Key Management: General 84 8 Key-Management Phases and Functions The cryptographic key-management lifecycle can be divided into four phases. During each phase, the keys are in certain specific key states as discussed in Section 7 . In addition, within each phase, certain key-management functions are typically performed. These functions are necessary for the management of the keys and their associated metadata. Key-management information is called metadata. The metadata required for key management might include the identity of a person or system associated with that key or the types of information that person is authorized to access. Metadata is used by applications to select the appropriate cryptographic keys for a particular service. While the metadata does not appear in cryptographic algorithms, it is crucial to the implementation of applications and application protocols. The four phases of key management are: 1. Pre-operational phase: The keying material is not yet available for normal cryptographic operations. Keys may not yet be generated, or are in the pre-activation state. System or enterprise attributes are established during this phase, as well. 2. Operational phase: The keying material is available and in normal use. Keys are in the active or suspended state. Keys in the active state may be designated as protect only, process only, or protect and process; keys in the suspended state can be used for processing only.

3. Post-operational phase: The keying

material is no longer in normal use, but access to the keying material is possible, and the keying material may be used for processing. Keys are in the deactivated or compromised states. Keys in the post- operational phase may be in an archive see Section 8.3.1 when not processing data.

4. Destroyed phase: Keys are no longer

available. Records of their existence may or may not have been deleted. Keys are in the destroyed states. Although the keys themselves are destroyed, the key metadata e.g., key name, type, cryptoperiod, and usage period may be retained see Section 8.4 . A flow diagram for the key management phases is presented in Figure 4 . Seven phase transitions Figure 4: Key management phases. Key Management: General 85 are identified in the diagram. A key shall not be able to transfer back to any previous phase. Transition 1: A key is in the pre-operational phase upon generation pre-activation state. Transition 2: If keys are produced, but never used, they may be destroyed by transitioning from the pre-operational phase directly to the destroyed phase. Transition 3: When a key in the pre-operational phase is compromised, it transitions to the post-operational phase compromised state. Transition 4: After the required key metadata has been established, keying material has been generated, and the metadata is associated with the key during the pre-operational phase, the key is ready to be used by applications and transitions to the operational phase at the appropriate time. Transition 5: When a key in the operational phase is compromised, it transitions to the post-operational phase compromised state. Transition 6: When keys are no longer required for normal use i.e., the end of the cryptoperiod has been reached and the key is no longer “active”, but access to those keys needs to be maintained, the key transitions to the post-operational phase. Transition 7: Some applications will require that access be preserved for a period of time, and then the keying material may be destroyed. When it is clear that a key in the post-operational phase is no longer needed, it may transition to the destroyed phase. The combination of key states and key phases is illustrated in Figure 5 . The following subsections discuss the functions that are performed in each phase of key management. A key- management system may not have all identified functions, since some functions may not be appropriate. In some cases, one or more functions may be combined, or the functions may be performed in a different order. For example, a system may omit the functions of the post-operational phase if keys are immediately destroyed when they are no longer used to apply cryptographic protection or Figure 5: Key management states and phases. Key Management: General 86 are compromised. In this case, keys would move from the operational phase directly to the destroyed phase.

8.1 Pre-operational Phase