The problem of recovery should LMK components be lost is considerable. Therefore the first thing to advise is to ensure that this doesn't happen by making several copies of them and, if possible, keep the components in separate secure locations.

Should this happen, DO NOT TAMPER THE HSM. In order to recover even some keys that are encrypted under this LMK an intact LMK must be present in the HSM.

Important Note:

Not all keys can be recovered due to the method used to do the recovery. It is not possible to encrypt a ZMK under another ZMK, therefore any ZMK's that have been lost can not be recovered.

Method.

Due to the possible number of key translates this may be time consuming.

In order to recover LMK encrypted keys:

1: Generate a new ZMK.

2: Encrypt the keys from under the old LMK to encryption under the new ZMK.

3: Generate a new LMK.

4: Translate the keys from encryption under the new ZMK to encryption under the new LMK.

Note:

Standard Host commands are available and can be found in the RG7000 Programmers Manual.

Important:

Once the old LMK is lost this procedure can not be carried out, therefore the last operation is to load the new LMK into the original HSM.

In order to provide the maximum amount of safety when performing this procedure it is highly advisable to use two HSM's. The first HSM (HSM1) contains the only copy of the original LMK and the new LMK is generated in the second HSM (HSM2).

The keys are translated to encryption under the ZMK in HSM1 and then translated to encryption under the new LMK in HSM2.

From there on all processing and testing would take place in HSM2 to ensure that all keys are translated and working, before the new LMK in HSM2 is stored in HSM1.

NOTE:

Generation of the new LMK in the original HSM will wipe out the old LMK. Once this is done any keys that were previously encrypted under the old LMK will be unusable.