Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
March, 2007<br />
may be stored in backup storage until the end of the private key’s cryptoperiod, and may be<br />
stored in archive storage as long as required.<br />
B.3.3.2 Private Authentication Keys<br />
When the private key is used only for the authentication of transmitted data, whether or not the<br />
authenticated data is subsequently stored, the private authentication key need not be backed up if<br />
a new key pair can be generated and distributed in accordance with Section 8.1.5.1 in a timely<br />
manner. However, if a new key pair cannot be generated quickly, the private key should be<br />
stored in backup storage during the cryptoperiod of the private key. The private key shall not be<br />
stored in archive storage.<br />
When the private authentication key is used to protect stored information only, the authentication<br />
private key should not be backed up if a new key pair can be generated. However, if a new key<br />
pair cannot be generated, the private key should be stored in backup storage during the<br />
cryptoperiod of the private key. The private key shall not be stored in archive storage.<br />
B.3.4 Symmetric Data Encryption Keys<br />
A symmetric data encryption key is used to protect the confidentiality of stored or transmitted<br />
information or both.<br />
Information that is stored needs to be readily available as long as the information is encrypted<br />
(i.e., for as long as the information may need to be recovered); this includes information that is<br />
both transmitted and stored using the same key. The decryption key (which was also used to<br />
encrypt the information) needs to be available during the period of time that the information may<br />
need to be recovered. Therefore, the key should be backed up or archived during this period.<br />
However, at some time the strength of the cryptography may be reduced or lost completely. The<br />
encryption algorithm may no longer offer adequate security or the symmetric key may have been<br />
compromised. If the encryption algorithm has been withdrawn or the cryptoperiod of the<br />
symmetric key has expired, the cryptographic protection shall be regarded as minimal.<br />
Appropriate storage systems are being developed that employ cryptographic time stamps to store<br />
sensitive data beyond the normal security life of the original encryption algorithm or its keys.<br />
In order to allow key recovery, the symmetric data encryption key should be stored in backup<br />
storage during the cryptoperiod of the key, and stored in archive storage after the end of the<br />
key’s cryptoperiod, if required. In many cases, the key is protected and stored with the encrypted<br />
data. The key is wrapped by an archive encryption key or by a symmetric key wrapping key that<br />
is wrapped by a physically protected archive encryption key.<br />
A symmetric data encryption key that is used for transmission only is used by an originating<br />
entity to encrypt information, and by the receiving entity to decrypt the information immediately<br />
upon receipt. If the data encryption key is lost or corrupted, and a new data encryption key can<br />
be easily obtained by the originating and receiving entities, then the key need not be backed up.<br />
However, if the key cannot be easily replaced by a new key, then the key should be backed up if<br />
the information to be exchanged is of sufficient importance. The data encryption key should not<br />
be archived when used for transmission only.<br />
130