Cryptography Overview
82 RSA BSAFE Crypto-C Developer’s Guide
Key ManagementThe term key management refers to the collection of processes and methods for
assigning the right keys to communication sessions, providing the right keys to the
right persons, and making sure unauthorized personnel cannot gain access to keys.
Key management is the most difficult security problem. To manage keys properly, an
application must address the following issues:
•Generating keys
•Choosing appropriate values for the keys
•Guarding the privacy of keys transmitted between nodes
•Verifying the authenticity of keys transmitted between nodes
•Using keys in a software environment in an open system
•Keeping backup keys
•Dealing with compromised keys
•Destroying old keys
•Changing keys
Often, the bulk of a security application’s focus will be on key management. Crypto-C
provides a rich suite of cryptographically secure algorithms, but it is up to the
application designer to carefully consider how to manage the keys.
Key EscrowKey escrow allows a designated authority or authorities to recover keys belonging to
someone else. This can be a desirable feature when users lose access to their keys
because they leave an organization or simply forget a password. Key escrow can be
implemented through secret sharing or by encrypting keys with a security officer’s
RSA public key and storing the encrypted copy. To recover the escrowed key, you
must either assemble the necessary shares or have the security officer decrypt the
encrypted key using the appropriate RSA private key.
Key escrow is never automatic with Crypto-C. There is no Crypto-C encryption
method that offers key escrow as part of the algorithm; the developer must make key
escrow part of the application. Crypto-C offers the techniques to implement key
escrow, but it is the developer’s responsibility to decide whether it will be part of the
application, and if so, how it will be executed.