Design and Implementation of a Key-Lifecycle Management System

Key management is the Achilles' heel of cryptography. This work presents a novel Key-Lifecycle Management System (KLMS), which
addresses two issues that have not been addressed comprehensively so far.

First, KLMS introduces a pattern-based method to simplify and to automate the deployment task for keys and certificates, i.e., the task of associating them with endpoints that use them. Currently, the best practice is often a manual process, which does not scale and suffers from human errors. Our approach eliminates these problems and takes into account specifically the lifecycle of keys and certificates. The result is a centralized, scalable system, addressing the current demand for automation of key management.

Second, KLMS provides a novel form of strict access control to keys and realizes the first cryptographically sound and secure access-control policy for a key-management interface. Strict access control takes into account the cryptographic semantics of certain key-management operations (such as key wrapping and key derivation) to prevent attacks through the interface, which plagued earlier key-management interfaces with less sophisticated access control.

Moreover, KLMS addresses the needs of a variety of different applications and endpoints, and includes an interface to the Key Management Interoperability Protocol (KMIP) that is currently under standardization.

A revised and condensed version of this report appears in: "Financial Cryptography and Data Security," Proc. Fourteenth Intl Conf. on Financial Cryptography and Data Security '10 "FC'10," Tenerife, Spain, Lecture Notes in Computer Science, vol. 6052 (Springer-Verlag, Berlin Heidelberg, January 2010), 160-174.

By: Mathias Bjoerkqvist, Christian Cachin, Robert Haas, Xiao-Yu Hu, Anil Kurmus, Rene Pawlitzek, and Marko Vukolic

Published in: RZ3739 in 2009


This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.


Questions about this service can be mailed to .