Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to properly do private key management

Has anyone got practical experience or a reference for a scheme that implements a key management scheme that would comply with the PCI DSS security standard?

There are obviously quite a few implementations around given the number of companies compliant with PCI DSS but trying to find details of them is tough. When it gets down to storing private data the discussion normally stops at which encryption algorithm to use. After that there's normally a statement about appropriately storing the private key but no discussion about practical ways to do it or things like periodically changing the key or providing the key to applications etc.

Specificlly I'm interested in thee requirements from sections 3.5 and 3.6 of the PCI DSS standard.

3.5.2 Store cryptographic keys securely in the fewest possible locations and forms.

3.6.a Verify the existence of key-management procedures for keys used for encryption of cardholder data. Note: Numerous industry standards for key management are available from various resources including NIST, which can be found at http://csrc.nist.gov.

3.6.4 Verify that key-management procedures are implemented to require periodic key changes at least annually.

I've had a look at the NIST Cryptographic publications as the PCI DSS requirements document suggests but apart from recent notes of a Cryptographic Key Management Workshop there doesn't appear to be much there in the way of real implementable schemes or standards.

As to what I'm trying to do it's not:

  1. Store passwords + salts as one way hashes for authentication,
  2. Choose a strong symmteric algorithm for data encryption,
  3. Avoid needing to store private data in the first place.
  4. Avoid the need for key management with other mechanisms: physical security, database security, dragons and wizards etc.

All of which are valid concerns but in this case are not the answer. The nuts and bolts of my requirements are in a different SO question .Net Design pattern for storing and retrieving sensitive per user data but it all boils down to key management hence this more refined question.

like image 678
sipsorcery Avatar asked Oct 17 '09 23:10

sipsorcery


People also ask

What is private key management?

Key management.A private key is also used in asymmetric cryptography, which is also known as public key cryptography. In this case, the private key refers to the secret key of a public key pair. In public key cryptography, the private key is used for encryption and digital signatures.

How do I manage a private key certificate?

Assign the existing private key to a new certificateSign in to the computer that issued the certificate request by using an account that has administrative permissions. Select Start, select Run, type mmc, and then select OK. On the File menu, select Add/Remove Snap-in. In the Add/Remove Snap-in dialog box, select Add.

What is the normal way of managing cryptographic keys?

Key storage There are various methods to ensure perfect storing of the cryptographic keys. The most common technique employed for the purpose is an encryption application. the application manages the key, and its usage depends on an access password to control the use of the key.

What is a best practice of key management solution security?

Best practice is to utilize a hardware security module (HSM) to store keys, as these provide very strong physical and logical security protection and are typically validated to the NIST FIPS 140-2 security requirements for cryptographic modules.


1 Answers

I'm familiar with the pain you're going through. We struggled to update an old EFT system towards PCI compliance. Key management was certainly (from my software point of view) the most challenging part.

I think I also stumbled into the NIST Recommendations for Key Management that Martin posted, and got incredibly frustrated with the lack of concrete examples.

ANSI X9.17 - Financial Institution Key Management is probably the most relevant to your needs, with PCI-DSS. Good luck reading it though, the document is a massive collection of TLA's which I know I certainly struggled to read. (X9.17 is updated yearly, and latest version is now: NIST SP 800-57 Pt. 1 Rev. 4 )

When frustration turned to desperation I stumbled into The Electronic Money Mill which is a fictional tale, with a good number of relevant technical references. Chapter 17 discusses X9.17 and may help with the understanding.

From all this reference material I designed a key management system that our auditor was pleased with. The design documents are fairly lengthy, but in summary the idea is that you have your Data Encrypying Key protected by a Key Encrypting Key, and the Key Encrypting Key is stored on a physically separate box, itself protected by a Master Key.

My implementation was to have a Key Server application running on a windows box. This application required entry of two separate 'key server master keys' before it could be used. These keys would be known only to the key server administrators. These keys are xor'd together to generate the Master Key, which is stored only in protected memory whilst the application is running. Application can then automatically generate cryptographically strong Key Encrypting Keys, which are stored in encrypted form using the Master Key.

Applications that have a need for encryption will request a Key Encrypting Key from the Key Server. The KEK is used by the application to encrypt/decrypt the Data Encrypting Key, which can be stored securely with the application data.

Good luck. I hope you also find it an interesting challenge!

like image 164
PaulG Avatar answered Sep 20 '22 04:09

PaulG