This Key Management Cheat Sheet provides developers with guidance for implementation of cryptographic key management within an application in a secure manner. It is important to document and harmonize rules and practices for: Formulate a plan for the overall organization's cryptographic strategy to guide developers working on different applications and ensure that each application's cryptographic capability meets minimum requirements and best practices. Identify the cryptographic and key management requirements for your application and map all
components that process or store cryptographic key material. Selection of the cryptographic and key management algorithms to use within a given application should begin with an understanding of the objectives of the application. For example, if the application is required to store data securely, then the developer should select an algorithm suite that supports the objective of data at rest protection security. Applications that
are required to transmit and receive data would select an algorithm suite that supports the objective of data in transit protection. We have provided recommendations on the selection of crypto suites within an application based on application and security objectives. Application developers oftentimes begin the development of crypto and key management capabilities by examining what is available in a library. However, an analysis of the real needs of the
application should be conducted to determine the optimal key management approach. Begin by understanding the security objectives of the application which will then drive the selection of cryptographic protocols that are best suited. For example, the application may require: Once the understanding of the security needs of the application is achieved, developers can determine what protocols and algorithms are required. Once the protocols and algorithms are understood, you can begin to define the different types of keys that will support the application's objectives. There are a diverse set of key types and certificates to consider, for example: According to Hash functions can be found in digital signature algorithms (
Cryptographic hash functionsCryptographic hash functions do not require keys. Hash functions generate a relatively small digest (hash value) from a (possibly) large input in a way that is fundamentally difficult to reverse (i.e., it is hard to find an input that will produce a given output). Hash functions are used as building blocks for key management, for example,
Symmetric-key algorithmsSymmetric-key algorithms (sometimes known as secret-key algorithms) transform data in a way that is fundamentally difficult to undo without knowledge of a secret key. The key is "symmetric" because the same key is used for a cryptographic operation and its inverse (e.g., encryption and decryption). Symmetric keys are often known by more than one entity; however, the key shall not be disclosed to entities that are not authorized access to the data protected by that algorithm and key. Symmetric key algorithms are used, for example,
Asymmetric-key algorithmsAsymmetric-key algorithms, commonly known as public-key algorithms, use two related keys (i.e., a key pair) to perform their functions: a public key and a private key. The public key may be known by anyone; the private key should be under the sole control of the entity that "owns" the key pair. Even though the public and private keys of a key pair are related, knowledge of the public key does not reveal the private key. Asymmetric algorithms are used, for example,
Message Authentication Codes (MACs)Message Authentication Codes (MACs) provide data authentication and integrity. A MAC is a cryptographic checksum on the data that is used in order to provide assurance that the data has not changed and that the MAC was computed by the expected entity. Although message integrity is often provided using non-cryptographic techniques known as error detection codes, these codes can be altered by an adversary to effect an action to the adversary's benefit. The use of an approved cryptographic mechanism, such as a MAC, can alleviate this problem. In addition, the MAC can provide a recipient with assurance that the originator of the data is a key holder (i.e., an entity authorized to have the key). MACs are often used to authenticate the originator to the recipient when only those two parties share the MAC key. Digital SignaturesDigital signatures are used to provide authentication, integrity and non-repudiation. Digital signatures are used in conjunction with hash functions and are computed on data of any length (up to a limit that is determined by the hash function).
Key Encryption KeysSymmetric key-wrapping keys are used to encrypt other keys using symmetric-key algorithms. Key-wrapping keys are also known as key encrypting keys. Key StrengthReview
Memory Management ConsiderationsKeys stored in memory for a long time can become "burned in". This can be mitigated by splitting the key into components that are frequently updated. Loss or corruption of the memory media on which keys and/or certificates are stored, and recovery planning, according to Plan for the recovery from possible corruption of the memory media necessary for key or certificate generation, registration, and/or distribution systems, subsystems, or components as recommended in Perfect Forward SecrecyEphemeral keys can provide perfect forward secrecy protection, which means a compromise of the server's long term signing key does not compromise the confidentiality of past sessions. Refer to TLS cheat sheet. Key UsageAccording to NIST, in general, a single key should be used for only one purpose (e.g., encryption, authentication, key wrapping, random number generation, or digital signatures). There are several reasons for this:
Cryptographic Module TopicsAccording to Key Management Lifecycle Best PracticesGenerationCryptographic keys shall be generated within cryptographic module with at least a Any random value required by the key-generating module shall be generated within that module; that is, the Random Bit Generator
that generates the random value shall be implemented within cryptographic module with at least a Hardware cryptographic modules are preferred over software cryptographic modules for protection. DistributionThe generated keys shall be transported (when necessary) using secure channels and shall be used by their associated cryptographic algorithm within at least a Storage
Escrow and BackupData that has been encrypted with lost cryptographic keys will never be recovered. Therefore, it is essential that the application incorporate a secure key backup capability, especially for applications that support data at rest encryption for long-term data stores. When backing up keys, ensure that the database that is used to store the keys is encrypted using at least a Never escrow keys used for performing digital signatures, but consider the need to escrow keys that support encryption. Oftentimes, escrow can be performed by the Certificate Authority (CA) or key management system that provisions certificates and keys, however in some instances separate APIs must be implemented to allow the system to perform the escrow for the application. Accountability and AuditAccountability involves the identification of those that have access to, or control of, cryptographic keys throughout their lifecycles. Accountability can be an effective tool to help prevent key compromises and to reduce the impact of compromises once they are detected. Although it is preferred that no humans are able to view keys, as a minimum, the key management system should account for all individuals who are able to view plaintext cryptographic keys. In addition, more sophisticated key-management systems may account for all individuals authorized to access or control any cryptographic keys, whether in plaintext or ciphertext form. Accountability provides three significant advantages:
Certain principles have been found to be useful in enforcing the accountability of cryptographic keys. These principles might not apply to all systems or all types of keys. Some of the principles that apply to long-term keys controlled by humans include:
Two types of audit should be performed on key management systems:
New technology developments and attacks should be taken into consideration. On a more frequent basis, the actions of the humans that use, operate and maintain the system should be reviewed to verify that the humans continue to follow established security procedures. Strong cryptographic systems can be compromised by lax and inappropriate human actions. Highly unusual events should be noted and reviewed as possible indicators of attempted attacks on the system. Key Compromise and RecoveryThe compromise of a key has the following implications:
The following procedures are usually involved:
A compromise-recovery plan is essential for restoring cryptographic security services in the event of a key compromise. A compromise-recovery plan shall be documented and easily accessible. The compromise-recovery plan should contain:
Trust Stores
Cryptographic Key Management LibrariesUse only reputable crypto libraries that are well maintained and updated, as well as tested and validated by third-party organizations (e.g., Documentation
What is a peer graded assignment?When you submit a peer-reviewed assignment, other learners in the course will review your work and submit feedback. You'll also need to give feedback to other learners. Your grade might be affected if you don't give feedback.
How do you pass all peer graded assignments on Coursera?You have to complete your assignment and click on Submit. Then you'll be guided to a page where you'll be given 3 submissions to review. After you're done with reviewing, you have to wait till your assignment is graded by at least 3 peers.
Can I skip peer graded assignment in coursera?The description for the peer-graded assignment says it is optional. Will it affect my certification process if it was not completed? A Jose A_1 le gusta esto. Yes, you can skip over optional assignments in any course.
Is it necessary to do peer graded assignment in coursera?The only way to obtain a certificate is to fulfill the requirements of the course, which includes peer graded assignments. If you don't want to do the assignments or grade them, you may audit the course, but you will not get the certificate.
|