Key Management in Cryptography: A Complete Introduction

Encryption, aka cryptography, is used to secure data at rest, stored in servers, and in motion, as transmitted over the network. Cryptography involves mathematical operations that convert the original plaintext into an unintelligible ciphertext (encryption) and the reverse process, converting ciphertext to plaintext (decryption).

Cryptographic algorithms apply these algorithms in combination of keys, which serve as a secret knowledge to complete the algorithmic operations correctly. And these keys require management as part of ongoing cyber hygiene — which is what we'll focus on in in this article.

How cryptographic keys work

Cryptographic keys are analogous to the number combinations used to secure a physical safe. Only the authorized user(s) of the safe have knowledge of the safe combination keys.

The safe may employ a complex mechanism for keeping the door locked, but even the strongest of safe may provide no security against penetration — if the key combination is known to an unauthorized adversary attempting to break the lock.

In the digital world, communication takes place over the network, between different entities at different geographic locations, who may or may not be able to share key knowledge between each other. So how do you share the secret key knowledge that enables secure communications over the network, where an adversary may be present as a man in the middle eavesdropper?

Purpose & goal of cryptography

The goal of any cryptography scheme is to ensure the following:

• Entity authentication: The entities are alive and active as corroborating with both parties.
• Data origin authentication: Each party is corroborated of the information source.
• Implicit key authentication: Only the intended recipient can determine the private key and use it to complete the encryption/decryption process.
• Key confirmation: Confirm that the recipient is in possession of their particular secret key.
• Explicit key authentication: Ensure that the given secret key is in possession of the intended recipient.

How online services encrypt data-at-rest

Online services encrypt both data in transit as well as data-at-rest to ensure protection against attackers through a combination of techniques and tools.

• Full-disk encryption: Encrypts the entire storage device, ensuring complete data security.
• File-level encryption: Encrypts individual files or folders for more granular control.
• Cloud encryption: Cloud providers use server-side encryption to secure data, often leveraging customer-managed keys for added control.
• Transparent data encryption (TDE): A database management system feature that uses an encryption key (DEK) to encrypt data at rest within a database, typically applied to structured data.

(Related reading: common data encryption methods.)

What is encryption key management?

Key management, or management of encryption keys, is the process of putting certain standards in place to ensure the security of cryptographic keys in an organization. Basically, it is the separation of keys from data to achieve flexibility and security.

You can have multiple keys for the same data or the same key for multiple files, key backup and recovery, etc.

Benefits of using multiple keys

• Enhanced security: If one key is compromised, it limits the scope of exposure, because the same data encrypted with other keys remains secure.
• Granular access control: Different keys can restrict access to specific files or data sets. For example, one key might allow full access, while another might permit only partial decryption for specific use cases.

Benefits of using the same key across files

• Efficiency: Encrypting and decrypting multiple files with the same key can be faster, as fewer key-related operations are needed.
• Efficient Storage: Key storage requirements are minimized since only one key needs to be stored and secured.

Key exchange problem, in two attacks

Effective use of cryptography requires key management, which refers to the all-encompassing activities in handling cryptography keys during the entire lifecycle. It is designed to defend against two attacks, which refer to the key exchange problem:

1. Forward secrecy. Leakage of the key material can compromise previous session keys. The lack of historical secrecy would allow an adversary to bypass the cryptography operations applied to a different session key. Knowledge of a future session key can help map the cryptographic processes used in past sessions.
2. Known key attack. If the keying material is compromised, future session keys are no longer secure. An adversary can impersonate the legitimate entity using this knowledge, but the past communication sessions are not compromised by this attack.

The encryption key management lifecycle

Let’s review the key management lifecycle:

1. Key generation

The first step is generating a cryptography key using an approved set of rules, including the use of a pseudo-random generator.

2. Key installation

Next, we move into the process of setting up, configuring and testing keying material, including:

• Hardware
• Software
• Cryptomodules

3. Key establishment

The distribution of keys between two or more entities involved in the communication. The process may involve a Key Generation or Key Agreement, where a new key is produced as a function of the secret (key) information possessed by the individual communicating parties.

We will explore this process in detail later, as it differentiates between symmetric private key cryptography and asymmetric public key cryptography.

4. Key certification

Now the key must be certified — an authentication using digital signatures (issued by a third-party certification authority) that unambiguously associates the key with the appropriate sources. Users are registered as authorized members of the security domain to which these digital signatures may apply.

5. Key usage

Key usage ensures the operational availability of keying material during the applicable crypto period of the keys. Depending on the type of key establishment protocols, the key may be temporary (session key) and need revocation at the expiration end of the digital certificate.

6. Key storage

Cryptography keys must be stored with a high degree of confidentiality, integrity, and availability (the CIA triad). The storage location may not be an active memory but only acquired from an operational memory available to cryptographic algorithms.

7. Key update & recovery

Mechanisms that allow authorized entities to update and retrieve the keys stored in the operational memory. This follows the principle of securing data at rest and is useful for reconstructing a key from archived keying information.

8. Key revocation

The key is destroyed or deregistered when no further key management operations are applicable to the associated source entities. These entities may have completed the communication process or may no longer be eligible for the key certification process.  

Key establishment process for private & public key cryptography

Now, let’s revisit #3 from above — key establishment — and see how this key management lifecycle applies to the two types of cryptography schemes:

Private key establishment

In symmetric key cryptography, the same secret key is used for encryption and decryption. This is also called private key cryptography. It looks like this:

1. Alice initiates a request to access encrypted information; a Data Encryption Key (DEK) retrieval request is sent to Bob.
2. Alice also sends a certificate for verification to Bob, who verifies this signature with a Certification Authority (CA) for authentication.
3. Bob then responds by sending his certificate to Alice for authentication and acceptance by the CA and initiates a secure TLS connection. Alice may now encrypt the data using the DEK provided by Bob. Encryption schemes used in this key exchange protocol include AES and Triple-DES.
4. Upon receiving this encrypted ciphertext, Bob uses the Key Encryption Key (KEK) to decrypt the data.
5. The DEK may be stored by Alice until the end of the session.

Use cases for symmetric (private) key

Here's when to use private keys:

• To provision authentication and integrity services via Message Authentication Codes (MACs), the same key is used for both generating and validating the MAC. Typically, MACs employ either a symmetric key-encryption algorithm or a cryptographic hash function as their underlying primitive.
• For secure file transfer protocols like SFTP to encrypt data during transfer.
• Ensuring data confidentiality, the same key is used to encrypt and decrypt data.

Public key establishment

Asymmetric key cryptography is a combination of a public key and secret private key is used for encryption and decryption. This is also called public key cryptography. It works like this:

1. Alice and Bob verify each other’s certificate against a CA for authentication and mutual acceptance.
2. Bob then responds to Alice’s request to send his public key.
3. Alice then creates an ephemeral session key using a key exchange mechanism that may follow an asymmetric algorithmic scheme such as Elliptic Curve Cryptography, Diffie-Hellman Key Exchange or RSA protocol.
4. Alice then encrypted this secret key with Bob’s public key. The resultant key is used to encrypt data, to be sent to Bob.
5. Bob recipes this data and decrypts it with his own private key.

Use cases for assymetric (public) key

• To compute digital signatures, like when signing emails, documents, or software to verify the sender and detect tampering.
• To securely share symmetric keys. Asymmetric algorithms like Diffie-Hellman or RSA are used to securely exchange symmetric encryption keys between parties.
• To generate random numbers.

Ensuring data integrity with hash functions

Hash functions play a vital role in cryptographic systems by ensuring data integrity. They convert input data into a unique, fixed-size hash value. Even the slightest alteration to the input generates a completely different hash, allowing users to detect tampering effectively.

For example, hash functions are integral to digital signatures, where they help verify the authenticity of files. Additionally, they are used in secure password storage and in checking data integrity during transmission or storage.

Maintaining integrity and authenticity with MACs

Message Authentication Codes (MACs) provide a robust mechanism for verifying both the integrity and authenticity of a message. A MAC is created by combining a secret key with the message through a cryptographic algorithm. The recipient, using the same key, validates the MAC to confirm the message is untampered and verify the sender's identity.

This approach is fundamental to secure communication protocols like HTTPS, ensuring that data remains trustworthy even in transit.

Memory management considerations in encryption key management

The handling of encryption keys in memory directly impacts the security, performance, and reliability of cryptographic systems. Below are key considerations for managing memory in the context of encryption key management:

Secure key storage in memory

• Minimizing exposure time: To minimize their exposure, keys should only be loaded into memory when needed and removed immediately after use. For short-term tasks, use ephemeral keys that are generated, used, and discarded quickly.
• Use of secure memory regions: Keys should be stored in secure memory regions with restricted access that are physically out of reach of attackers and inaccessible to unauthorized processes. For example, using hardware-based Trusted Execution Environments (TEEs) or secure enclaves (e.g., Intel SGX).

Avoid memory paging

Disable paging for key storage: Keys should not be paged to disk, as this could lead to persistent exposure. Use non-paged memory for storing encryption keys.

Key zeroization

• Timely erasure: You have to make sure that keys are securely wiped off when no longer in use to prevent recovery or leakage through memory dumps.
• Apply zeroization techniques: Use functions that overwrite memory locations holding sensitive data with random or zero values, ensuring that the erasure is complete.

Comply with standards

Use cryptographic modules that comply with recognized standards such as FIPS 140-3, NIST 800-57 or ISO/IEC 27001, ensuring robust memory management practices.

Support the hardware

Hardware Security Modules (HSMs) handle cryptographic operations within a secure hardware boundary, ensuring that keys never leave the protected memory.

Monitoring and incident response

• Memory Access Logging: Implement monitoring tools to detect unauthorized memory access attempts.
• Incident Recovery Plans: Develop procedures for responding to incidents involving memory compromise, such as rekeying operations.

In summary

Encryption key management is an essential aspect of ensuring data security. It involves a systematic approach to generating, storing, using, and destroying cryptographic keys throughout their lifecycle.

By implementing robust key management strategies and adhering to best practices, organizations can safeguard sensitive information, prevent unauthorized access, and maintain the integrity and authenticity of their data.