What Is Key Management?
The process of key management is the complete set of human and automated tasks necessary to create, maintain, protect, and control the use of cryptographic keys. Whether you are encrypting data for confidentiality, using digital certificates for authentication, or executing digital signing processes for document integrity, many key management challenges remain the same. Each key has a lifecycle—it is born, lives a useful life, and is retired. The length of a key’s lifecycle and what exactly happens between its birth and retirement can vary widely depending on the specific application. By managing keys effectively across their entire lifecycle, you can reduce risk, lower deployment costs, and preserve compliance with data protection regulations.
Approaches to Key Management
Depending on your goals, you may be concerned about key management for a single application or you may be looking to manage cryptographic keys more effectively across a set of business processes, either within an organizational unit or across the entire enterprise.
Individual security applications have widely varying characteristics. Consider the differences between 1) encrypting data passing over a dedicated link between two data centers, 2) enabling trusted digital signing for a large contract, 3) ensuring secure transactions for online banking, 4) accepting credit card payments over a secure server for e-commerce, and 5) issuing a smart card for the Chief Security Officer. Though they have different data volumes, frequencies, potential attacks, and business risks, these processes all need effective key management in order to meet their security goals.
Organizations have multiple choices in how to manage keys. Three typical scenarios are:
- Key management through software native tools. At the simplest level, you can utilize the basic key management capabilities native to the individual product or products being deployed. Many commercial encryption products, for example, contain software functionality to handle at least some phases of the key management lifecycle. The emphasis, policies, and general security properties of these key management utilities will vary enormously among products.
- Key management using hardened devices. To better manage risk and ensure control of the entire key lifecycle, you can use purpose-built, hardened key management devices such as hardware security modules (HSMs) to augment commercial and custom applications. Dedicated cryptographic hardware enables you to create an isolated or “trusted” zone for cryptographic functions, thus overcoming the inherent weaknesses of software-based cryptography. Using an independent security platform for key management also creates a powerful separation between the tasks of managing the keys and managing the applications that use those keys. Separating duties to mitigate the threat of a single super-user is a key management best practice and is strongly recommended by security standards such as PCI DSS.
- Centralized key management. In larger scale deployments, organizations managing keys across heterogeneous applications and systems can find themselves facing inconsistent policies, different levels of protection, and escalating costs. Implementing a centralized approach to key management offers a range of benefits, including unified policies, system-wide key revocation, automated key delivery, consolidated auditing, clear separation of duties, and a single key repository to protect and back up. By adopting a more strategic, top-down approach to key management, you can exercise a greater degree of control across the organization while improving operational efficiency. Organizations implementing centralized key management must carefully consider the security properties of a system that can become an attractive target for attackers. They also must maintain a high level of availability; resilience and fail-over mechanisms are needed to ensure that the central key management process does not become a single point of failure.