jspωiki
Key Life cycle

Overview#

Key Life cycle is the Key Life cycle of the state of a Key as it transitions through the various states of the Life cycle.

As a key is managed differently, depending upon its state in the Key Life cycle. Key Life cycle are defined from a system point-of-view, as opposed to the point-of-view of a single cryptographic module.

Key Life cycle is defined in NIST.SP.800-57

Pre-activation State#

The key has been generated, but has not been authorized for use. In this state, the key may only be used to perform proof-of-possession or key confirmation. Other than for proof-of-possession or key-confirmation purposes, a key shall not be used to apply cryptographic protection to information (e.g., encrypt or Digital Signature or to process cryptographically protected information (e.g., decrypt ciphertext or verify a digital signature) while in this state.

Active State#

The key may be used to cryptographically protect information (e.g., encrypt plaintext or generate a digital signature), to cryptographically process previously protected information (e.g., decrypt ciphertext or verify a digital signature) or both.

Suspended State#

The use of a key or key pair may be suspended for several possible reasons; in the case of asymmetric key pairs, both the public and private keys shall be suspended at the same time. One reason for a suspension might be a possible key compromise, and the suspension has been issued to allow time to investigate the situation. Another reason might be that the entity that owns a digital signature key pair is not available (e.g., is on an extended leave of absence); signatures purportedly signed during the suspension time would be invalid.

Deactivated State#

Keys in the deactivated state shall not be used to apply cryptographic protection, but in some cases, may be used to process cryptographically protected information.

Compromised State#

Generally, keys are compromised when they are released to or determined by an unauthorized entity. A compromised key shall not be used to apply cryptographic protection to information.

However, in some cases, a compromised key or a public key that corresponds to a compromised private key of a key pair may be used to process cryptographically protected information. For example, a signature may be verified to determine the integrity of signed data if its signature has been physically protected since a time before the compromise occurred. This processing shall be done only under very highly controlled conditions, where the users of the information are fully aware of the possible consequences.

Destroyed State#

The key has been destroyed. Even though the key no longer exists when in this state, certain key metadata (e.g., key state transition history, key name, type, and cryptoperiod) may be retained for audit purposes. It is possible that a compromise of the destroyed key could be determined after the key has been destroyed. In this case, the compromise should be recorded.

More Information#

There might be more information for this subject on one of the following: