Key Management: General 1 1 Introduction The use of cryptographic mechanisms is one of the strongest ways to provide security services for electronic applications and protocols and for data storage. The National Institute of Standards and Technology NIST publishes Federal Information Processing Standards FIPS and NIST Recommendations which are published as Special Publications that specify cryptographic techniques for protecting sensitive, unclassified information. Since NIST published the Data Encryption Standard DES in 1977, the suite of approved standardized algorithms has been growing. New classes of algorithms have been added, such as secure hash functions and asymmetric key algorithms for digital signatures. The suite of algorithms now provides different levels of cryptographic strength through a variety of key sizes. The algorithms may be combined in many ways to support increasingly complex protocols and applications. This NIST Recommendation applies to U.S. government agencies using cryptography for the protection of their sensitive, unclassified information. This Recommendation may also be followed, on a voluntary basis, by other organizations that want to implement sound security principles in their computer systems. The proper management of cryptographic keys is essential to the effective use of cryptography for security. Keys are analogous to the combination of a safe. If an adversary knows the combination, the strongest safe provides no security against penetration. Similarly, poor key management may easily compromise strong algorithms. Ultimately, the security of information protected by cryptography directly depends on the strength of the keys, the effectiveness of the mechanisms and protocols associated with the keys, and the protection afforded the keys. Cryptography can be rendered ineffective by the use of weak products, inappropriate algorithm pairing, poor physical security, and the use of weak protocols. All keys need to be protected against unauthorized substitution and modification. Secret and private keys need to be protected against unauthorized disclosure. Key management provides the foundation for the secure generation, storage, distribution, and destruction of keys.

1.1 GoalPurpose

Users and developers are presented with many new choices in their use of cryptographic mechanisms. Inappropriate choices may result in an illusion of security, but little or no real security for the protocol or application. This Recommendation i.e., SP 800-57 provides background information and establishes frameworks to support appropriate decisions when selecting and using cryptographic mechanisms.

1.2 Audience

The audiences for this Recommendation for Key Management include system or application owners and managers, cryptographic module developers, protocol developers, and system administrators. The Recommendation has been provided in three parts. The different parts into which the Recommendation has been divided have been tailored to specific audiences. Part 1 of this Recommendation provides general key management guidance that is intended to be useful to both system developers and system administrators. Cryptographic module developers may benefit from this general guidance through a greater understanding of the key management features that are required to support specific intended ranges of applications. Key Management: General 2 Protocol developers may identify key management characteristics associated with specific suites of algorithms and gain a greater understanding of the security services provided by those algorithms. System administrators may use this Recommendation to determine which configuration settings are most appropriate for their information. Part 2 of this Recommendation [ SP800-57, Part 2 ] is tailored for system or application owners for use in identifying appropriate organizational key management infrastructures, establishing organizational key management policies, and specifying organizational key management practices and plans. Part 3 of this Recommendation addresses the key management issues associated with currently available cryptographic mechanisms and is intended to provide guidance to system installers, system administrators and end users of existing key management infrastructures, protocols, and other applications, as well as the people making purchasing decisions for new systems using currently available technology. Although some background information and rationale are provided for context and to support the recommendations, this document assumes that the reader has a basic understanding of cryptography. For background material, readers may look to a variety of NIST and commercial publications, including [SP800-32] , which provides an introduction to a public-key infrastructure.

1.3 Scope