Cryptography Reference
In-Depth Information
Chapter 19
Key Management
In this chapter, we elaborate on the key management process. More specifically, we
introduce the topic in Section 19.1, overview and discuss the major phases of a key
life cycle in Section 19.2, address secret sharing, key recovery, and PKIs in Sections
19.3-19.5, and conclude with some final remarks in Section 19.6. Consequently,
this chapter touches on all important questions related to key management. A more
thorough and comprehensive treatment of the questions is beyond the scope of this
topic. It would deserve a topic of its own.
1
19.1
INTRODUCTION
According to RFC 2828, the term
key management
refers to “the process of han-
dling and controlling cryptographic keys and related material (such as initialization
values) during their life cycle in a cryptographic system, including ordering, gener-
ating, distributing, storing, loading, escrowing, archiving, auditing, and destroying
the material” [1]. This definition is fairly broad. The important things to remember
are
•
That key management is a process;
•
That the key management process is about the handling and controlling of
cryptographic keys and related material (e.g., IVs);
•
That there is a life cycle for the cryptographic keys;
•
That there are many activities and tasks that must be addressed in such a key
life cycle.
1
Unfortunately, such a topic is not (yet) available, and there is no reference to be made at this point.
