How to properly do private key management

by

I’m familiar with the pain you’re going through. We struggled to update an old EFT system towards PCI compliance. Key management was certainly (from my software point of view) the most challenging part.

I think I also stumbled into the NIST Recommendations for Key Management that Martin posted, and got incredibly frustrated with the lack of concrete examples.

ANSI X9.17 – Financial Institution Key Management is probably the most relevant to your needs, with PCI-DSS. Good luck reading it though, the document is a massive collection of TLA’s which I know I certainly struggled to read. (X9.17 is updated yearly, and latest version is now: NIST SP 800-57 Pt. 1 Rev. 4 )

When frustration turned to desperation I stumbled into The Electronic Money Mill which is a fictional tale, with a good number of relevant technical references. Chapter 17 discusses X9.17 and may help with the understanding.

From all this reference material I designed a key management system that our auditor was pleased with. The design documents are fairly lengthy, but in summary the idea is that you have your Data Encrypying Key protected by a Key Encrypting Key, and the Key Encrypting Key is stored on a physically separate box, itself protected by a Master Key.

My implementation was to have a Key Server application running on a windows box. This application required entry of two separate ‘key server master keys’ before it could be used. These keys would be known only to the key server administrators. These keys are xor’d together to generate the Master Key, which is stored only in protected memory whilst the application is running. Application can then automatically generate cryptographically strong Key Encrypting Keys, which are stored in encrypted form using the Master Key.

Applications that have a need for encryption will request a Key Encrypting Key from the Key Server. The KEK is used by the application to encrypt/decrypt the Data Encrypting Key, which can be stored securely with the application data.

Good luck. I hope you also find it an interesting challenge!

More Related Contents:

  1. Fundamental difference between Hashing and Encryption algorithms
  2. Is “double hashing” a password less secure than just hashing it once?
  3. Non-random salt for password hashes
  4. Where do you store your salt strings?
  5. Why is using a Non-Random IV with CBC Mode a vulnerability?
  6. How are software license keys generated?
  7. Payment Processors – What do I need to know if I want to accept credit cards on my website? [closed]
  8. What is the most secure seed for random number generation?
  9. Where is the PEM file format specified?
  10. RSA signature size?
  11. What is the appropriate way to manage API secrets within a Google Apps script?
  12. How can I hash passwords in postgresql?
  13. What is the clash rate for md5? [closed]
  14. What is the best way to implement “remember me” for a website? [closed]
  15. Best way to handle security and avoid XSS with user entered URLs
  16. How do you protect your software from illegal distribution? [closed]
  17. How can I throttle user login attempts in PHP
  18. What should every programmer know about security? [closed]
  19. What is happening when I have two CSP (Content Security Policies) policies – header & meta?
  20. Username and password in https url
  21. What is the difference between a cer, pvk, and pfx file?
  22. Why do salts make dictionary attacks ‘impossible’?
  23. If you use HTTPS will your URL params will be safe from sniffing? [duplicate]
  24. When the bots attack! [closed]
  25. Calculating HMACSHA256 using c# to match payment provider example
  26. Should I impose a maximum length on passwords?
  27. SSO with CAS or OAuth?
  28. Best practices for server-side handling of JWT tokens [closed]
  29. How do I secure REST API calls?
  30. What are best practices for securing the admin section of a website? [closed]

Leave a Comment