Design and Implementation of a Key-Lifecycle Management System

  • Mathias Björkqvist
  • Christian Cachin
  • Robert Haas
  • Xiao-Yu Hu
  • Anil Kurmus
  • René Pawlitzek
  • Marko Vukolić
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6052)


Key management is the Achilles’ heel of cryptography. This work presents a novel Key-Lifecycle Management System (KLMS), which addresses two issues that have not been addressed comprehensively so far.

First, KLMS introduces a pattern-based method to simplify and to automate the deployment task for keys and certificates, i.e., the task of associating them with endpoints that use them. Currently, the best practice is often a manual process, which does not scale and suffers from human error. Our approach eliminates these problems and specifically takes into account the lifecycle of keys and certificates. The result is a centralized, scalable system, addressing the current demand for automation of key management.

Second, KLMS provides a novel form of strict access control to keys and realizes the first cryptographically sound and secure access-control policy for a key-management interface. Strict access control takes into account the cryptographic semantics of certain key-management operations (such as key wrapping and key derivation) to prevent attacks through the interface, which plagued earlier key-management interfaces with less sophisticated access control.

Moreover, KLMS addresses the needs of a variety of different applications and endpoints, and includes an interface to the Key Management Interoperability Protocol (KMIP) that is currently under standardization.


Access Control Trust Platform Module Object List Deployment Pattern Deployment Policy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. ACM Transactions on Computer Systems 1(3), 239–248 (1983)CrossRefGoogle Scholar
  2. 2.
    Anderson, R., Bond, M., Clulow, J., Skorobogatov, S.: Cryptographic processors — a survey. Proceedings of the IEEE 94(2), 357–369 (2006)CrossRefGoogle Scholar
  3. 3.
    Arnold, W., Eilam, T., Kalantar, M.H., Konstantinou, A.V., Totok, A.: Pattern based SOA deployment. In: Krämer, B.J., Lin, K.-J., Narasimhan, P. (eds.) ICSOC 2007. LNCS, vol. 4749, pp. 1–12. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  4. 4.
    Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: Recommendation for key management. NIST special publication 800-57, National Institute of Standards and Technology, NIST (2007)Google Scholar
  5. 5.
    BITS Security Working Group, Enterprise key management. Whitepaper, BITS Financial Services Roundtable (2008)Google Scholar
  6. 6.
    Björkqvist, M., Cachin, C., Haas, R., Hu, X.-Y., Kurmus, A., Pawlitzek, R., Vukolić, M.: Design and implementation of a key-lifecycle management system. In: Research Report RZ 3739, IBM Research (June 2009)Google Scholar
  7. 7.
    Bond, M.: Attacks on cryptoprocessor transaction sets. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 220–234. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Cachin, C., Chandran, N.: A secure cryptographic token interface. In: Proc. Computer Security Foundations Symposium (CSF-22). IEEE, Los Alamitos (2009)Google Scholar
  9. 9.
    Clulow, J.: On the security of PKCS#11. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 411–425. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Cover pages: Cryptographic key management (2009),
  11. 11.
    Delaune, S., Kremer, S., Steel, G.: Formal analysis of PKCS#11. In: Proc. Computer Security Foundations Symposium (CSF-21). IEEE, Los Alamitos (2008)Google Scholar
  12. 12.
    Dworkin, M.: Recommendation for block cipher modes of operation: Galois/Counter Mode (GCM) and GMAC. In: NIST special publication 800-38D, National Institute of Standards and Technology, NIST (2003)Google Scholar
  13. 13.
    Dyer, J.G., Lindemann, M., Perez, R., Sailer, R., van Doorn, L., Smith, S.W., Weingart, S.: Building the IBM 4758 secure coprocessor. IEEE Computer 34(10), 57–66 (2001)Google Scholar
  14. 14.
  15. 15.
    International Business Machines Corp., CCA Basic Services Reference and Guide for the IBM 4758 PCI and IBM 4764 PCI-X Cryptographic Coprocessors (2008)Google Scholar
  16. 16.
    OASIS Key Management Interoperability Protocol Technical Committee, Key Management Interoperability Protocol (2009)Google Scholar
  17. 17.
    RSA Laboratories, PKCS #11 v2.20: Cryptographic Token Interface Standard (2004),
  18. 18.
    Trusted Computing Group, “Trusted platform module specifications (2008),
  19. 19.
    Whiting, D., Housley, R., Ferguson, N.: Counter with CBC-MAC (CCM). RFC 3610 (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Mathias Björkqvist
    • 1
  • Christian Cachin
    • 1
  • Robert Haas
    • 1
  • Xiao-Yu Hu
    • 1
  • Anil Kurmus
    • 1
  • René Pawlitzek
    • 1
  • Marko Vukolić
    • 1
  1. 1.IBM ResearchZurich

Personalised recommendations