ISO 11568-2:2012 pdf download - Financial services- Key management(retail)— Part 2: Symmetric ciphers, their key management and life cycle

ISO 11568-2:2012 pdf download – Financial services- Key management(retail)— Part 2: Symmetric ciphers, their key management and life cycle.
The generation process shall be such that if the initial key is unpredictable within the key space (as required by the key management principles), then so is each resultant key.
The procedure may be used iteratively, as a key generated from one mitial key may subsequently be used as an initial key to generate others.
The generation process shall be non-reversible, such that disclosure 01 a generated key discloses neither the initial key nor any other generated key. An example of such a process is the encipherment of a non-secret value using the initial key.
4.4 Key calculation (variants)
It is possible to obtain a number of keys from a single key using a reversible process. An example of such a process Is the modulo-2 addition of the key and a non-secret value.
Key calculation has the qualities of speed arid simplicity, but disclosure of one key calculated in this manner discloses the original key and all other keys calculated from it.
4.5 Key hierarchies
A key hierchy is a conceptual structure in which the confidentiality of certain keys is dependent upon the confidentiality of other keys. By definition, disclosure of a key at one level of the key hierarchy shall not disclose any key at a higher level.
Key encipherment introduces a key hierarchy whereby a KEK is considered to be at a higher level than the key that It enciphers. The simplest isa two-level hierarchy. whereby the working keys are enciphered by KEK5 which are themselves stored in a cryptographic device, In a three-level hierarchy, these KEKs are also managed in an enciphered form using a higher-level KEK. The concept may be extended to four or more Layers.
Swnilarly, when an initial key or key generating key (KGK) participates in the generation of other keys using a deterministic process, a hierarchy may result whereby the KGK is considered to be at a higher level than the generated keys.
Keys at the higher levels of the key hierarchy shall be of equal or greater strength than the keys they are protecting.
Due consideration shaM be paid to known attacks when assessing the equivalent strength of various cryptographic algorithms. Generally, an algorithm can be said to provides bits of strength where the best- known attack would take, on average. 2’’Tto attack, where Tis the amount of time that Is requwed to perform one encryption of a plaintext value and to compare the result against the corresponding ciphertext value. Recommended equivalent key sizes at the time of publication are given In Table 1. In assessing these numbers, consideration shall be paid to any further developments in cryptanatysis. factoring and computing generally. See ISO/TR 14742 for additional Information.
4.6 Key life cycle
The phases that make up a keys lifetime are collectively referred to as the key’s bfe cycle. Keys shall be prolecled at al stages throughout their kie cycle. An operation that changes a key’s state is referred to as a life cycle operation. This subclause specifies the requirements for attaining a given state or performing a given operation.
The key life cycle consists of three phases as follows,
a) Pre-use, during which the key is generated and optionally stored prior to its use.
b) Use, during which the key Is distributed among communicating parties for operational use.
In a process where both communicating parties contribute to the generation of a new key. key generation and distribution are closely integrated.
Some key management schemes are designed for transforming keys automatically during operational use.
C) Post-use, during which a key is archived or terminated.
Figure 1 gives a schematic overview of the key life cycle. It shows how a given operation on a key changes its state.
A key is considered to be a single object of which multiple instances can exist at different locations and in different forms. A cleat distinction is made between the following operations:
— destruction of a single key instance;
— deletion of a key from a given location, which implies destruction of all instances of this key at that location;
— termination of a key, which implies deletion of the key froni all locations.