations Function ...................................................................103<br />
8.2.2.1 Backup Storage ..................................................................................103<br />
8.2.2.2 Key Recovery Function .....................................................................105<br />
8.2.3 Key Change Function .......................................................................................106<br />
10