Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
B.3.5 Symmetric Key Wrapping Keys<br />
March, 2007<br />
A symmetric key wrapping key is used to wrap (i.e., encrypt) keying material that is to be<br />
protected and may be used to protect multiple sets of keying material. The protected keying<br />
material is then transmitted or stored or both.<br />
If a symmetric key wrapping key is used only to transmit keying material, and the key wrapping<br />
key becomes unavailable (e.g., is lost or corrupted), it may be possible to either resend the key<br />
wrapping key, or to establish a new key wrapping key and use it to resend the keying material. If<br />
this is possible within a reasonable timeframe, backup of the key wrapping key is not necessary.<br />
If the key wrapping key cannot be resent or a new key wrapping key cannot be readily obtained,<br />
backup of the key wrapping key should be considered. The archive of a key wrapping key that is<br />
only used to transmit keying material is not necessary.<br />
If a symmetric key wrapping key is only used to protect keying material in storage, then the key<br />
wrapping key should be backed up or archived for as long as the keying material may need to be<br />
accessed. However, at some time the strength of the key wrapping may be reduced or lost<br />
completely. The key wrapping algorithm may no longer offer adequate security or the key<br />
wrapping key may have been compromised. If the wrapping algorithm has been withdrawn or<br />
the cryptoperiod of the key wrapping key has expired, the cryptographic protection shall be<br />
regarded as minimal. Appropriate storage systems are being developed that employ<br />
cryptographic time stamps to store sensitive data beyond the normal security life of the original<br />
wrapping algorithm or its key wrapping keys.<br />
If a symmetric key wrapping key is used for the protection of keying material during both<br />
transmission and subsequent storage, then the key wrapping key should be backed up or<br />
archived for as long as the keying material may need to be accessed.<br />
B.3.6 Random Number Generation Keys<br />
A key used for deterministic random bit generation shall not be backed up or archived. If this<br />
key is lost or modified, it shall be replaced with a new key.<br />
B.3.7 Symmetric Master Keys<br />
A symmetric master key is normally used to derive one or more other keys. It shall not be used<br />
for any other purpose.<br />
The determination as to whether or not a symmetric master key needs to be backed up or<br />
archived depends on a number of factors:<br />
1. How easy is it to establish a new symmetric master key? If the master key is distributed<br />
manually (e.g., in smart cards or in hard copy by receipted mail), the master key should<br />
be backed up or archived. If a new master key can be easily and quickly established using<br />
electronic key establishment protocols, then the backup or archiving of the master key<br />
may not be desirable, depending on the application.<br />
2. Are the derived keys recoverable without the use of the symmetric master key? If the<br />
derived keys do not need to be backed up or archived (e.g., because of their use) or<br />
recovery of the derived keys does not depend on reconstruction from the master key (e.g.,<br />
the derived keys are stored in an encrypted form), then the backup or archiving of the<br />
master key may not be desirable. If the derived keys need to be backed up or archived,<br />
131