31.07.2013 Views

Part 1: General - Computer Security Resource Center - National ...

Part 1: General - Computer Security Resource Center - National ...

Part 1: General - Computer Security Resource Center - National ...

SHOW MORE
SHOW LESS

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

March, 2007<br />

only, and then shall be replaced as soon after the recovery process as possible. Instead of<br />

backing up the private signature key, a second private signature key and associated public key<br />

could be generated, and the public key distributed in accordance with Section 8.1.5.1 for use if<br />

the primary private signature key becomes unavailable. If backup is considered for the private<br />

signature key, an assessment should be made as to its importance and the time needed to recover<br />

the key, as opposed to the time needed to generate a key pair, and certify and distribute a new<br />

public signature verification key.<br />

A private signature key shall not be archived.<br />

B.3.2 Symmetric Authentication Keys<br />

A symmetric authentication key is used to provide assurance of the integrity and source of<br />

information. A symmetric authentication key can be used:<br />

(1) by an originator to create a message authentication code (MAC) that can be verified at a<br />

later time to determine the authenticity or integrity of the authenticated information; the<br />

authenticated information and its MAC could then be stored for later retrieval or<br />

transmitted to another entity,<br />

(2) by an entity that retrieves the authenticated information and the MAC from storage to<br />

determine the integrity of the stored information (Note: This is not a communication<br />

application),<br />

(3) immediately upon receipt by a receiving entity to determine the integrity of transmitted<br />

information and the source of that information (the received MAC and the associated<br />

authenticated information may or may not be subsequently stored), or<br />

(4) by a receiving and retrieving entity to determine the integrity and source of information<br />

that has been received and subsequently stored using the same MAC (and the same<br />

authentication key); checking the MAC is not performed prior to storage.<br />

For each of the above cases, a decision to provide a key recovery capability should be made<br />

based on the following considerations.<br />

In case 1, the symmetric authentication key need not be backed up if the originator can<br />

establish a new authentication key prior to computing the MAC, making the key available<br />

to any entity that would need to subsequently verify the information that is authenticated<br />

using this new key. If a new authentication key cannot be obtained in a timely manner,<br />

then the authentication key should be backed up or archived.<br />

In case 2, the symmetric authentication key should be backed up or archived for as long<br />

as the integrity of the information needs to be determined. However, at some time the<br />

cryptographic strength of the MAC may be reduced or lost completely. The MAC<br />

algorithm may no longer offer adequate security or the MAC key may have been<br />

compromised. If the MAC algorithm has been withdrawn or the cryptoperiod of the MAC<br />

key has expired, the MAC shall be regarded as an error detection code rather than a<br />

cryptographic integrity check. Appropriate storage systems are being developed that<br />

employ cryptographic time stamps to store sensitive data beyond the normal security life<br />

of the original MAC mechanism or its keys.<br />

In case 3, the symmetric authentication key need not be backed up if the authentication<br />

key can be resent to the recipient. In this case, establishing and distributing a new<br />

128

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!