White Paper

PCI-DSS and Crypto

Key Management:
Your guide to confident compliance
and business efficiency with CKMS
 PCI-DSS and Crypto Key Management

Table of Contents

1 Introduction............................................................................................................................... 3

2 PCI-Security Standards.............................................................................................................. 4
2.1 What is the PCI Security Standards Council?.......................................................................... 4
2.2 What is PCI-DSS?...................................................................................................................... 4

3 PCI-DSS and Key Management................................................................................................. 5

3.1 Cryptomathic CKMS................................................................................................................. 5
3.2 CKMS Architecture................................................................................................................... 5

4 How CKMS helps meeting PCI-DSS requirements.................................................................... 7

4.1 Requirement 3 ‘Protect Cardholder Data’ and the capabilities of CKMS.............................. 7
4.2 Detailed PCI requirements related to CKMS capability.......................................................... 8

This document refers to the latest PCI DSS specification v3.2, published in April 2016.

www.cryptomathic.com
2
 PCI-DSS and Crypto Key Management

1 Introduction
PCI-DSS is the payment industry’s standard for the protection of credit/debit cardholder data.
Encryption is the de-facto mechanism for compliant protection of sensitive data, but complexity
and risk can be increased by badly thought-out or implemented encryption schemes.

Encryption inevitably transfers the value of encrypted data to the keys that give access to this
data. A strong and robust Key Management System is needed to manage the relation between
business applications and the cryptographic keys and thus protect these vital assets.

This document provides both a high-level summary of how a Key Management System applies
to PCI-DSS and also a more detailed examination of the specific benefits a centralized and auto-
mated system, i.e. Cryptomathic’s CKMS, can bring to Section/Requirement 3 (Protect Stored
Cardholder Data) of the standard.

Exploring the PCI DSS section 3 requirements in more detail, this document demonstrates how
CKMS is the ideal key management solution for achieving compliance with PCI DSS.

3 www.cryptomathic.com
 PCI-DSS and Crypto Key Management

2 PCI-Security Standards
2.1 What is the PCI Security Standards Council?

The PCI Security Standards Council (PCI SSC) is an organization founded in 2006 by American
Express, Discover, JCB International, MasterCard and Visa Inc.

It promotes Payment Card Industry standards to help protect cardholder data used in payment
systems and payment cards worldwide.

The Council develops and maintains security standards, that merchants, banks, payment proces-
sors, service providers, and technology providers must comply to.

2.2 What is PCI-DSS?

PCI-DSS stands for Payment Card Industry - Data Security Standard. It is the main specification
that gives a framework for a robust payment card data security process.

At a high level, it includes 12 requirements and the corresponding security assessment proce-
dures listed and categorized as followed:

Domain Requirements
Build and Maintain a Secure Network 1. Install and maintain a firewall configuration to protect cardholder data
and Systems
2. Do not use vendor-supplied defaults for system passwords and other
security parameters

Protect Cardholder Data 3. Protect stored cardholder data

4. Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management 5. Protect all systems against malware and regularly update anti-virus soft-
Program ware or programs

6. Develop and maintain secure systems and applications

Implement Strong Access Control 7. Restrict access to cardholder data by business need to know
Measures
8. Identify and authenticate access to system components

9. Restrict physical access to cardholder data

Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data

11. Regularly test security systems and processes

Maintain an Information Security Policy 12. Maintain a policy that addresses information security for all personnel

During a PCI-DSS audit, each requirement is assessed in detail by the auditor.

www.cryptomathic.com
4
 PCI-DSS and Crypto Key Management

3 PCI-DSS and Key Management

The most practical solution to protecting card-holder data is through the use of cryptography
and specifically encryption. For any encryption scheme, the value of the data that’s protected
gets transferred to the cryptographic keys that unlock access to the protected data. These keys
are arguably the most valuable data assets a company has, because the keys protect the data
and access to the data is only possible with the right keys.

For systems that use encryption to comply with PCI-DSS there are specific sections of
Requirement 3 that defines the expected behaviour in relation to ‘key management’ processes
and procedures (see section 4).

While it’s possible to implement key management as a manual process, performed by human
beings following written procedures – these schemes typically scale badly, are vulnerable to
errors and compromise while being expensive to maintain to the required auditable level.

In contrast – centralized and automated key management systems, e.g. CKMS, are designed to
provide integrity and proof-of-behaviour (audit) to processes, reduce risks and cost, and scale
economically to the needs of a business.

3.1 Cryptomathic CKMS

CKMS is a best-in-class key management system which has been developed and designed to
meet the highest requirements of the financial industry and includes direct relevance and appli-
cability to PCI-DSS requirements.

CKMS is used by major banks, card payment schemes, card data processors and bureaus world-
wide, in order to meet the PCI-DSS requirements when dealing with credit and debit cards.

CKMS is directly applicable to the following headline requirements in PCI-DSS (Section 3):

• Two-factor authentication

• Dual control

• Split knowledge

• Entire key-life-cycle management

• MAC’ed audit logs

3.2 CKMS Architecture

CKMS is built on a resilient client-server architecture. The quality and protection of keys is
ensured using a FIPS 140-2 level 3 or higher HSM (Hardware Security Module), with the flexibility
to choose from a variety of vendors.

High availability is ensured through clustering of the servers, database and HSMs. Key man-
agement administration can be performed without restrictions on time or place via an intuitive
graphical user interface (GUI), supported by secure PCI compliant PIN entry devices (PEDs) and

www.cryptomathic.com
5
 PCI-DSS and Crypto Key Management

ICCs for strong authentication. The PEDs also support remote key import/export and key share
printing. Keys are distributed to applications and HSMs in a wide range of formats (key-blocks).
All critical operations are recorded in a tamper-evident audit log.

Remote Users Data Center Secure Key Distribution

CKMS
Java Key Store JCE, Websphere

Key Blocks,
HSMs PKCS#11
Servers
Cloud Apps BYOK, IIS, ADFS

EMV, ATM, POS,

Payment Platforms
Tokenisation,
and Standards BASE24, zOS
HSM DB Cryptomathic CA,
X.509 CAs
EJBCA, MS CA, etc.

CKMS high level architecture

The user-friendly graphical interface provided by CKMS allows security officers to easily manage
keys throughout their life-cycle from generation through rotation, retirement and deletion.

While CKMS can help efficiently comply with specific requirements inside PCI-DSS, there are
additional benefits from the adoption of a world-class key management system.

In summary, CKMS meets all the relevant PCI-DSS requirements around crypto key management
and can help with both a confident compliance to the standard and a general improvement in
the protection of these business-critical assets.

6 www.cryptomathic.com
 PCI-DSS and Crypto Key Management

4 How CKMS helps meeting PCI-DSS requirements

4.1 Requirement 3 ‘Protect Cardholder Data’ and the capabilities of CKMS

Requirement 3 of PCI-DSS is related to the protection of stored cardholder data.

If an attacker circumvents all other security measures (firewall, access control…etc) and still suc-
ceeds in accessing cardholder data, then this data must be unreadable. This is best achieved by
encrypting cardholder data before storing it on files or into databases.

Encryption is the most efficient and secure solution, providing that the cryptographic keys
used for encryption are well protected, controlled and managed. For this, PCI-DSS requirement
includes explicit key management requirements.

Sections 3.5 and 3.6 of PCI-DSS v3.2 list all the detailed requirements around key management that
must be met to achieve PCI-DSS compliance in any system that uses encryption.

3.5 Document and implement procedures to protect keys used to secure stored cardholder
data against disclosure and misuse

3.6 Fully document and implement all key-management processes and procedures for cryp-
tographic keys used for encryption of cardholder data, including the following:

3.6.1 Generation of strong cryptographic keys

3.6.2 Secure cryptographic key distribution

3.6.3 Secure cryptographic key storage

3.6.4 Cryptographic key changes for keys that have reached the end of their crypto-period.

3.6.5 Retirement or replacement of keys

3.6.6 If manual clear-text cryptographic key-management operations are used, these opera-
tions must be managed using split knowledge and dual control.

3.6.7 Prevention of unauthorized substitution of cryptographic keys.

As shown above, both procedures and tools are necessary for:

- Managing the entire cryptographic key life-cycle.

- Distributing and exchanging securely these cryptographic keys.

CKMS can directly be applied to ensure compliance with all these requirements.

www.cryptomathic.com
7
 PCI-DSS and Crypto Key Management

4.2 Detailed PCI requirements related to CKMS capability

The headline requirements of sections 3.5 and 3.6 refer to the need for key management in gen-
eral. Here we expand on the specific subsection requirements in the standard and explain the
role that CKMS can have in demonstrating compliance.

PCI DSS requirement Significance CKMS Solution

Generation of strong cryptographic
keys
[PCI-DSS reference] 3.6.1
Cryptographic keys underpin the security of
any encryption scheme. If the quality of the
keys is poor – meaning there is some predict-
able or non-random aspect to them – the
security of the scheme can be undermined.
COMPLIANT
CKMS uses discrete and specialized hardware - FIPS 140-
2 level 3 or higher compliant HSMs – for the generation
of all critical system and application keys. Key generation
is done by the HSM to ensure the required level of
randomness (entropy).

Secure cryptographic key Once generated – keys need to be delivered COMPLIANT

distribution to the required applications for the purposes
of encrypting or decrypting sensitive data. CKMS supports both manual and automated secure key
3.6.2 distribution.

Manually:

In clear-text key shares: done via CKMS secure PIN-pads.

Encrypted under a Key Encrypting Key (KEK): CKMS

allows exporting or importing encrypted keys from file or
directly on the CKMS PIN-pad.

Automatically:

Keys are distributed encrypted under a KEK via a push

or request protocol. CKMS implements web services
(SOAP and RESTful API) allowing secure and efficient
automated key distribution.

Secure cryptographic key storage
3.6.3
In aggregating a central store of keys, a key
management system provides a treasure
trove of data that can have immense value
to an attacker. The keys must be protected
to a very high standard - both in terms of
protection-from-theft and misuse.
COMPLIANT
CKMS stores keys, encrypted under the HSM master key,
into a database. The key hierarchy implemented into
CKMS allows the renewal of the system keys used to
protect application keys.

8 www.cryptomathic.com

PCI DSS requirement
Cryptographic key changes for keys
that have reached the end of their
crypto-period
3.6.4
Retirement or replacement of keys
3.6.5
If manual clear-text cryptographic
key-management operations are
used, these operations must be
managed using split knowledge
and dual control
3.6.6
Prevention of unauthorized
substitution of cryptographic keys
3.6.7
9
PCI-DSS and Crypto Key Management
Significance
Cryptographic keys have the property that
if over-used they can become weaker. For
example, encrypting a lot of data with single
keys risk the possibility of exposing the key
used – the key material is said to ‘leak’.
For this reason it’s good practice to replace
or ‘rotate’ keys after a predetermined time or
an amount of data that has been processed
by a key. Typical guidelines range from 1 to 3
years for asymmetric cryptography.
In addition to expiration of crypto-period
(above) there are other reasons to change
operational keys. An application may be
retired; there may be reason to believe a
key has been compromised by poor security
practice outside of the control of a key
management system. In every case it will be
necessary to remove a key from use but retain
access to it if required in the future.
Exposing the "clear text" of cryptographic
keys to users is undesirable - there is both
the risk of copying keys for subsequent
misuse and of transcription errors. In some
circumstances, this is unavoidable, e.g. when
importing a key from a legacy system.
It is good practice to procedurally minimise
the exposure of plain text keys.
The obvious threat to a key is of theft or
misuse. However, there is a more subtle
attack where a known key is substituted for
a real key. In this circumstance, an attacker
could then decrypt sensitive data at their
leisure despite other procedures regarding the
secure distribution of a key being followed.
Thus it’s vital that any key management
system prevents substitution of keys and
keeps the integrity of the key profiles and key
values.
CKMS Solution
COMPLIANT
Each key in CKMS has a key profile and an associated
crypto-period, also called key expiration date. CKMS
allows tracking the expiration dates of the keys to plan in
advance their renewal. Automated key renewal of short
life keys is also possible.
COMPLIANT
CKMS can automatically expire keys if an (optional) expi-
ration date is set. An expired key can be automatically
replaced with a new key. Historic (retired) keys are also
easily recoverable if required.
COMPLIANT
CKMS implements a Role Based – Access Control model
for role and user management. It allows to configure
dual control on critical operations.
CKMS enforces safe import processes; enables manage-
ment of keys without any exposure to the plain-text;
enforces ‘dual control’ for all critical operations and pro-
vides an audit of actions in relation to a key.
When exporting or importing keys in components, split
knowledge is ensured. Key custodians from the different
groups can’t see or export key shares they are not
responsible for.
COMPLIANT
Each key in CKMS is defined by its profile and key values
can only be replaced under dual control. The KCV or
fingerprint of the keys is displayed in the GUI.
The integrity of the database is ensured through use
of MACs (Message Authentication Code) techniques –
this prevents the substitution of one encrypted key by
another one.
www.cryptomathic.com
 PCI-DSS and Crypto Key Management

Glossary
API Application Programming Interface

CKMS Crypto Key Management System

FIPS Federal Information Processing Standards

GUI Graphical User Interface

HSM Hardware Security Module

ICC Integrated Circuit Card

KCV Key Check Value

KEK Key Encrypting Key

MAC Message Authentication Code

PCI-DSS Payment Card Industry - Data Security Standard

Disclaimer
PCI SSC Payment Card Industry Security Standards Council
© 2017 Cryptomathic A/S All rights reserved
PED PIN Entry Device
Jægergårdsgade 118, DK-8000 Aarhus C, Denmark
PIN Personal Identification Number
This document is protected by copyright. No part of the document
may be reproduced in any form by any means without prior written
authorization of Cryptomathic.

Information described in this document may be protected by a

pending patent application.

This document is provided “as is” without warranty of any kind.

Cryptomathic may make improvements and/or changes in the product

described in this document at any time. The document is not part
of the documentation for a specific version or release of the product,
but will be updated periodically.

www.cryptomathic.com

ABOUT CRYPTOMATHIC
Cryptomathic is a global provider of secure server solutions to
businesses across a wide range of industry sectors, including banking,
government, technology manufacturing, cloud and mobile. With over
30 years' experience, we provide systems for Authentication & Signing,
EMV and Key Management, through best-of-breed security solutions
and services.
We pride ourselves on strong technical expertise and unique market
knowledge, with 2/3 of employees working in R&D, including an
international team of security experts and a number of world renowned
cryptographers. At the leading edge of security provision within its key
markets, Cryptomathic closely supports its global customer base with
many multinationals as longstanding clients.

10 Learn more at www.cryptomathic.com

v1.1