Key Management System - Cryptomathic

Key Management System

Across all industries the requirements for managing cryptographic keys are becoming ever-more complex. Ensuring that the right key is in the right place at the right time is mandated by many organisations, i.e. major card payment scheme providers. This is a complicated requirement as most businesses need to manage an ever-increasing number of keys, while reducing the risk of internal and external fraud, as well as keeping costs at a minimum.

The Cryptomathic Key Management System (KMS) streamlines administration and reduces costs associated with traditional key management. Through its flexible and automated protocols, KMS gives users the flexibility to manage a very large number of keys - throughout their entire life cycle - without drowning in work. Using Cryptomathic KMS, administrators can uniformly and centrally manage the life cycle of all cryptographic keys across a range of encryption platforms.

Key Management Functions of Cryptomathic KMS

  • Generation / back up / restore / update
  • Distribution - automated or in key shares
  • Import or export in key shares
  • Enforce security controls
  • Encryption using Key Encryption Keys (KEKs) / Zone Master Keys (ZMKs)
  • Certification (e.g. using X.509 or EMV certificates)

Key Life Cycle

KMS manages all aspects of cryptographic keys during their life cycle

Keys can be securely generated and pushed to any key distribution target as and when required, and key custodians can use asynchronous log-on to projects for adding components securely - reducing the need for manual key ceremonies, while vastly improving workflows.

Based on industry standards, KMS ensures compliance and simplifies internal and external audits.

KMS Features

  • At your desk key ceremonies
  • Automated key distribution and updating - watch video
  • Centralised life cycle key management
  • Compliance 
    • Authorities: FIPS, Internal audit, PCI, Payment schemes and S/O
    • Domains: Physical (e.g. tamper) & logical security (crypto/SW/system design)
  • Configurable role-based access
  • Flexible key attributes eliminate paperwork
  • High availablility and scalability
  • Searchable tamper evident audit log
  • Support for all major HSM brands
  • Trusted path using secure PIN pads

Click here for specifications.


KMS customers range from medium size enterprises to multinational companies in technology manufacturing and finance. Our key management customers include global players such as First Data, Infineon Technologies and MasterCard.

Click here for MasterCard case study.


Key Management System Video