Many security techniques are underpinned by the use of cryptographic techniques, which in turn rely on the proper use of cryptographic keys. For example, an encryption protocol can be thought of as a black box that takes two inputs, one of which is the message to be encrypted, and generates one output, the encrypted (or scrambled) message.

The security of the system should not depend upon the secrecy of the specification of the box. Indeed, in many cases such a box will implement public domain techniques. Instead, the security resides in the behaviour of the box being dependent on the value of the second of its inputs, known as a cryptographic key. Thus the result of inputting a particular message to the encryption protocol will depend upon the key used.

The ultimate security of any application that relies upon the use of cryptographic techniques, whether it be file encryption or secure websites, is always dependent upon the proper management of the keys. The exact requirements of a key management system will depend upon the environment in question, but generally speaking such a system should encompass techniques and procedures that support:

  • The generation and distribution of keying material
  • Control of the use of keying material
  • Update, revocation and destruction of keying material
  • Storage, backup and archival of keying material

These issues should be addressed in a manner that is in proportion to the business risk. The actual choice of key management system should be determined by both the security services required, and what is the most practical in terms of ease of use and minimizing the overhead of the key management system itself.

Welcome to Kryptosec
Kryptosec provides consultancy and training on information security, with a particular specialism in encryption and other cryptographic techniques. Our clients range from banks and other financial institutions through to software development companies.Typical areas falling within Kryptosec's scope include data security, secure email, network security, certificate-based security applications such as SSL, and general cryptography and encryption related advice.

For more information, please see the consultancy and training sections.
Why choose Kryptosec?