Key Import; Key Separation; Nshield Jca/Jce Csp - Entrust nShield Security Manual
Hide thumbs
Also See for nShield:
- Installation manual (73 pages) ,
- Hardware and setup manual (26 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
matter if an attacker obtained this data because all sensitive data is protected by the
Security World key, stored in your HSM, and the Administrator cards for that Security
World.
In terms of cryptoperiods (see above) keys that have reached the end of the
cryptoperiod and therefore no longer exist on the nShield HSM may still exist on
backups. If feasible then the backup data should also be deleted. However, if the backups
have to be maintained for operational, resilience, or audit reasons, then ensure that the
relevant procedural controls are implemented to mitigate attacks on retired keys.
7.7. Key import
We recommend generating a new key instead of importing an existing key whenever
possible. The import operation does not delete any copies of the imported key material
from the host, and as traces of this key material may still exist on disks or in backups,
there is a risk that the key material may become compromised after it has been
imported. It is your responsibility to ensure any unprotected key material is deleted. If a
key was compromised before importation, then importing it does not make it secure
again.
7.8. Key separation
Key separation (i.e. each key only has a single purpose) is an important security principle
which is re-enforced in nShield by having different key types for different purposes (e.g.
ECDHPrivate/ECDHPublic
ECDSAPrivate/ECDSAPublic
There is a use case where a static EC private Key-Establishment key will also be used to
sign a CSR to request an (initial) certificate for the associated static EC public Key-
Establishment key. For this particular use case, the keyType
used for the EC Key-Establishment key, with a specialized ACL allowing the ECPrivate
key to be used for a single signing (OpPermissions:Sign), and then key-establishment
(OpPermissions:Decrypt).
When the ACL is used to enforce a single signature operation, this
signature must be performed before the key is initially
persisted/blobbed.
7.9. nShield JCA/JCE CSP
nShield® Security Manual
for Elliptic Curve (EC) Key-Establishment keys and
for EC signing/verification keys).
ECPrivate/ECPublic
should be
53 of 90
Advertisement
Table of Contents
Need help?
Do you have a question about the nShield and is the answer not in the manual?