Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
March, 2007<br />
listed in Section 8.1.5.1.1. The recipient of an ephemeral public key shall obtain assurance of<br />
validity of that key as specified in [SP800-56] prior to using that key for subsequent steps in the<br />
key agreement process.<br />
8.1.5.1.3 Distribution of Centrally Generated Key Pairs<br />
When a static key pair is centrally generated, the key pair shall be generated within a FIPS 140-2<br />
validated cryptographic module or obtained from another source approved by the U.S.<br />
government for protecting national security information for subsequent delivery to the intended<br />
owner of the key pair. A signing key pair generated by a central key generation facility for its<br />
subscribers will not provide strong non-repudiation for those individual subscribers; therefore,<br />
when non-repudiation is required by those subscribers, the subscribers should generate their own<br />
signing key pairs. However, if the central key generation facility generates signing key pairs for<br />
its own organization and distributes them to members of the organization, then non-repudiation<br />
may be provided at an organizational level (but not an individual level).<br />
The private key of a key pair generated at a central facility shall only be distributed to the<br />
intended owner of the key pair. The confidentiality of the centrally generated private key shall be<br />
protected, and the procedures for distribution shall authenticate the recipient's identity as<br />
established during user registration (see Section 8.1.1).<br />
The key pair may be distributed to the intended owner using an appropriate manual method (e.g.,<br />
courier, mail or other method specified by the key generation facility) or secure electronic<br />
method (e.g., a secure communication protocol). The private key shall be distributed in the same<br />
manner as a symmetric key (see Section 8.1.5.2.2). During the distribution process, each key of<br />
the key pair shall be provided with the appropriate protections for that key (see Section 6.1).<br />
When split knowledge procedures are used for the manual distribution of the private key, the key<br />
shall be split into multiple key components that have the same security properties as the original<br />
key (e.g., randomness); each key component shall provide no knowledge of the value of the<br />
original key (e.g., each key component shall appear to be generated randomly).<br />
Upon receipt of the key pair, the owner shall obtain assurance of the validity of the public key<br />
(see [SP800-56] and [FIPS186-3]. The owner shall obtain assurance that the public and private<br />
keys of the key pair are correctly associated (i.e., check that they are a consistent pair, for<br />
example, by checking that a key encrypted under a key transport public key can be decrypted by<br />
the private key transport key).<br />
8.1.5.2 Generation and Distribution of Symmetric Keys<br />
The symmetric keys used for the encryption and decryption of data or other keys and for the<br />
computation of MACs (see Sections 4.2.2 and 4.2.3) shall be determined by an Approved<br />
method and shall be provided with protection that is consistent with Section 6.<br />
Symmetric keys shall be either:<br />
1. Generated and subsequently distributed (see Sections 8.1.5.2.1 and 8.1.5.2.2) either<br />
manually (see Section 8.1.5.2.2.1), using a public key transport mechanism (se Section<br />
8.1.5.2.2.2), or using a previously distributed or agreed upon key encrypting key (see<br />
Section 8.1.5.2.2.2),<br />
2. Established using a key agreement scheme (i.e., the generation and distribution are<br />
accomplished with one process) (see Section 8.1.5.2.3),<br />
98