Selecting the right key management system
INTRODUCTION
This document is intended to help organizations understand the benefits of a key management system and guide them in selecting a solution that best addresses their needs.
It is written for anyone involved in the design, development, operation or support of business security applications, including managers and executives with "security", "risk" or "compliance" in their titles. It is assumed that the reader understands the basic concepts of cryptography and the role of cryptographic keys within security systems.
1. KEY MANAGEMENT CONCEPTS
Key management is the practice of protecting and administering cryptographic keys and their associated data through the key lifecycle. The importance of this is summarized in NIST Special Publication 800-57:
"The proper management of cryptographic keys is essential to the effective use of cryptography for security. Keys are analogous to the combination of a safe. If a safe combination is known to an adversary, the strongest safe provides no security against penetration. Similarly, poor key management may easily compromise strong algorithms. Ultimately, the security of information protected by cryptography directly depends on the strength of the keys, the effectiveness of mechanisms and protocols associated with the keys, and the protection afforded to the keys."
Specifically, key management should provide control over all key operations based on a combination of best practices and user-defined policies; such operations include key generation, import/export, backup, distribution, usage, update, revocation and deletion. It should also ensure that keys are stored securely to prevent unauthorized modification and, in the case of secret (symmetric) and private (asymmetric) keys, that they are not disclosed. As each key is unique and cannot be recreated, an often-overlooked consideration is the necessity to protect keys against temporary unavailability, permanent loss, and accidental or malicious deletion.
WHY SIZE IS IMPORTANT
The first modern encryption algorithm to gain significant popularity was Lucifer, developed by IBM in the early 1970s, which subsequently evolved into the US Data Encryption Standard (DES). However, the 56-bit key size is too weak to withstand brute force attacks using modern computers, so we now use symmetric algorithms like AES (Advanced Encryption Standard) which supports key lengths up to 256 bits.
Note that each extra bit doubles the strength of the key, so going from 56 to 64 bits is 256 times (i.e. 28) stronger and going from 64 to 128 bits 18,446,744,073,709,551,616 times (i.e. 264) stronger! Assuming there are no weaknesses in the encryption algorithm itself, it would take all the computing power in the world far longer than the lifetime of the universe to successfully crack a 256-bit AES key by brute force (i.e. trying every possible value). Hence the goal of attackers is to steal the key rather than try to "break" it – this is why protecting the key is so important.
WHAT IS A KEY MANAGEMENT SYSTEM (KMS)?
In principle, keys can be managed using pieces of paper and storing them in a safe. However, this is highly prone to errors and abuse, and it does not scale well. Therefore, computerized key management systems have evolved to solve this problem.
A modern KMS provides a framework for managing numerous keys throughout their lifecycle. While implementations vary, desirable characteristics include:
- Support for a broad range of key types and formats
- Generation of keys using a certified hardware random number generator
- Stored keys are protected by a certified, tamper-resistant hardware device
- Replication/backup mechanisms to ensure that keys are never lost
- Logical access controls with strong user authentication
- User-definable roles (e.g. Security Officer, Operator, Auditor)
- User-definable, strongly-enforced policies (e.g. dual control)
- Protection against rogue employees (e.g. mandatory two-person operations)
- Some level of automation for common tasks
- The ability to securely distribute keys to where they are needed
- Full, tamper-proof audit log (for demonstrating compliance, e.g. with PCI DSS)
No matter how good a key management system is, it must be installed and operated in a secure fashion by trained and vetted staff according to well-defined organizational policies and procedures with regular audits.
The role of hardware security modules (HSMs)
HSMs are devices that are commonly used to generate high-quality keys, protect them against a wide range of logical and physical attacks and then utilize these keys to perform cryptographic operations in a secure environment. Also, HSMs can be certified to internationally-recognized security standards such as FIPS 140-2, Common Criteria or PCI-HSM. Because of these useful security characteristics, any decent KMS solution will incorporate an HSM (or at least provide this option).
It is also possible to use a standalone HSM as a "poor man's" KMS. However, managing the lifecycle of keys using just an HSM can be time-consuming and involve resource-intensive manual tasks, and it doesn't scale well as the number of HSM increases. Also, an HSM doesn't solve the problem of distributing the keys securely to external parties. A purpose-designed KMS addresses these shortcomings and provides the means to efficiently manage and distribute a wide range of keys, whether used by HSMs or not.
2. BENEFITS OF A KEY MANAGEMENT SYSTEM (KMS)
There are significant benefits that accrue from using a key management system, which are summarised below
Risk reduction
A KMS can enhance your organization's security posture by imposing technical measures to prevent loss, compromise or misuse of keys – for example
- High-quality key generation to prevent the use of weak keys
- Physical protection of keys against theft and misuse
- Access controls, enforcing role-based authority to manage the system
- High availability guarantees: essential to support 24/7 on-line services
- Secure key distribution to protect keys 'in transit'
- Automated key rotation to ensure key material is not compromised through overuse
- Key revocation and deletion to allow compromised keys to be taken out-of-service
- Signed usage and audit logs to provide forensic information
- Ability to support post-quantum algorithms when required
Compliance
For many organizations, it is important (if not a legal necessity) to comply with various industry-specific, national and/or international standards and regulations regarding data protection, which typically rely on encryption and thus ultimately on key management. These include PCI-DSS, GDPR, SOX, HIPAA and many others. A KMS enables organizations to simply and efficiently implement the necessary processes and controls around their keys; it also simplifies internal and external audits.
Cost reduction
A KMS provides many opportunities for reducing cost:
- Eliminates inefficient manual/paper-based processes
- Centralizes operations to optimize use of skills and resources
- Reduces human errors
- Automates certain processes
- Scales to address growth in the number of keys
- Reduces time spent on compliance and audits
- Avoids fines and reputational damage resulting from key compromise
3. BUILDING THE BUSINESS CASE
The business case for introducing a key management system is generally quite straightforward. Some organizations may already have an existing key management system (or even multiple systems), which may be either proprietary or home-grown, and perhaps once met the needs of the business but are now ineffective and inadequate. Whatever the situation, the case for introducing a new key management system will typically depend on the business-problems currently being experienced.
Risk Reduction
If the organisation has suffered from key compromises in the past or perceives the risk and cost of such compromise as sufficiently high as to be potentially catastrophic, the the main business driver will probably be risk reduction. The business case will point towards a solution that minimizes the overall risk profile, and the justification will be avoidance of fines, law suits and repetitional damage that could, in the worst case, destroy the business.
Compliance
If the organization is struggling to pass audits required to comply with regulations or industry standards, then compliance is likely to be the main driver. Failure to comply with regulations can result in fines (which are becoming increasingly severe), loss of business and reputational damage, so the business case will suggest a solution that simplifies compliance and makes audits easier.
New Systems
If the organization is going through significant IT transformation, driven by e.g. a merger or acquisition, then support for new systems and key migration are likely to be the main drivers. The business case will favor a flexible solution that provides the necessary technical capabilities.
Cost Reduction
If the number of keys being managed is growing rapidly (as it is in most organizations) and managing them is becoming an increasingly labor-intensive and costly exercise for the organization, then cost reduction is going to be the main driver, and the business case will call for the solution that offers the lowest total cost of ownership.
When building the business case, organizations should consider not just their current needs, but their future needs too - it is important that they choose a system that can grow/evolve with their business.
ROI
Whatever the main business driver, it is generally quite straightforward to demonstrate a positive return on investment (ROI) and thus justify the acquisition of a key management system. Even where the main driver is risk, compliance or technology, the operational cost savings will likely yield a rapid payback of the initial investment, and the savings will only grow over time.
4. MARKET SEGMENTATION
Here we look at how the KMS market is segmented to address the needs of certain industries and types of organization.
Market sectors
Key management is a challenge that organisations face across all sectors, but here are some examples that each have specific needs:
Defense
The defense sector has been using cryptography longer than anyone else. These keys are used to protect military and state secrets classified up to TOP SECRET and need to be distributed to end-points often located in ships, airplanes or battlefield environments. As these systems are not relevant or available to the private sector, no further consideration will be given to then in this document.
Banking
Another sector that tends to be fairly specialized is the banking and financial services sector. This is for various reasons, including the obvious need for strong security when it comes to protecting electronic financial transactions. As a result, many industry-specific protocols and standards have been developed over the last couple of decades. Also, the tight regulations governing the industry and the need for adherence to standards and compliance regimes put stringent requirements on how cryptographic keys are managed and the use of HSMs. Only a small subset of key management systems is suitable for this sector, although this does not necessarily prevent such systems from being applicable to the wider enterprise market too.
Enterprise
The general retail and commercial sector, while not as regulated as the banking sector, has increasing amounts of sensitive data that needs protecting. The favored and mature solution to protecting this data is through encryption that then leads to the need for appropriate key management solutions.
Range of application
While some key management systems are general-purpose and can be considered both vendor-agnostic and application-agnostic, many are more limited, being targeted at certain niche and/or proprietary applications.
Long-term data storage
Because there has been a requirement to store sensitive data on tapes, disks and other media since the early days of the mainframe computer, the need to protect such data "at rest" using encryption has driven the development of many key management systems specifically for this purpose. This has only been spurred on by the increasing amount of legislation aimed at ensuring Personally Identifiable Information (PII) is well protected.
Cloud applications
As more and more businesses look to move their IT systems into the cloud, security becomes an increasing concern. A number of key management systems have arisen in recent years to take advantage of this trend, having a narrow focus on cloud-based applications and storage.
Proprietary
Some key management systems exist simply to complement that vendor's own security solutions and have little or no application elsewhere. These also tend to be focused on the specific niche applications that the vendor provides.
The relative positioning of different solutions is summarized on the following chart.
5. AVAILIABLE SOLUTIONS
Deployment model
Key management systems vary in their means of deployment each having its pros and cons:
Software
To install and run on your own server hardware and operating system.
Virtual
Pre-installed virtual machine (VM) image to run in a virtualized environment.
Appliance
Pre-installed on a dedicated hardware platform.
Service
Cloud-based SaaS (software-as-a-system) solution.
Deployment model |
Pros |
Cons |
Software |
|
|
Virtual |
|
|
Appliance |
|
|
Service |
|
|
There is generally little to choose between the first three, being largely a matter of preference; the "service" option is fine if all you're managing are keys for your cloud applications but is less than ideal for managing on-premises keys.
Regardless of the deployment model, good quality key management systems will support the use of a hardware security module (HSM), either as a mandatory requirement or an option (typically built-in to appliances or as an adjunct to a software solution), to enhance the security characteristics of the solution, particularly the generation and physical protection of the keys.
Product architecture and quality
The design and quality of any key management system is a critically important factor when choosing a solution given the role it plays in underpinning all your organization's security applications. Factors to consider include:
- Pedigree of the vendor
- Strategic nature of the product
- Security architecture
- HSM support
- Physical protection
- Resilience
- Compliance
- Credibility
- Support
- Future proofing
For easy reference, more detailed descriptions of these factors are included in the appendix (1) at the end of this paper.
In general, any solution that has been widely deployed within the banking sector is likely to have achieved the highest quality standards and to have shown compliance within a highly regulated environment.
Product capability
Unless you have a very narrow use-case, then a broad range of capabilities is important to address not just your current, but also your future needs. Factors to consider include:
- Application agnosticism
- Vendor agnosticism
- Supported key types
- User authentication
- Policy control
- Audit
- Integration
- Customization
- Ease-of-use
For easy reference, more detailed descriptions of these factors are listed in the appendix (2) at the end of this paper.
Pricing
The final factor in choosing the right solution is, of course the price. However, buyers should consider not just the initial purchase price of the solution but the total cost of ownership. This will include factors such as the on-going cost of maintenance & support and day-to-day running costs; but it is also important to factor in the cost savings that the solution will offer through centralization, increased efficiency, reduced errors, streamlined audits, automation and so on. Quite often, these intangible savings on their own will outweigh the purchase and operating costs of the system!
6. SUMMARY
Key management is an increasingly important function in any modern enterprise and choosing the right key management system is a business-critical decision. Whether the driver is risk, compliance or cost, a good key management system will deliver significant benefits; however, getting the wrong key management system could be an expensive mistake.
This document describes the variety that exists in the key management market, helps buyers understand the important attributes to consider when evaluating alternatives, and provides a simple framework to help narrow down the field.
Ultimately the buyer should demand extensive documentation, a comprehensive demonstration, and solid references before moving ahead with a proof-of-concept or pilot. The vendor should be willing to answer any questions and have a flexible and collaborative approach to doing business.
7. CRYPTOMATHIC CKMS
Cryptomathic's Crypto Key Management System (CKMS) is a general-purpose, banking-grade key management solution that delivers automated key updates and distribution to a broad range of applications. It manages the entire lifecycle of symmetric and asymmetric application keys and enforces robust security processes. Central tamper-evident logs allow businesses to confidently pass internal and external compliance audits.
CKMS is used by major organisations and financial services companies worldwide to centrally control and automate the lifecycle of millions of keys.
For more information , please visit
cryptomathic.com/products/key-management
Disclaimer
© 2021, Cryptomathic A/S. All rights reserved. Aaboulevarden 22, 8000 Aarhus C, Denmark. This document is protected by copyright. No part of the document may be reproduced in any form by any means without prior written authorization of Cryptomathic. Information described in this document may be protected by a pending patent application. This document is provided "as is" without warranty of any kind. Cryptomathic may make improvements and/or changes in the product described in this document at any time. The document is not part of the documentation for a specific version or release of the product, but will be updated periodically.
Note: This material has been prepared for general informational purposes only.
©2021 Crypomathic
All Rights Reserved
ABOUT CRYTOMATHIC
Crytomathic is a global provider of secure server solutions to businesses across a wide range of industry sectors, including banking, government, technology manufacturing, cloud and mobile. With over 30 years' experience, we provide systems for Authentication and signing, EMV and Crypto & Key management through best-of-breed security solutions and services.
We pride ourselves on strong technical expertise and unique market knowledge, with 2/3 of employees working in R&D, including an international team of security experts and a number of world renowned cryptographers. At the leading edge of security provision within its key markets, Crytomathic closely supports its global customer base with many multinationals as longstanding clients.
APPENDIX - CHECKLIST FOR EVALUATING SOLUTIONS
This section provides a simple checklist for evaluating and comparing key management solutions. For each competing product, evaluate whether that product meets each of the 20 suggested criteria detailed below (10 on quality, 10 on capability). Then add up the number of Y's in each section to arrive at a score out of 10 for each. Alternatively, score each criterion out of 10 to give a total score out of 100 for each.
APPENDIX 1 – ARCHITECTURE AND QUALITY CRITERIA
APPENDIX 2 – CAPABILITY CRITERIA
APPENDIX 3 – COMPARING SOLUTIONS
Now plot each product on the chart below. Products that fall into the top-right quadrant may be singled-out for a more detailed evaluation and comparison.