4.13 Managing Key Material Securely

4.13.1 Problem

You want to minimize the odds of someone getting your raw key material, particularly if they end up with local access to the machine.

4.13.2 Solution

There are a number of things you can do to reduce these risks:

  • Securely erase keys as soon as you have finished using them. Use the spc_memzero( ) function from Recipe 13.2.

  • When you need to store key material, password-protect it, preferably using a scheme to provide encryption and message integrity so that you can detect it if the encrypted key file is ever modified. For example, you can use PBKD2 (see Recipe 4.10) to generate a key from a password and then use that key to encrypt using a mode that also provides integrity, such as CWC (see Recipe 5.10). For secret keys in public key cryptosystems, use PEM-encoding, which affords password protection (see Recipe 7.17).

  • Store differentiating information with your medium- or long-term symmetric keys to make sure you don't reuse keys. (See Recipe 4.11.)

4.13.3 See Also

Recipe 4.10, Recipe 4.11, Recipe 5.10, Recipe 7.17, Recipe 13.2