Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
March, 2007<br />
Transition 3: A key that is never used may transition from the pre-activation state to the<br />
compromised state when the integrity of a key or the confidentiality of a key<br />
requiring confidentiality protection becomes suspect before first use.<br />
Transition 4: Keys transition from the pre-activation state to the active state when the key<br />
becomes available for use. This transition may be activated after reaching an<br />
activation date or by an external event. In the case where keys are generated<br />
for immediate use, this transition occurs immediately after entering the preactivation<br />
state.<br />
This transition marks the beginning of a key’s cryptoperiod (see Section 5.3).<br />
Transition 5: An active key may transition from the active state to the compromised state<br />
when the integrity of a key or the confidentiality of a key requiring<br />
confidentiality protection becomes suspect. <strong>General</strong>ly, keys are compromised<br />
when they are released to or determined by an unauthorized entity.<br />
Transition 6: An active key may transition to the deactivated state if it is no longer to be<br />
used to apply cryptographic protection to data or no longer intended to be<br />
used to process cryptographically protected data. A key may transition from<br />
the active state to the deactivated state as a result of a revocation action (see<br />
Section 8.3.5) for a reason other than a key compromise, or if the key is<br />
replaced (see Section 8.2.3), or at the end of the key’s cryptoperiod (see<br />
Sections 5.3.4).<br />
Transition 7: Assuming that a key is not determined to be compromised while in the<br />
deactivated state, a key may transition from the deactivated state to the<br />
destroyed state. In general, a key transitions to the destroyed state as soon as it<br />
is no longer needed<br />
Transition 8: A deactivated key transitions from the deactivated state to the compromised<br />
state when the integrity of a key or the confidentiality of a key requiring<br />
confidentiality protection becomes suspect. <strong>General</strong>ly, keys are compromised<br />
when they are released to or determined by an unauthorized entity.<br />
Transition 9: A key in the compromised state may transition to the destroyed compromised<br />
state when the key is no longer needed to process data.<br />
Transition 10: A destroyed key transitions to the destroyed compromised state if it is<br />
determined that the key was previously compromised. Although the key itself<br />
has already been destroyed, transition to the destroyed compromised state<br />
marks the remaining key attributes to indicate a key compromise.<br />
7.3 States and Transitions for Asymmetric Keys<br />
The preceding discussion of key states and transitions applies to both symmetric and asymmetric<br />
keys; however, some observations that are specific to asymmetric keys are in order.<br />
Asymmetric keys that are or will be certified are in the pre-activation state until certified or until<br />
the “not before” date specified in a certificate has passed. The types of transitions for asymmetric<br />
keys depend on the key type. Examples of transitions follow:<br />
87