AAA and Network Security for Mobile Access: Radius, Diameter, EAP, PKI and IP Mobility by Mahsa Nakhjiri, Madjid Nakhjiri

3.1. Key Management Taxonomy

Before getting into the actual discussion of key management methodology, it is useful to go through the fundamental terminology for key management.

3.1.1. Key Management Terminology

The NIST key management guidelines provide a comprehensive glossary along with a list of 22 different key usage scenarios, each including a separate terminology. In the following, we provide a short excerpt of that glossary (in alphabetical order) in a way that serves our discussions within this book.

Cryptographic key: A parameter, used in conjunction with a cryptographic algorithm to perform any of the following, is considered a cryptographic key:

• Transformation of plaintext data into ciphertext and vice versa.

• Computation of a digital signature from data and verification of digital signature from data.

• Computation of an authentication code from data.

• Derivation of the keying material to be used by another cryptographic process.

Cryptoperiod: The period of time (typically a start and an end date) over which a specific key is valid for use within a given system or in conjunction with an application.

Ephemeral key: A short-lived cryptographic key that is unique to each execution of a key establishment process as opposed to long-term secrets that can be used for multiple executions or procedures.

Group keys: Keys shared by all the members of a trusted group. This is in contrast to pairwise keys (see following text), only used by the peers in a pair. A pairwise key hierarchy versus ...