IAKM-1

IAKM-1 Key Management

Overview

Symmetric Keys are produced, controlled, and distributed using NIST-approved key management technology and processes. Asymmetric Keys are produced, controlled, and distributed using DoD PKI Class 3 certificates or pre-placed keying material.

MAC / CONF	Impact	Subject Area
MACIII	Medium	Identification and Authentication

Details

Threat
Sensitive DoD information requires protection from unauthorized access, modification, or destruction. All symmetric keys used to encrypted data must be protected commensurate with the classification level of the information being protected. For Asymmetric keys, the user or custodian must protect the private key commensurate with the classification level of the information being protected. The DoD Public Key Infrastructure can be utilized to encrypt sensitive data on Unclassified networks to transmit data over untrusted networks. The security requirements for cryptographic key management encompass the entire lifecycle of cryptographic keys, cryptographic key components, and Cryptographic Service Providers employed by the cryptographic module. Key management includes random number and key generation, key establishment, key distribution, key entry/output, key storage, and key zeroization.

Threat

Sensitive DoD information requires protection from unauthorized access, modification, or destruction. All symmetric keys used to encrypted data must be protected commensurate with the classification level of the information being protected. For Asymmetric keys, the user or custodian must protect the private key commensurate with the classification level of the information being protected. The DoD Public Key Infrastructure can be utilized to encrypt sensitive data on Unclassified networks to transmit data over untrusted networks. The security requirements for cryptographic key management encompass the entire lifecycle of cryptographic keys, cryptographic key components, and Cryptographic Service Providers employed by the cryptographic module. Key management includes random number and key generation, key establishment, key distribution, key entry/output, key storage, and key zeroization.

Guidance
1. The PKI manages the registration, issuance and control of X.509 certificates for use by DoD personnel in the conduct of official business. An X.509 certificate binds an end entity (such as a subscriber, router, or automated message guard) to a key pair, certifying that the entity identified in the certificate has the private key associated with the public key incorporated into the certificate. 2. The key pairs are used by end entities to perform cryptographic operations: to digitally sign information, to ensure the identity of the signer and the integrity of the information, and to encrypt information to ensure confidentiality. The DoD PKI issues separate certificates and key pairs for identity authentication and integrity, and for confidentiality. 3. Secret keys, private keys, and Cryptographic Service Providers shall be protected within the cryptographic module from unauthorized disclosure, modification, and substitution. Public keys shall be protected within the cryptographic module against unauthorized modification and substitution. 4. All private key pairs that are used to assert non-repudiation and are tightly bound to an entities identity must be protected in accordance with classification level of the information being processed. 5. All users and custodians are responsible to protect and store all private keys. For the hardware token, users must promptly report lost or stolen tokens. For software private keys, users must store them in a tamper evident package locked in a safe.

Guidance

1. The PKI manages the registration, issuance and control of X.509 certificates for use by DoD personnel in the conduct of official business. An X.509 certificate binds an end entity (such as a subscriber, router, or automated message guard) to a key pair, certifying that the entity identified in the certificate has the private key associated with the public key incorporated into the certificate.
2. The key pairs are used by end entities to perform cryptographic operations: to digitally sign information, to ensure the identity of the signer and the integrity of the information, and to encrypt information to ensure confidentiality. The DoD PKI issues separate certificates and key pairs for identity authentication and integrity, and for confidentiality.
3. Secret keys, private keys, and Cryptographic Service Providers shall be protected within the cryptographic module from unauthorized disclosure, modification, and substitution. Public keys shall be protected within the cryptographic module against unauthorized modification and substitution.
4. All private key pairs that are used to assert non-repudiation and are tightly bound to an entities identity must be protected in accordance with classification level of the information being processed.
5. All users and custodians are responsible to protect and store all private keys. For the hardware token, users must promptly report lost or stolen tokens. For software private keys, users must store them in a tamper evident package locked in a safe.

References

DoDI 8520.2 “DoD Public Key Infrastructure (PKI) and Public Key (PK) Enabling, 01 April 2004
X.509 Certificate Policy for the United States Department of Defense, Version 8, 11 December 2003
CJSCM 6510.01, Change 1, Enclosure C, Appendix O, 10 August 2004
FIPS 140-2 Level 2, FIPS 140-2 Level 3