METHOD FOR LOGGING AND RETRIEVING SECURITY RELATED EVENTS AND AUDITING ENCRYPTION KEYS EMBEDDED IN A CRYPTOGRAPHIC MODULE

MOTOROLA

Technical Developments

METHOD FOR LOGGING AND RETRIEVING SECURITY RELATED EVENTS AND AUDITING ENCRYPTION KEYS EMBEDDED IN A CRYPTOGRAPHIC MODULE

by Ken Fuchs, Don Beyer, Gary Schluckbier and Christopher Perrin

THE PROBLEM

Under certain circumstances, it is desirable to be able to perform an audit on radios that use encryp~ tion to determine the IDs of certain variables (e.g. encryption keys) and the characteristics of those keys (e.g. age of keys, usage of keys). It is also desirable to ascertain the background of security related events that have taken place within the radio, for example the number of attempts at entering a password or the last N sequence of events such as power down, power up and rekey requests.

The ability to audit the crypto module provides the crypto officer or another authority the opportunity to ensure that users are not using old keys, compromised keys or encrypting too much traffic on a single key.

The crypto officer can limit the exposure of certain keys and reduce the chance of compromise by determining if a particular user does not use certain keys and removing their access to those keys.

Finally the officer can verify that a "lost and found" radio was not used for secure transmissions during the period it was lost.

THE SOLUTION

At the present time, key variables are inserted into a crypto module using a Key Variable Loader (KVL) or via Over- The-Air-Rekeying (OTAR) from a Key Management Facility (KMF). The solution involves modifying bo...