Scenario: Cloning a DES or PKA master key
The steps to clone a data encryption standard (DES) or public key algorithm (PKA) master key from one coprocessor to another.
Understanding and managing master keysin the IBM CCA Basic Services Reference and Guide for the IBM® 4765 PCIe and 4764 PCI-X Cryptographic Coprocessors manual. The section Cloning a master key provides a step-by-step procedure that you can follow. The background information that allows to vary the procedure is described in this section.
- The master key source node.
- The master key target node.
- The share administration (SA) node. The SA node can either be the source or the target node.
The CNM utility can store various data items that are involved in this process in a database that you can carry (diskette) or transfer (FTP) between the different nodes. One database issa.db that is the default, and contains the information about the SA key and keys that is certified. The target node where the master key is cloned also has a database that is known by default as the csr.db.
- Start the CCA Node Management utility by entering the csufcnm command. The CNM utility logo and the main window are displayed.
- Set up the nodes in a secure manner with access control roles,
user profiles, and master keys.
You need a role and one or more user profiles at the source and target nodes for each user who obtains or store shares. Processing of shares is done by a separate command so that, if you want, your roles can ensure that independent individuals are involved with obtaining and installing the different shares.
Consider the use of random master key generation and roles that enforce a dual control security policy. For example, allow one individual or role to register a hash and another individual or role to register a public key. Select different individual or role for obtaining and installing the individual shares of the master key.
See the guidance section in the IBM CCA Basic Services Reference and Guide for the IBM 4765 PCIe and 4764 PCI-X Cryptographic Coprocessors manual for the description of the Master_Key_Process and the Master_Key_Distribute verbs.
- Install a unique 1 - 16 byte environment ID (EID) of your choice
into each node.
From the Crypto Node menu, click Set Environment ID, enter the identifier, and click Load. Use only these characters in an EID: A - Z, a - z, 0 - 9, and @, (X'40'), space character (X'20'), &, (X'26'), and =, (X'3D').
You must enter a full 16-character identifier. For short identifiers, complete the entry with space characters.
- Initialize the master key sharing m and n values in the source
and target nodes. These values must be the same in the source and
the target nodes. The value n is the maximum number of shares while
m is the minimum number of shares that must be installed to reconstitute
the master key in the target node.
From the Crypto Node menu, click , enter the values, and click Load.
- At the different nodes, generate these keys and have each public
key that is certified by the SA key. You can use the utility's sa.db database
to transport the keys and the certificates.
- Share administration (SA)
- This key is used to certify itself and the following keys. You
must register the hash of the SA public key, and the public key itself,
in the SA, source, and target nodes.
After the SA key is created, the utility supplies an 8 byte or 16-hexadecimal character value that is a portion of the hash of the SA key. Be sure to retain a copy of this value. You need this value to confirm the hash value that is recorded in the database to register the SA public key at the source and target nodes.
- Coprocessor Share Signing (CSS)
- This key is used to sign shares that are distributed from the source node. The private key is retained within the source node.
- Coprocessor Share Receiving (CSR)
- This key is used to receive a share-encrypting key into the target node. The SA certified public CSR key is used at the source node to wrap (encrypt) the share encrypting key that is unique for each share. The private key is retained within the target node.
- Generate the Key Pairs: SA, CSS, and CSR
- From the Crypto Node menu, click . Click the , , or . Click .
You must supply key labels for the CSS and CSR keys that are retained in the source and target nodes, for example, IBM4765.CLONING.CSS.KEY and IBM4765.CLONING.CSR.KEY. The labels that you use must not conflict with other key labels that are used in your applications.
To generate the CSR key at the share-receiving node, you must obtain the serial number of the coprocessor. From the , click . You must enter the serial number value to certify the CSR key.
- Register the SA public key in the coprocessor at the SA, source,
and target nodes. This process is a two-step process that must be
done under a dual control security policy.
One individual installs the SA public key hash. From the menu, click , and click SA Key hash. You must enter the hash value that is obtained during SA key creation.
The other individual installs the actual SA public key. From the Crypto Nodemenu, click , and click SA Key. By default, the public key information is in the sa.db file.
- Take the CSS key and the CSR key to the SA node and have the keys
that are certified.
From the Crypto Node drop-down menu, select , , or .
For the CSR key, you must supply the serial number of the target coprocessor as a procedural check that an appropriate key is being certified. Your procedures must include communicating this information in a reliable manner.
- At the source node, the authorized individuals must sign on to
the role that allows them to obtain their shares. At least m shares
must be obtained. These shares are of the current master-key.
From the Crypto Node menu, click , and enter the share number to be obtained. Observe the serial numbers and database identifiers. When these shares are in agreement, click Get Share. The share information must be placed by default into the csr.db file and obtains the CSR key certificate, by default, from the sa.db file.
Obtain current-master-key validation information for use later at the target node. From the Master Key menu, click . Click Current.
- At the target node, the authorized individuals must sign on to
the role that allows each of them to install their share. At least
m shares must be installed to reconstitute the master key into the
new master-key register.
From the Crypto Nodemenu, click , and select the share number to be installed. Verify that the serial numbers and database identifiers are correct and then click Observe the serial numbers and database identifiers. When these shares are agreed to be correct, click Get Share. At the target node, the authorized individuals must sign on to the role that allows the individuals to install their share. The share information is obtained by default from the csr.db file and the CSS key certificate is obtained by default from the sa.db file. If your server has multiple cryptographic coprocessors that are loaded with CCA, the coprocessors must have identical master keys that are installed for the functioning of key storage.
When m shares are loaded, verify that the key in the new master-key register is the same as the current master key in the source node when the shares were obtained. On the target node, from the Master Key menu, click .
- When it is confirmed through master key verification that the master key is cloned, an authorized individual can set the master key. This action deletes any old master key and moves the current master key to the old master key register. Application programs that use keys encrypted by the master key can be impacted by this change, so ensure that setting of the master key is coordinated with the needs of your application programs.
- From the Master Keymenu, click .