Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
March, 2007<br />
a. When a symmetric key is used only for securing communications, the period of time<br />
from the originator’s application of protection to the recipient’s processing is negligible.<br />
In this case, the key is authorized for either purpose during the entire cryptoperiod, i.e.,<br />
the originator usage period and the recipient usage period are the same.<br />
b. When a symmetric key is used to protect stored information, the originator usage period<br />
(when the originator applies cryptographic protection to stored information) may end<br />
much earlier than the recipient usage period (when the stored information is processed).<br />
In this case, the cryptoperiod begins at the initial time authorized for the application of<br />
protection with the key, and ends with the latest time authorized for processing using that<br />
key. In general, the recipient usage period for stored information will continue beyond<br />
the originator usage period, so that the stored information may be authenticated or<br />
decrypted at a later time.<br />
c. When a symmetric key is used to protect stored information, the recipient usage period<br />
may start after the beginning of the originator usage period as shown in Figure 1. For<br />
example, information may be encrypted before being stored on a compact disk. At some<br />
later time, the key may be distributed in order to decrypt and recover the information.<br />
Figure 1: Symmetric key cryptoperiod (Example C)<br />
48