Overview#
Key Life cycle is the Key Life cycle of the
state of a
Key as it transitions through the various
states of the
Life cycle.As a key is
managed differently, depending upon its
state in the Key Life cycle. Key Life cycle are defined from a system point-of-view, as opposed to the point-of-view of a single cryptographic module.
Key Life cycle is defined in NIST.SP.800-57
Pre-activation State#
The
Key Generation, but has not been
authorized for use. In this state, the key may only be used to perform proof-of-possession or key confirmation. Other than for proof-of-possession or key-confirmation purposes, a key shall not be used to apply
cryptographic protection to information (e.g.,
encrypt or
Digital Signature or to process
cryptographically protected information (e.g., decrypt ciphertext or verify a digital signature) while in this state.
Active State#
The
key may be used to cryptographically protect information (e.g., encrypt plaintext or generate a digital signature), to cryptographically process previously protected information (e.g., decrypt ciphertext or verify a digital signature) or both.
Suspended State#
The use of a key or key pair may be suspended for several possible reasons; in the case of asymmetric key pairs, both the public and private keys shall be suspended at the same time. One reason for a suspension might be a possible key compromise, and the suspension has been issued to allow time to investigate the situation. Another reason might be that the entity that owns a digital signature key pair is not available (e.g., is on an extended leave of absence); signatures purportedly signed during the suspension time would be invalid.
Deactivated State#
Keys in the deactivated state shall not be used to apply cryptographic protection, but in some cases, may be used to process cryptographically protected information.
Compromised State#
Generally,
keys are compromised when they are released to or determined by an
unauthorized entity. A compromised key shall not be used to apply cryptographic protection to
data.
However, in some cases, a compromised key or a public key that corresponds to a compromised Private Key of a Key pair may be used to process cryptographically protected information. For example, a signature may be verified to determine the integrity of signed data if its signature has been physically protected since a time before the compromise occurred. This processing shall be done only under very highly controlled conditions, where the users of the information are fully aware of the possible consequences.
Compromised State may require Key Revocation
The key has been destroyed. Even though the key no longer exists when in this state, certain key metadata (e.g., key state transition history, key name, type, and cryptoperiod) may be retained for audit purposes. It is possible that a compromise of the destroyed key could be determined after the key has
been destroyed. In this case, the compromise should be recorded.
There might be more information for this subject on one of the following: