Key (Cryptovariable) Management

All secrecy should reside in the keys
- (Kerckhoff’s Maxim, over 100 years old).

Many tradeoffs:
- long term vs. short term
- communications vs. storage
- secure vs. easy to remember
- personal vs. corporate vs. recoverable

Keep them secret!

Remember them!

Previous slide Next slide Back to first slide View graphic version

Notes:

That “all secrecy should reside in the key” is Kerckhoff’s Maxim.

The best way to decide among the tradeoffs is by understanding the threats. More on this later.

When keeping something secret, assign a value to what is being protected, and protect the key “that much”. As the thing gets more valuable, use a better key. DES encryption is probably fine for most of our love letters (perhaps not Bill Clinton’s though).

Then again, stronger keys don’t cost much (except to manage them, or export them).

When keeping something secret, assign a cost to losing it… then make sure you put that amount of effort into remembering the key. Corporate key recovery really does make some sense.

Key (Cryptovariable) Management

All secrecy should reside in the keys

Many tradeoffs:

Keep them secret!

Remember them!