Cryptographic Key Management

Protecting customers and assets against insiders and hackers

BY ANNABELLE LEE, Electric Power Research Institute

Cryptographic key management is often used to protect information from unauthorized disclosure, to detect unauthorized modification, and to authenticate the identities of system entities, such as individuals, organizations, devices or processes. Cryptography is particularly useful when data transmission or authentication occurs over communications networks where physical protection mechanisms are often cost-prohibitive or impossible to implement, as is typical in the electric sector. Cryptography can also provide a layer of protection against insiders and hackers who may have physical or possibly logical access to stored data, but not the authorization to know or modify the data, such as maintenance personnel or system users. Cryptography can be used to provide three major types of data protection: confidentiality, integrity, and source authentication (also called non-repudiation).

Confidentiality Protection
Confidentiality protection safeguards data from unauthorized disclosure. Encryption algorithms are used to convert plain text data into unintelligible ciphertext, while decryption algorithms are used to transform the ciphertext back to the original plain text. The transformations are controlled by one or more cryptographic keys so that only the authorized parties who have the keys can successfully perform the transformations.

Integrity Protection
Integrity protection provides mechanisms to detect unauthorized data modifications. Cryptographic authentication algorithms typically calculate an authentication code or digital signature, which is a function of the data being protected and a cryptographic key used by the algorithm. It is highly unlikely that without possession of the correct key, an entity could modify the data and compute the correct authentication code or digital signature. Therefore, unauthorized modifications can be detected before the data is used.

Source authentication/Non-Repudiation
Source authentication/non-repudiation provides assurance that the protected data came from an authorized entity. For example, a digital signature may be calculated on transmitted data. The receiver can verify the digital signature and therefore know that the data came from a particular entity.

TYPES OF CRYPTOGRAPHY
There are two basic types of cryptography: symmetric and asymmetric. Typically, symmetric cryptography is used for confidentiality and both the sender and receiver use the same secret key.

Asymmetric cryptography is typically used for authenticity, non-repudiation, and integrity. In asymmetric cryptography, there are two related keys—a public key and a private key. The keys are mathematically related, but knowledge of one key does not provide knowledge of the other key.

Typically, in asymmetric cryptography, the message is sent in the clear to the recipient along with a digitally signed message digest. The recipient generates the same message digest, verifies the received digital signature, generates the message digest for the received message, and then compares the two message digests. If they are the same, the data has not been altered in transmission.