Key Management Techniques

  • Walter Fumy
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1528)


Security services based on cryptographic mechanisms assume cryptographic keys to be available to the communicating parties prior to secure communications. Key management techniques depend on the underlying cryptographic techniques, the intended use of the keys and the security policy in use. This article describes such techniques, and especially a variety of key establishment mechanisms. In addition, relevant standardization activities are discussed.


Symmetric Technique Data Origin Authentication 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AnRo97]
    Anderson, R. J.; Roe, M.: „The GCHQ protocol and its problems“, Proceedings of Eurocrypt’97, Springer LNCS 1233 (1997), 134–148.Google Scholar
  2. [ANSIX9.17]
    ANSI X9.17-1985: Financial Institution Key Management (Wholesale), 1985.Google Scholar
  3. [ANSIX9.24]
    ANSI X9.24-1992: Financial Services Retail Key Management, 1992.Google Scholar
  4. [ANSIX9.42]
    ANSI Working Draft X9.42: Public Key Cryptography for the Financial Services Industry-Managing of Symmetric Algorithm Keys Using Diffie Hellman, 1996.Google Scholar
  5. [ANSIX9.57]
    ANSI Working Draft X9.57: Public Key Cryptography for the Financial Services Industry-Certificate Management, 1995.Google Scholar
  6. [DeBr96]
    Denning, D. E.; Branstad, D. K.: „A taxonomy for key escrow encryption systems“, Communications of the ACM, 39(3) (1996), 33–40.CrossRefGoogle Scholar
  7. [DiHe76]
    Diffie, W.; Hellman, M. E.: „New Directions in Cryptography“, IEEE Transactions on Information Theory, 22 (1976), 644–654.zbMATHCrossRefMathSciNetGoogle Scholar
  8. [FKKD96]
    Freier, A. O.; Karlton, P.; Kocher, P. C.; Dierks, T.: „The TLS Protocol, Version 1.0“, Internet-Draft, November 1996.Google Scholar
  9. [Fu97]
    Fumy, W. „Internet Security Protocols“, this volume, pp. 188–211.Google Scholar
  10. [Hug96]
    Hughes, J.: „Combined DES-CBC, HMAC and Replay Prevention Security Transform“, Internet-Draft, September 1996.Google Scholar
  11. [IEEE.
    1363] IEEE P1363: Standard for Public Key Cryptography, Draft March 1997.Google Scholar
  12. [ISO.
    11666-1] ISO/TEC 11666-1: Banking-Key Management by Means of Asymmetric Algorithms-Part 1: Principles, Procedures and Formats, 1994.Google Scholar
  13. [ISO.
    11666-2] ISO/IEC 11666-2: Banking-Key Management by Means of Asymmetric Algorithms-Part 2: Approved Algorithms Using the RSA Cryptosystem, 1995.Google Scholar
  14. [ISO11568-1]
    ISO/IEC 11568-1: Banking-Key Management (Retail)-Part 1: Introduction to Key Management, 1994.Google Scholar
  15. [ISO.
    11568-2] ISO/IEC 11568-2: Banking-Key Management (Retail)-Part 2: Key Management Techniques for Symmetric Ciphers, 1994.Google Scholar
  16. [ISO11568-3]
    ISO/IEC 11568-3: Banking-Key Management (Retail)-Part 3: Key Life Cycle for Symmetric Ciphers, 1994.Google Scholar
  17. [ISO.
    11568-4] ISO/IEC Draft International Standard 11568-4: Banking-Key Management (Retail)-Part 4: Key Management Techniques Using Public Key Cryptography, 1996.Google Scholar
  18. [ISO11770-1]
    ISO/IEC 11770-1: Key Management Part 1: Key Management Framework, 1997.Google Scholar
  19. [ISO.
    11770-2] ISO/IEC 11770-2: Key Management Part 2: Mechanisms Using Symmetric Techniques, 1996.Google Scholar
  20. [ISO11770-3]
    ISO/IEC Draft International Standard 11770-3: Key Management Part 3: Mechanisms Using Symmetric Techniques, 1996.Google Scholar
  21. [ISO9798-4]
    ISO/IEC 9798-4: Entity Authentication-Part 4: Mechanisms using cryptographic check functions, 1995.Google Scholar
  22. [JMW96]
    Jefferies, N.; Mitchell, C; Walker, M.: „A proposed architecture for trusted third party services“, in: Cryptography: Policy and Algorithms. Springer LNCS 1029 (1996), 98–104.CrossRefGoogle Scholar
  23. [MSST97]
    Maughan, D.; Schertler, M.; Schneider, M.; Turner, J.: „Internet Security Association and Key Management Protocol (ISAKMP)“, Internet-Draft, February 1997.Google Scholar
  24. [MVV96]
    Menezes, A.J.; van Oorschot, P.C.; Vanstone, S.A.: Handbook of Applied Cryptography, CRC Press, Boca Raton, 1996.Google Scholar
  25. [NeSc78]
    Needham, R.M.; Schroeder, M.D.: „Using Encryption for Authentication in Large Networks of Computers“, Communications of the ACM, 21 (1978), 993–999.zbMATHCrossRefGoogle Scholar
  26. [Orm96]
    Orman, H.K.: „The Oakley Key Determination Protocol“, Internet-Draft, May 1996.Google Scholar
  27. [RSA78]
    Rivest, R.L.; Shamir, A.; Adleman, L.: „A Method for Obtaining Digital Signatures and Public-Key Cryptosystems“, Communications of the ACM 21 (1978), 120–126.zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Walter Fumy
    • 1
  1. 1.Siemens AGCorporate Technology - Security TechnologiesMunichGermany

Personalised recommendations