How to move to advanced cryptography
Connecting state and local government leaders
Two draft publications released by NIST for public comment provide guidance for transitioning to new crypto algorithms and for developing a system for managing cryptographic keys.
The National Institute of Standards and Technology has released two draft publications as part of its Cryptographic Key Management Project, an effort to help agencies in their adoption of more advanced cryptographic algorithms and the management of stronger keys.
Special Publication 800-130, “A Framework for Designing Cryptographic Key Management Systems,” describes the components of cryptographic key management systems and specifies requirements for documentation in the design of a key management system. Comments on this publication should be sent to CKMSDesignFramework@nist.gov by August 17 with “Comments on CKMS Design Framework” in the subject line.
SP 800-131, “Recommendations for the Transitioning of Cryptographic Algorithms and Key Sizes,” released in its second draft, provides more specific guidance for transitions to stronger crypto keys and more robust algorithms. Comments should be sent to CryptoTransitions@nist.gov by July 16.
The publications are part of a 10-year-old effort by NIST to provide guidance for the adoption of strong cryptography and for key management to agencies that increasingly rely on cryptography to ensure the security and authenticity of data, both in transit and at rest.
Related stories:
Scott Vanstone: Cryptography thrown an elliptic curve
The key to strong encryption: Matching the right tools to the job
Key management is one of the most difficult tasks in the use of cryptography, because a cryptographic algorithm or scheme is only as secure as the keys used to encrypt and decrypt data. The scalability and usability of the methods used to distribute keys are of particular concern. NIST’s key management project is an effort to improve the overall key management strategies to enhance the usability of cryptographic technology, provide scalability, and support a global cryptographic key management infrastructure.
NIST hosted a workshop in June 2009 to examine the current challenges of key management, alternative methods technologies for it and ways of transitioning to new methods. SP 800-130 is a product of that workshop and will be discussed at a second workshop hosted by NIST scheduled for September 20-21.
The key management system binds a key to its critical metadata in order to control the key's proper use, according to the publication.
When designing a key management system, the cryptographic techniques used to protect the keys should provide a level of security equal to that of the cryptography being used. “This design principle is comparable to a design principle used in building safes and vaults,” the publication reads. “The designer builds the vault to a standard that would discourage the rational attacker from attempting entry; the only way to open the safe is to open the safe door by trying possible combinations until the correct combination is selected.”
Similarly, decrypting protected data without knowing the key can only be done by trying all possible keys. Having a strong algorithm with many possible keys is only secure, however, if the keys that are being used are properly secured and managed.
The first draft of SP 800-131 was released in February. It provides specific guidance for making the transition to stronger cryptographic keys and more robust algorithms, based on years of experience in dealing with key management. It is part of an effort to plan ahead for changes in the use of cryptography as existing algorithms become compromised and the computing technology used to break the algorithms advances.
SP 800-57, Part 1, originally published in 2005, included a general approach for transitioning from one algorithm or key length to another. The new draft of SP 800-131 gives more specific guidance. The recommendations in SP 800-131 address the use of algorithms and key lengths. Ways to validate cryptographic modules using them will be provided in a separate document.
Some of the dates in SP 800-131 may differ from the dates originally provided in the 2005 version of SP 800-57. The earlier publication will be modified where appropriate, to be consistent with the dates provided in SP 800-131.
NEXT STORY: A cyber bill worth enacting