Activate keys

This topic describes how to activate encryption keys.

To activate a usage key triplet, the two passphrases must be entered into the Safer Payments user interface.

  1. Assuming you are the left key holder, log in.
  2. The Safer Payments user interface opens and the General Settings for the left key user are displayed.
  3. Click Administration. The Key management > Encryption keys form displays.
  4. In the Master Keys section, click the row of the master key instance you want to activate.
  5. In the Encryption Keys section, click the row of the key instance you want to activate.
    This image is explained in the surrounding text.
  6. In the Left key field, enter your key and repeat it for verification.
  7. Click the save (Save) icon.
  8. Repeat the steps above for the right key holder.
  9. The user who has the global privilege to activate key triplets must log in and go to Administration > Encryption keys.
    Note: The global privilege to activate usage key triplets can be granted to the key holders or any other user.
  10. In the Encryption Key Entry section, click the activate keys (Activate key) icon.

You can prepare more than one key for activation, and users with respective privileges can switch between them by activating a key.

If a key is revoked, the key file is automatically securely erased on all Safer Payments instances in a cluster. The revoked key is also added to the no-fly list to ensure that this key cannot be active again in Safer Payments.

Safer Payments instances in a cluster share the passphrases over their encrypted network connection (ECI). The private triplet subkey of the usage key triplet is transferred manually by the operator. Therefore, the private key and the public keys never travel together on the same medium. Thus, spying out only one of the channels does not deliver sufficient information to decrypt Safer Payments.

Because Safer Payments instances share the public keys, the key holders do not have to enter them each time a Safer Payments instance is started. If one Safer Payments instance is still running in the cluster, passphrases do not have to be reentered. Only when you start the first Safer Payments instance, passphrases must be entered.

You can simultaneously start all Safer Payments instances because in key-entry mode the user interface is partially active to allow for key entry. When keys are entered on any Safer Payments instance of the cluster, they are shared within the cluster and the Safer Payments instances start. This might take a few minutes.

Note: A key is automatically deactivated, if you activate another key.

Precautions and possible errors

  • If you use a Flash-based portable memory device, which most USB sticks or SD cards are, it is difficult to securely erase data from them. Therefore, you must store the portable memory device in a safe location for the entire duration of the master key being valid. If you ever need to erase the master key on such a portable memory device, the safest way is physical destruction.
  • If Safer Payments cannot locate the revoked_keys.iris file during startup, or if the file is tampered with, Safer Payments creates a log message and shuts down immediately.
  • If Safer Payments finds an active key that is on the no-fly list, Safer Payments securely deletes the key from the key subdirectory and shuts down immediately. If the key is not active, Safer Payments creates a log message, securely deletes the key from the key subdirectory, and continues with startup.
  • If you run a key reload from the Encryption Keys page of the Safer Payments user interface, the following problems can occur:
    • If Safer Payments cannot locate the revoked_keys.iris file, or the file is tampered with, an error message on the user interface and a log message are created, reloading is stopped, yet operations resume.
    • If Safer Payments finds keys that are on the no-fly list, the keys are securely deleted from the key subdirectory, an error message on the user interface and a log message are created.