Differentiating between managing the lifecycle of cryptographic keys, protecting the keys and using the keys

The modern world of cybersecurity can be a confusing place. There are tomes of data, regulations, and mandates in addition to the complex technical aspects. This is especially true when it comes to crypto key management systems (KMSs).

Many business professionals, including CISOs and security managers, are keen to grasp the various facets of crypto keys and their impact. The confusion often lies in discerning the differences between managing the life cycle of the keys, Hardware Security Modules (HSMs) that ensure creation of strong keys and suitable protection when storing and using keys, and applications that make use of cryptographic / encryption keys. To help clear the confusion here are some important concepts that will help improve your understanding of securely managing crypto keys.

Key Management Systems - Managing the Key Life Cycle

The best place to start is to understand the role of the crypto key and why it’s critical to manage its lifecycle. Crypto keys are used as part of the security and confidentiality framework for today’s complex online business applications and processes. Similar to the way we we use keys to unlock doors and start cars, crypto keys are used to grant access to sensitive information and allow the initiation of processes that use this data.

In simple terms, crypto keys are used to encrypt and decrypt sensitive data (for confidentiality) - as well as other security functions, such as digital signatures for data integrity and authenticity. To prevent unauthorized access to information, computer systems will encrypt the data. This process translates the data so that it is unrecognizable. The data then has to be accessed using the proper crypto key to translate it back into a recognizable form. The crypto key can actually be used to encrypt the data, decrypt it or both depending upon the configuration.

In order to allow only authorized applications to utilize these keys, the keys have to be effectively managed. Historically, this has been a manual process but as the use of keys continues to grow exponentially, the need for automated management has become necessary. The primary concern is that when keys are not properly maintained and routinely changed, the keys and the encrypted data becomes increasingly at risk of cyber-attack.

This is where a KMS plays an important role. They assist security professionals in managing the life cycle of a crypto key. This includes the stages of creation, distribution and eventually destruction of the key. The primary purpose of the KMS is to ensure that the right key is in the right place at the right time. Automating the process with a KMS eliminates the element of human error and improves the level of security associated with controlling the key life cycle and the subsequent cryptography.

Key management systems are often used in combination with HSMs in many organizations, for ensuring strong cryptographic key generation and that the keys are used in a secure environment.

For example, a banking-grade KMS will incorporate a dedicated HSM into the system architecture.

The KMS can then distribute these keys to all other secure endpoints, such as business applications and other HSMs, and control the entire life cycle of the keys.

Hardware Security Modules

While the lifecyle KMS is busy managing the creation, distribution, and archival or destruction of keys, the (HSM) incorporates true random number generators (TRNGs) for strong key generation and provides physical safeguarding of the keys when being stored and while they are in use. The HSM is a separate physical cryptographic computing device. For card payment processing systems, an HSM can be used to create a root of trust for all other keys and also provides dedicated cryptographic processing for specific functions.

The HSM ensures that keys do not exist in their unencrypted form (outside of the HSM) while they are being used in the system memory. This includes the KMS servers as well as any machine that may be running the KMS client.

Access to the HSM is strictly prohibited. This prevents the possibility of any tampering with the keys while they are in use. Some HSMs also have built-in security features that detect tampering and will promptly delete information pertaining to the crypto keys in the event of an attempted breach.

The HSM is usually only accessible by authorized personnel via secure and physical admin interfaces. Even then, key information remains encrypted through the use of a session-specific key.

Crypto Keys and Application Usage

This is where the proverbial rubber meets the road. When your business applications need to interact in a secure manner with other internal applications or external business partners, vendors, and payment processors, they need to be given access to keys. Applications will be unable to access encrypted data without them. The applications that need to access and use the keys are sometimes called key targets. The KMS will then distribute keys to the key targets via secured processing that is protected by the HSMs.

Some applications may not require the level of key protection that an HSM provides, and these applications will therefore often use software to store and process the usage of the keys.

An application that needs strong cryptography will typically have its own dedicated HSM(s) to securely store and use the keys that are managed and distributed by the KMS.

Putting It All Together

The process can seem complicated but it becomes much more clear once you understand the role that each individual part plays. In future blogs, we will delve deeper into each of these components to give you a much deeper understanding.