• Choose a category
• All
• Classic-Fiction

Checking the status of suspended keys is accomplished by checking with the certificate server or by using other mechanisms. In a PKI system, a CRL would be checked to determine the status of a certificate. This process can occur automatically or manually. Most key or certificate management systems provide a mechanism to report the status of a key or certificate.

Key management systems use the same general process when checking the status of keys. The Security+ exam distinguishes between status checking for suspension and revocation. The major difference is that a revoked key can’t be used again, whereas the status of a suspended key can be changed to allow the key to be used again. Once a key is revoked, a new key is required.

Recovering and Archiving Keys

One of the problems with a key-based system is that older information, unless processed with a new key, may become inaccessible. For example, if you have a two-year-old file on your system and it’s still encrypted, will you remember which key was used to encrypt it two years ago? If you’re like most people, you won’t. If you can’t decrypt the data, it’s useless.

To deal with this problem, archiving old keys is essential: Any time a user or key generator creates and issues a key, the key must also be sent to the key archive system. This is most easily done on a server that offers secure storage. Older keys can be stored and retrieved when necessary. Figure 7.27 illustrates this relationship with a CA. This server requires strong physical security and at least the same security as the key-generating system.

FIGURE 7.27 The key archival system

Key recovery is an important part of an encryption system. Information that is stored using older keys will be inaccessible using a new key. Key recovery allows you to access information that is encrypted with older keys. For example, key recovery could be used to retrieve information from an ex-employee. Three different factors must be considered when implementing a key archival system:

Current keys Current keys are the keys in use at the present time. They haven’t been revoked. In the event that a current key becomes lost, destroyed, or damaged, you need a way to recover the key so that data loss doesn’t occur. A smart card can also become damaged, and a method must be established to reload the card with key information.

If the current key isn’t recoverable, all information that was encrypted using it will be unavailable. This type of data loss could be expensive. Some newer systems allow the creation of “virtual” smart cards that can be used temporarily to initialize a new card. This card would generally be good only for a short period of time, such as during a work shift.

This process should be relatively easy for administrators to manage because people do forget to bring their authentication devices to work from time to time.

Previous Keys Previous keys have recently expired and are no longer current. An employee who comes to work today may not know that a key rollover has occurred until they try to open yesterday’s e-mail. Depending on what’s in the e-mail, this could be a disaster. Many newer systems keep copies of recent keys in a key store on the system; this key store may contain the last two or three keys. If a local key store isn’t provided, a key restoration process will be required from the archive system. Again, this may involve manual intervention by administrators.

Archived keys Archived keys were discussed earlier. You should expect that older messages will be needed from time to time. This is especially true in a situation where litigation is involved; during the discovery phase of litigation, all records, correspondence, and memoranda must be presented to attorneys when subpoenaed. Failure to comply will result in sanctions from the court. Imagine that you had to access all the e-mails and files from a particular department for the last five years; it would be a very labor-intensive