IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Organisation Remarks
____________________________________________________________________ .........................................
they should not be stored on those systems. In that case, manual entry as
needed is the obvious answer. Another possibility would be to transfer the
keys to an external data medium, which would then have to be kept securely,
however, as described in the section on the archiving of keys. From the
security point of view, therefore, preference is to be given to the use of
hardware encryption components, where the keys are loaded directly into the
encryption component from the data medium (such as a chip card) and never
leave the encryption component in unencrypted form.
It must always be ensured that preset keys are changed on installation of the
encryption procedure.
Archiving of keys
For the purpose of archiving, it should also be possible to store the
cryptographic key material outside the crypto module in an encrypted form,
and if necessary reload it. To do this, several keys can be combined in one
record, which is then likewise encrypted with the aid of a KEK (key
encryption key). Accordingly, the KEK must also be kept securely (for
example on a chip card in a safe). If the KEK is split into two partial keys, the
two-person rule can be implemented: two different people each have access to
a separate data medium (e.g. a chip card or floppy disk) on which only one of
the two partial keys is stored. In order to generate the KEK, both data media
must be inserted in the crypto module’s reading unit at the same time or
immediately one after the other.
Access and deputisation arrangements
Matters relating to access rights and deputisation rights should be settled in the
security policy. The relevant mechanisms must be supported by key
management and by the crypto modules and devices that are to be used (e.g.
key escrow in the event that a member of staff leaves the company or is absent
for a long period due to illness; see also archiving of keys).
Changing keys
Details of when and how often keys need to be changed must be laid down in
the crypto concept, on the basis of the security policy. The larger the quantity
of encrypted data that is available to an attacker for analysis, the greater the
chance with some algorithms that the analysis process will be successful.
Changing keys on a regular basis minimises the opportunities for attacking
encrypted data. The frequency of changing is dependent on a variety of
factors. The type of encrypted medium (for example long-term data medium
or data transmission medium) is just as significant as the cryptographic
algorithm, the detection of attacks (such as theft of loss of a key) and the
degree to which the data is worth protecting. Other factors playing a part in
determining the frequency of change are how often the key is used, the
relevant threat potential and the security of the local key storage facility.
Depending on which procedure is used, new keys have to be negotiated for
every single communication connection, i.e. session keys have to be used.
This should of course be controlled by the procedures, without the user
noticing. Changing keys in this case means exchanging the master keys that
form the basis on which the session keys are generated, and should of course
also be carried out regularly.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000