Encryption key management is a crucial component of any high-assurance encryption security solution.
However secure and efficient a dedicated encryption device may be, it is encryption key management that determines data security.
Encryption dependends upon key management to provide and deliver the local information needed to encrypt and decrypt frames. In order to ensure any breached data is rendered meaningless in the hands of an unauthorised user, it is essential to restrict access to the encryption keys themselves.
Secure Encryption Management
Secure encryption depends on key security in all of its phases:
- A safe key needs randomness. Real randomness can only be delivered by a hardware source, while software-created randomness is calculated randomness, not real randomness. Senetas uses true hardware random number generators.
- Keys must be stored securely. Senetas encryptors feature secure key storage in a tamper-resistant enclosure. Any unauthorised attempt to access the keys inevitably leads to the zeroisation of the key storage.
- The encryption keys are in plain text while encrypting and decrypting and are dependent on a safe encryption environment. Any tampering inevitably leads to the zeroisation of all data in memory, including the keys in use.
- Keys need to be secure while being transported between encryptors. The keys are always encrypted while they are in transit.
Secure Encryption Generation
Each encryptor has its own certificate issued by the Certificate Authority (CA).
The certificate is an initial secret and its public key is used as a digital signature so that the recipient can verify the sender. The key exchange uses the certificate to sign the keys or partial keys that are exchanged to ensure that they are coming from the correct remote device.
The partial keys are generated completely inside the encryptor, without any user having access to it. After exchanging the partial keys both sides calculate the same shared secret. Subsequently, the encryptor generates internally the master key and encrypts it with the shared secret.
The encryptor also generates the session key and uses the master key to encrypt it. The transmission of the master and session keys from one encryptor to the other is always encrypted.
Senetas supports the two leading public key algorithms, RSA and ECC (elliptic curve cryptography), for the exchange of the master keys (key encryption keys). In case of ECC, ECDSA (elliptic curve digital signature algorithm) and ECKAS-DH (elliptic curve key agreement scheme) are used.
Senetas offers the choice between pairwise key system and group key system (or a combination of the two) in order to accommodate different topologies and usage scenarios.