If crypto keys aren't protected, they can't protect data
NIST updates recommendations for managing the foundation of data security
- By William Jackson
- May 09, 2011
Creating and sharing the secret keying material that underlies cryptographic algorithms is a complex security challenge. The keys protect data, but they must be protected themselves. And a poor password that provides access to the keys can give everything away.
The National Institute of Standards and Technology is updating its guidance for managing crypto keys, releasing for comment a draft revision of Special Publication 800-57 part 1, “Recommendation for Key Management.”
This is the third revision of the document, which was first published in 2005 and updated in 2006 and 2007. This revision aligns the document with SP 800-131A, “Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths,” which was published in January, and is a general update of the document. Changes in the current draft include some new definition and updated references to documents published since the last revision.
NIST laying the groundwork for more advanced cryptography
Cryptographic keys are the foundation of data security. NIST likens keys to the combination to a safe, pointing out that the strongest safe offers no protection against someone who has the combination.
“Ultimately, the security of information protected by cryptography directly depends on the strength of the keys, the effectiveness of mechanisms and protocols associated with keys, and the protection afforded to the keys,” the recommendation states. “All keys need to be protected against modification, and secret and private keys need to be protected against unauthorized disclosure. Key management provides the foundation for the secure generation, storage, distribution, and destruction of keys.”
SP 800-57 is published in three parts. Part 2 covers general organization and management requirements and part 3 offers application-specific key management guidance.
Part 1, which is being revised:
- Defines the security services that may be provided and key types employed in using
- Provides background information regarding the cryptographic algorithms that use cryptographic keying material.
- Classifies the different types of keys and other cryptographic information according to their functions, specifies the protection that each type of information requires, and identifies methods for providing this protection.
- Identifies the states in which a cryptographic key may exist during its lifetime.
- Identifies the multitude of functions involved in key management.
- Discusses a variety of key management issues related to the keying material. Topics discussed include key usage, cryptoperiod length, domain parameter validation, public-key validation, accountability, audit, key management system survivability, and guidance for cryptographic algorithm and key-size selection.
One addition to the proposed revision is a brief discussion of passwords that can be used to control access to crypto keys, and which must be managed as securely as the keys themselves.
“For example, if the password will be used to access cryptographic keys that are used to provide 128 bits of security strength when protecting data, then the password needs to be provided with at least 128 bits of protection as well,” the document states.
Poorly-selected passwords could provide inadequate security and could be a weak point in cryptographic defenses.
“It may be far easier to guess the password than to attempt to ‘break’ the cryptographic protection used on the password,” the document warns. “It is the responsibility of users and organizations to select passwords that provide the requisite amount of protection for the keys they protect.”
Comments on the draft of SP 800-57 part 1 should be sent by July 1 to [email protected] with “SP 800-57, Part 1 comments” in the subject line.
William Jackson is a Maryland-based freelance writer.