All
All

Recommendation for Cryptographic Key Management

2.12 MB | 3 files |  DOC, PDF

The security of information protected by cryptographic keys directly depends on the strength of those keys, the effectiveness of mechanisms and protocols associated with keys and the protection afforded to the keys. Key management provides the foundation for the secure generation, storage, distribution and destruction of keys. This recommendation provides background information and establishes frameworks to support appropriate decisions when selecting and using cryptographic keys.

The proper management of cryptographic keys is essential to the effective use of cryptography for security. Keys are analogous to the combination of a safe. If a safe combination becomes known to an adversary, the strongest safe provides no security against penetration. Similarly, poor key management may easily compromise strong algorithms. Ultimately, the security of information protected by cryptography directly depends on the strength of the keys, the effectiveness of mechanisms and protocols associated with keys, and the protection afforded to the keys. All keys need to be protected against modification, and secret and private keys need to be protected against unauthorized disclosure. Key management provides the foundation for the secure generation, storage, distribution and destruction of keys.

Users and developers are presented with many choices in their use of cryptographic mechanisms. Inappropriate choices may result in an illusion of security, but little or no real security for the protocol or application. This recommendation provides background information and establishes frameworks to support appropriate decisions when selecting and using cryptographic mechanisms. The attached Zip file includes:

  • Intro Page.doc
  • Cover Sheet and Terms.pdf
  • Recommendation for Cryptographic Key Management.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

This Download is provided by:

Partner logo

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

All IT Downloads from National Institute of Standards and Technology» | Visit National Institute of Standards and Technology »
Related IT Downloads

Analytics08 Job Description: Data Scientist

The data scientist drives initiatives to improve website monetization and user experience, while delivering analytics to better understand user engagement. ...  More >>

Money3 PCI Compliance: The Definitive Guide

In this excerpt from chapter 20, the author briefly discusses the challenges and success factors that the organization must be aware of to maintain compliance and achieve optimum information security for the enterprise. ...  More >>

IT_Man20 Agile Strategy Management: Techniques for Continuous Alignment and Improvement

The excerpt from chapter 2 focuses on building the best possible team to perform the strategic initiative the organization has identified as a worthy opportunity. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data