Key ceremony

Last updated May 14, 2024

In cryptography, a key ceremony is a ceremony held to generate or use a cryptographic key.^[1]

Root key signing ceremony

In public-key cryptography and computer security, a root-key ceremony is a procedure for generating a unique pair of public and private root keys. Depending on the certificate policy of a system, the generation of the root keys may require notarization, legal representation, witnesses, or “key-holders” to be present. A commonly recognized practice is to follow the SAS 70 standard for root key ceremonies.^[3]

At the heart of every certificate authority (CA) is at least one root key or root certificate and usually at least one intermediate root certificate. A “root key” is a unique key that must be generated for secure server interaction with a protective network, often called the root zone. Prompts for information from this zone can be made through a server. The keys and certificates serve as the credentials and safeguards for the system. These digital certificates are made from a public and a private key.

Instances

The following examples A and B are at opposite ends of the security spectrum, and no two environments are the same. Depending on the level of protection required, different levels of security will be used.

Possibility A: Identification and non-repudiation for email and web access

Unless the information being accessed or transmitted is valued in terms of millions of dollars, it is generally adequate that the root key ceremony be conducted within the security of the vendor's laboratory. The customer may opt to have the root key stored in a hardware security module, but in most cases, the safe storage of the root key on a CD or hard disk is admissible. The root key is never stored on the CA server.

Possibility B: Machine Readable Travel Document ID Cards and e-Passports

Machine Readable Travel Documents (MRTDs) require a much higher level of security. When conducting the root key ceremony, the government or organization will require rigorous security checks on all personnel in attendance. Those normally required to attend the key ceremony include a minimum of two administrators from the organization, two signatories from the organization, one lawyer, a notary, and two video camera operators, in addition to the CA software vendor's technical team.

Overview

The actual generation of the root key-pair typically occurs in a secure vault, with no external communication except for a single telephone line or intercom. Upon securing the vault, all present personnel must verify their identity using at least two legally recognized forms of identification. The lawyer in charge logs every person, transaction, and event in a root key ceremony log book, with each page notarized. From the moment the vault door closes until its reopening, everything is also video recorded. The lawyer and the organization's two signatories sign the recording, which is also notarized.

As part of the process, the root key is divided into up to twenty-one parts, each secured in a safe with a key and numerical lock. The keys are distributed to up to twenty-one people, and the numerical codes are distributed to another twenty-one people.^{[ citation needed ]}

Providers

The CA vendors and organizations, such as RSA, VeriSign, and Digi-Sign, implement projects of this nature where conducting a root key ceremony would be a central component of their service.^[4]

IBM HSM key ceremony

A hardware security module (HSM) key ceremony is a procedure where the master key is generated and loaded to initialize the use of the HSM. The master key is at the top of the key hierarchy and is the root of trust to encrypt all other keys generated by the HSM. A master key is composed of at least two parts. Each key part is normally owned by a different person to enhance security.

Master key types

The master key is stored within the HSM. IBM HSMs support two types of cryptographic mechanisms:

The PKCS#11 mechanism, called IBM Enterprise PKCS #11 (EP11),^[5] creates a high-security solution for application programs developed for this industry-standard API.
The IBM Common Cryptographic Architecture (CCA)^[6] mechanism provides many functions of special interest in the finance industry, extensive support for distributed key management, and a base on which custom processing and cryptographic functions can be added.

Depending on the cryptographic mechanisms that the HSM supports and the key objects that are encrypted by the master key, the following types of master keys are available:

EP11 HSMs^[7]
- EP11 symmetric master key:^[8] used to encipher all kinds of sensitive materials, including secret key objects and intermediate state information containing secret key materials.
CCA HSMs^[9]
- SYM master key: used to encipher DES symmetric key objects
- ASYM master key: used to encipher PKA-RSA asymmetric key objects
- AES master key: used to encipher AES, HMAC symmetric key objects
- APKA master key: used to encipher PKA-ECC asymmetric key objects

HSM key ceremony types

On-premise HSM Key Ceremony

For IBM Z and Linux One Systems, the HSMs are used to perform cryptographic operations. The HSM has 85 domains, with each having its own set of master keys.^[10] Before using the system, the HSM Key Ceremony must be conducted to load the master key securely and properly. For EP11 HSMs, the master key parts are stored on smart cards and loaded to the HSM with the Trusted Key Entry (TKE) workstation. For CCA HSMs, the master key parts can be stored either on smart cards or in files on the TKE workstation.

Cloud HSM Key Ceremony

EP11 HSM is currently the only type of HSM that supports Key Ceremony in the cloud. Both the cloud command-line interface (CLI) and smart cards are provided to load the master key parts to the cloud HSM. IBM Cloud Hyper Protect Crypto Services is presently the only key management service and cloud HSM in the cloud to provide HSM key ceremony through both CLI and smart cards. ^[11]

Master key part storage

Depending on the key ceremony types, the master key parts can be stored either on smart cards or in files on the workstation.

Smart cards are protected by a personal identification number (PIN) that must be entered on a smart card reader pad. Each master key part owner has one smart card, and only the owner knows its PIN. This solution ensures that the master key parts never appear in the clear outside the smart cards.

Compared with the smart card solution, the workstation solution does not require the procurement of smart card readers and smart cards. This solution uses workstation files encrypted with keys derived from a file password to store master key parts. When the keys are used, file content is decrypted and appear temporarily in the clear in workstation memory.^[12]

In blockchain technology

A key ceremony can be used to generate the private key for a cryptocurrency wallet.^[13]^[14] For Multiparty Computation (MPC), key ceremonies are used to split parts of keys to participants securely. It is also used in Zero-Knowledge Proofs (zKP) protocols for key generation.

Related Research Articles

A secure cryptoprocessor is a dedicated computer-on-a-chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance. Unlike cryptographic processors that output decrypted data onto a bus in a secure environment, a secure cryptoprocessor does not output decrypted data or decrypted program instructions in an environment where security cannot always be maintained.

In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard.

The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protocol provides cryptographic authentication of data, authenticated denial of existence, and data integrity, but not availability or confidentiality.

Key management refers to management of cryptographic keys in a cryptosystem. This includes dealing with the generation, exchange, storage, use, crypto-shredding (destruction) and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.

A security token is a peripheral device used to gain access to an electronically restricted resource. The token is used in addition to, or in place of, a password. Examples of security tokens include wireless keycards used to open locked doors, a banking token used as a digital authenticator for signing in to online banking, or signing a transaction such as a wire transfer.

The IBM 4758 PCI Cryptographic Coprocessor is a secure cryptoprocessor implemented on a high-security, tamper resistant, programmable PCI expansion card. Specialized cryptographic electronics, microprocessor, memory, and random number generator housed within a tamper-responding environment provide a highly secure subsystem in which data processing and cryptography can be performed.

<span class="mw-page-title-main">Trusted Platform Module</span> Standard for secure cryptoprocessors

Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a chip conforming to the standard ISO/IEC 11889. Common uses are to verify platform integrity, and to store disk encryption keys.

The Microsoft Windows platform specific Cryptographic Application Programming Interface is an application programming interface included with Microsoft Windows operating systems that provides services to enable developers to secure Windows-based applications using cryptography. It is a set of dynamically linked libraries that provides an abstraction layer which isolates programmers from the code used to encrypt the data. The Crypto API was first introduced in Windows NT 4.0 and enhanced in subsequent versions.

A hardware security module (HSM) is a physical computing device that safeguards and manages secrets, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure cryptoprocessor chips.

In cryptography, PKCS #11 is one of the Public-Key Cryptography Standards, and also refers to the programming interface to create and manipulate cryptographic tokens.

cryptlib is an open-source cross-platform software security toolkit library. It is distributed under the Sleepycat License, a free software license compatible with the GNU General Public License. Alternatively, cryptlib is available under a proprietary license for those preferring to use it under proprietary terms.

In cryptography, a hybrid cryptosystem is one which combines the convenience of a public-key cryptosystem with the efficiency of a symmetric-key cryptosystem. Public-key cryptosystems are convenient in that they do not require the sender and receiver to share a common secret in order to communicate securely. However, they often rely on complicated mathematical computations and are thus generally much more inefficient than comparable symmetric-key cryptosystems. In many applications, the high cost of encrypting long messages in a public-key cryptosystem can be prohibitive. This is addressed by hybrid systems by using a combination of both.

The IBM 4764 Cryptographic Coprocessor is a secure cryptoprocessor that performs cryptographic operations used by application programs and by communications such as SSL private key transactions associated with SSL digital certificates.

OpenDNSSEC is a computer program that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

The ROCA vulnerability is a cryptographic weakness that allows the private key of a key pair to be recovered from the public key in keys generated by devices with the vulnerability. "ROCA" is an acronym for "Return of Coppersmith's attack". The vulnerability has been given the identifier CVE-2017-15361.

The IBM 4765 PCIe Cryptographic Coprocessor is a hardware security module (HSM) that includes a secure cryptoprocessor implemented on a high-security, tamper resistant, programmable PCIe board. Specialized cryptographic electronics, microprocessor, memory, and random number generator housed within a tamper-responding environment provide a highly secure subsystem in which data processing and cryptography can be performed.

The IBM 4767 PCIe Cryptographic Coprocessor is a hardware security module (HSM) that includes a secure cryptoprocessor implemented on a high-security, tamper resistant, programmable PCIe board. Specialized cryptographic electronics, microprocessor, memory, and random number generator housed within a tamper-responding environment provide a highly secure subsystem in which data processing and cryptography can be performed. Sensitive key material is never exposed outside the physical secure boundary in a clear format.

The IBM 4768 PCIe Cryptographic Coprocessor is a hardware security module (HSM) that includes a secure cryptoprocessor implemented on a high security, tamper resistant, programmable PCIe board. Specialized cryptographic electronics, microprocessor, memory, and random number generator housed within a tamper-responding environment provide a highly secure subsystem in which data processing and cryptography can be performed. Sensitive key material is never exposed outside the physical secure boundary in a clear format.

The IBM 4769 PCIe Cryptographic Coprocessor is a hardware security module (HSM) that includes a secure cryptoprocessor implemented on a high-security, tamper resistant, programmable PCIe board. Specialized cryptographic electronics, microprocessor, memory, and random number generator housed within a tamper-responding environment provide a highly secure subsystem in which data processing and cryptography can be performed. Sensitive key material is never exposed outside the physical secure boundary in a clear format.

References

↑ Ellison, Carl (2007). "Ceremony Design and Analysis". Cryptology ePrint Archive, Paper 2007/399. Archived from the original on 2022-09-01. Retrieved 2023-08-13.
↑ "The DNSSEC Root Signing Ceremony". Cloudflare. Archived from the original on 2022-11-20. Retrieved 2022-11-20.
↑ Richardson, Michael; Pan, Wei. Security and Operational considerations for manufacturer generated IDevID (Report). Internet Engineering Task Force. Section 2.2 para.2 ("The SAS70 audit standard is usually used as a basis...")
↑ Wessels, Duane (2023-03-01). "Verisign's Role in Securing the DNS Through Key Signing Ceremonies". Verisign Blog. Retrieved 2024-04-02.
↑ "CEX7S / 4769 EP11". www.ibm.com. Archived from the original on 2020-02-21. Retrieved 2020-06-24.
↑ "CEX7S / 4769 CCA". www.ibm.com. Archived from the original on 2020-02-21. Retrieved 2020-06-24.
↑ "Enterprise PKCS#11 (EP11) Library structure" (PDF). public.dhe.ibm.com. Archived (PDF) from the original on 2020-06-29.
↑ Master key is referred to as Wrapping Key (WK) in the EP11 documentation Archived 2020-06-29 at the Wayback Machine .
↑ Getting Started with Linux on Z Encryption for Data At-Rest. 2016-09-30. Archived from the original on 2020-10-15. Retrieved 2020-06-24.
↑ Streamline Management of the IBM z Systems Host Cryptographic Module Using IBM Trusted Key Entry. 2016-09-30. Archived from the original on 2020-06-26. Retrieved 2020-06-24.
↑ "IBM Hyper Protect Services - Overview". www.ibm.com. Archived from the original on 2020-06-09. Retrieved 2020-06-24.
↑ "IBM Cloud Hyper Protect Crypto Services FAQs". cloud.ibm.com. Archived from the original on 2023-04-06.
↑ "EURL: A reliable euro-pegged digital asset" (PDF). uploads-ssl.webflow.com. February 2022. Archived (PDF) from the original on 16 March 2022. Retrieved 18 April 2022.
↑ "Key Ceremony Guidelines" (PDF). Retrieved 14 December 2023.

External links

Summary of events at DNSSEC KSK Ceremony 22, which took place 13 August 13, 2015, at the ICANN Key Management Facility, El Segundo, CA, USA
IBM Crypto Cards
IBM 4768 Crypto Card overview
IBM Cloud Hyper Protect Crypto Services overview
z/OS Trusted Key Entry
Education videos for using TKE to manage crypto modules on IBM Z and LinuxONE
SAS 70 Archived 2013-10-20 at the Wayback Machine

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Ellison, Carl (2007). "Ceremony Design and Analysis". Cryptology ePrint Archive, Paper 2007/399. Archived from the original on 2022-09-01. Retrieved 2023-08-13.

[2] "The DNSSEC Root Signing Ceremony". Cloudflare. Archived from the original on 2022-11-20. Retrieved 2022-11-20.

[3] Richardson, Michael; Pan, Wei. Security and Operational considerations for manufacturer generated IDevID (Report). Internet Engineering Task Force. Section 2.2 para.2 ("The SAS70 audit standard is usually used as a basis...")

[4] Wessels, Duane (2023-03-01). "Verisign's Role in Securing the DNS Through Key Signing Ceremonies". Verisign Blog. Retrieved 2024-04-02.

[5] "CEX7S / 4769 EP11". www.ibm.com. Archived from the original on 2020-02-21. Retrieved 2020-06-24.

[6] "CEX7S / 4769 CCA". www.ibm.com. Archived from the original on 2020-02-21. Retrieved 2020-06-24.

[7] "Enterprise PKCS#11 (EP11) Library structure" (PDF). public.dhe.ibm.com. Archived (PDF) from the original on 2020-06-29.

[8] Master key is referred to as Wrapping Key (WK) in the EP11 documentation Archived 2020-06-29 at the Wayback Machine .

[9] Getting Started with Linux on Z Encryption for Data At-Rest. 2016-09-30. Archived from the original on 2020-10-15. Retrieved 2020-06-24.

[10] Streamline Management of the IBM z Systems Host Cryptographic Module Using IBM Trusted Key Entry. 2016-09-30. Archived from the original on 2020-06-26. Retrieved 2020-06-24.

[11] "IBM Hyper Protect Services - Overview". www.ibm.com. Archived from the original on 2020-06-09. Retrieved 2020-06-24.

[12] "IBM Cloud Hyper Protect Crypto Services FAQs". cloud.ibm.com. Archived from the original on 2023-04-06.

[13] "EURL: A reliable euro-pegged digital asset" (PDF). uploads-ssl.webflow.com. February 2022. Archived (PDF) from the original on 16 March 2022. Retrieved 18 April 2022.

[14] "Key Ceremony Guidelines" (PDF). Retrieved 14 December 2023.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]