Tokyo Technical Seminar Systems Committee

1
Tokyo Technical SeminarSystems Committee Key
Management
Ian Maddocks Product Manager, Thales e-Security
2
Purpose

• What is the problem ?
• What is Key Management ?
• Who needs a Key Management System ?
• Why is GlobalPlatform specifying standards ?

3
Key Management, what does it mean?

• Managing cryptographic keys and/or certificates
• Key exchange between systems (import / export)
• Standardising on key exchange will aid
  interoperability
• Standardisation
• Simplifies customers buying decision
• Lifetime control of usage
• Key separation
• Key usage control
• Key lifecycle control
• and all this has to be done securely

4
The Key Management Problem

• What is the size of the problem ?
• As Card Application complexity increases
• so does the amount of key management

Multi Apps / Delegated Mgmt.
Card AppComplexity
Single App
of Keys Key Owners
5
Who needs Key Management ?

• Anyone who needs to generate and/or share keys
  with other GP systems
• IC Manufacturer
• Card Enabler
• Card Issuer
• Application Provider
• Application Loader

6
What is a Key Management System ?

• A secure place for key storage
• The interface or service used by GP compliant
  Systems to manage keys
• either stand-alone
• or integrated
• Requires crypto hardware for its operation
• Its usage is embedded in the profile

KMS
KMS
AppLoader
IC Manufacturer
7
What is a Key Management System ?

• Components of a KMS
• Computer system API and GUI
• Database key storage
• HSM Secrecy and integrity
• Interfaces
• API Exchange, Define, Generate
• Initial key exchange
• Human Interface
• Transport
• Procedures
• Encrypted keyexchange

DB
HSM
8
Key Owners

• Key Owner is the authority that
• sets the usage of the key
• may generate key
• Examples of owners are
• IC Manufactures
• Card Issuers
• Application Providers
• Key Owner specifies Usage of their keys
• using Key Profile

9
GlobalPlatform KMS Key Profile
Profile

• Blank Key Profile
• Exchange of Usage
• Exchange of Key Components
• Exchange of Key under TK

ProfileID
ProfileVn
KeyVn
SenderID
ReceiverID
Key
Key Check Value
Usage
TransportKeyID
10
Usage Control

• Controlled by the restriction of generic
  operations, such as
• Encrypt
• Decrypt
• Wrap
• Unwrap
• Start End dates, etc.

• Derive
• Generate
• Sign
• Verify

11
GP KMS Documents

• Functional Requirements
• Specifies the minimum requirements of a GP KMS
• Use cases for
• GP Card
• EMV Application
• Key Profile
• Key Exchange wrapper and usage control
• Shared to Scripting Profile working group
• for inclusion in Profile Specifications

12
Summary

• Purpose of KMS is to enable interoperability of
  keys
• Provide a secure environment to generate and
  store keys
• Define framework for keys to be controlled
• Human procedures and computer systems
• KMS specifications generic to deal with multi-app
  support

13
Acronyms

• DB Database
• EMV Europay, Visa, MasterCard,
• GP GlobalPlatform
• GUI Graphical User Interface
• HSM Hardware Security Module
• IC Integrated Circuit
• KMS Key Management System
• TK Transport Key