1 year ago


Campbell on Crypto

Campbell on Crypto Crypto Management 101: Four Steps to Better Protection By Shawn Campbell Previous installments of this column have discussed the critical importance of encryption for data protection. In addition to strong encryption, however, cryptographic keys used during the encryption process must be treated with the same level of care. The encryption process generates cryptographic keys that are used to encrypt (“lock”), and decrypt (“unlock”) data. The more you encrypt, the more encryption keys you have to store and manage. If these keys are stolen or copied, they can be used to decrypt sensitive data, negating the entire encryption process. Consequently, many organizations are starting to realize they need a centralized strategy to manage the keys they need for their encryption needs. A solid cryptographic key management strategy has four elements: • High Assurance Cryptographic Key Protection • Cryptographic processing and acceleration • Key lifecycle management • Cryptographic Resource Management Let’s look at each step. High Assurance Cryptographic Key Protection Depending on the value of data being protected, and the variety of keys needing to be stored, organizations can store their keys either in hardware or in software. For keys that protect highly sensitive data and applications, a centralized, hardwarebased approach is best. In this approach, a hardware security module is used. Nothing ever enters or leaves this tamper-resistant vault, and keys are more isolated from traditional network attacks. If the module becomes compromised, the keys will zero out and become useless. The best applications of centralized key storage are cases like code signing, certificate validation, transaction processing and Public Key Infrastructure. These involve limited key distribution, with keys used for very specific reasons. Some applications may require a more distributed model, where cryptographic keys must exist in close proximity to the data and applications they secure. 20 Cryptographic Processing and Acceleration Protection Organizations must review their current workflows and applications. Where will encryption and decryption be happening? Depending on where and how quickly the encryption must run, high-speed cryptographic processors may be needed. This can help organizations avoid processing bottlenecks and increase system capacity. The key is to find a solution that can be easily implemented and supports industry standard APIs out of the box, which can greatly simplify integration. Key Lifecycle Management Successful key management takes an integrated approach to generating, storing, distributing, rotating, revoking, suspending and terminating keys for devices and applications. Here are things to consider through the lifecycle of a crypto key: Key generation and certification. Make sure the key strength matches the sensitivity of the data. The longer the key, the stronger the encryption,

and the less susceptible it is to brute force attacks. Key distribution. Each key must be associated with a particular user, system, application or policy. This helps the organization understand how to secure the key, especially in transit. Have separate access for the administrator creating the key and the person using it. That way, it is assured that unauthorized users can’t get access to confidential information. Key storage. Centralized, hardware-based key storage is recommended for keys that protect highly sensitive data and applications. Distributed storage is used when cryptographic keys must exist nearby secured data and applications. Key rotation. Each key should be designated an effective crypto period, with the ability to change key on demand. It’s important to limit the amount of data encrypted with a single key because using the same key over a long duration of time increases the chances that the key will be compromised. Rotating keys regularly ensures stolen keys are only useful for a specific time period. Key backup and recovery. If the key storage mechanism fails or is compromised, there must be a way to restore the keys. Backup copies of cryptographic keys should be kept in a storage mechanism that is at least as secure as the original store. Concrete procedures must be documented to handle a key compromise as well. Key revocation, suspension, and termination. Every organization must be able to delete keys associated with compromised systems or data, to ensure unauthorized users can never decrypt sensitive assets. The more you encrypt, the more encryption keys you have to store and manage. If these keys are stolen or copied, they can be used to decrypt sensitive data, negating the entire encryption process. Sometimes there may be the need to take a key out of the lineup but not terminate it. For instance, data that may be used for legal proceedings may need to be recalled; those keys should only be suspended. Cryptographic Resource Management For policy enforcement, transparency, and system health, every organization should have one, easy-to-use interface that administers, monitors and provisions cryptographic resources. System capabilities must include: Resource deployment. Provision cryptographic resources and create security access for multiple administrators at multiple access levels. 21 System Administrators and Security Officers should be able to perform their duties without compromising the Application Owner ability to access and control the keys. Policy Configuration. Determine how many keys can be generated, and where they are stored. Establish policies for key usage and custodial duties, with appropriate training requirements. Monitoring and reporting. Secure, automated and unified logging and reporting are vital to risk and compliance posture. Key ownership and any modifications to that ownership must be recorded and securely stored to maintain an authentic audit trail. With a solid cryptographic key management infrastructure an organization can appropriately protect their “keys to the kingdom” and meet their encryption needs such as diversity and availability of keys, encryption performance, management and storage of keys, and address compliance and risk management requirements. Shawn Campbell is VP of Product Management, SafeNet Assured Technologies. He can be reached at Shawn.