Cryptography Reference
In-Depth Information
Key management is crucial to the security of any cryptosystem. Without secure
procedures for the handling of cryptographic keys throughout their lifecycle,
the benefits of the use of strong cryptographic primitives are potentially lost.
Indeed, it could be argued that if key management is not performed correctly
then there is no point in using cryptography at all.
Cryptographic primitives are rarely compromised through weaknesses in their
design. However they are often compromised through poor key management.
Thus, from a practical perspective, there is a strong case for arguing that this is
the most important chapter in this topic.
This chapter is intended to provide an understanding of the fundamental
principles of key management. However, key management is a complex and
difficult aspect of any cryptosystem. Since it is essentially the interface between
cryptographic mechanisms and the security of a real system, key management
must be closely tailored to the needs of a particular application or organisation.
For example, different solutions will be needed for managing the keys of a
bank, a military organisation, a mobile telephone network, and a home personal
computer.
There is no one correct way of managing keys
. As such, the discussion
in this chapter cannot be prescriptive. Nonetheless, the following treatment
of key management will hopefully explain the main issues and provide useful
guidelines.
At the end of this chapter you should be able to:
• Identify some fundamental principles of key management.
• Explain the main phases in the lifecycle of a cryptographic key.
• Discuss a number of different techniques for implementing the different
phases in the lifecycle of a cryptographic key.
• Identify appropriate key management techniques for specific application
environments.
• Appreciate the need for secure key management policies, practices and
procedures.
