Ariel Shiftan
May 23, 2023
In the modern data-driven world, cryptography plays an integral role in protecting sensitive data for organizations of all sizes. Cryptographic keys help encrypt and decrypt data by enabling the transformation of data from readable plaintext to scrambled ciphertext and vice versa to ensure data has not been tampered with. While such cryptographic keys provide protection from potential attacks, they cannot offer complete assurance against key theft, compromise, or weakening over time.
Given the critical significance of these keys we have to ensure they don’t get lost. Organizations should take proactive measures to secure them and guarantee they continue protecting sensitive data effectively. A recommended practice is regular key rotation - that refers to the process of replacing cryptographic keys at set intervals or following specific events.
In this article, we discuss how key rotations can help maintain a robust security posture, while exploring the implementation steps, challenges and recommended practices for rotating keys and distributing the keys securely.
Key rotation is an indispensable practice of data security that involves regularly changing cryptographic keys used for encryption and decryption of data. By enforcing a limited amount of data to be encrypted with the same key, rotating cryptographic keys reduces consequences from the same key being compromised. This approach eventually helps maintain confidentiality, integrity, and availability while decreasing risks related to unauthorized access of encrypted information.
Unfortunately many people confuse key rotation with re-key and re-encryption, let’s sort it out. Key rotation is the general term for creating a new key and starting to encrypt data with it, while retiring the old key, hence the rotation.
Re-keying, on the other hand, involves changing cryptographic keys in an on-going communication channel like in TLS. However, ‘re-key’ can also be used in non-streaming encryption as a way to say ‘rotate key’.
Re-encryption refers to the process of encrypting previously encrypted data using a new key. However, this operation necessitates decrypting the data with the retired key initially, which results in an undesired performance impact. Moreover, the runtime complications associated with simultaneously serving the data during this process further add to the challenge.
Rotating keys is mostly implemented voluntarily by organizations to maintain strong security measures. It is normally provided as part of cloud providers’ infrastructure. It is becoming a best practice and the recommended way to build systems. In addition, there are also guidelines promoting the use of cryptography and key rotation by different frameworks such as the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), and Payment Card Industry Data Security Standards (PCI-DSS). These frameworks provide guidelines on key management practices to assist organizations maintain data confidentiality while reducing the risks of key compromise to comply with relevant laws or standards.
Cryptographic keys in modern computing play a pivotal role in upholding robust data security and privacy. Cryptographically secure random number generators (CSPRNGs) generate long strings of bits as secure keys which are difficult to predict or reproduce.
For a higher degree of randomness, they utilize different sources such as hardware events or OS randomness as sources of entropy. These keys serve as input parameters of various algorithms and are utilized for various cryptographic operations including encryption, decryption, digital signatures and key exchange.
The two primary categories of cryptographic keys are symmetric and asymmetric keys.
Key management encompasses multiple stages, from key generation and distribution through storage, usage and rotation before being destroyed - each essential for maintaining data security and complying with industry regulations. These are the stages:
There are mostly two popular use cases for encryption in systems today, network protocols (streams) and storage devices (databases, etc). Practically, rotating keys over network protocols is much easier because you don’t need to keep old keys and rotation is done in run time. In mass storage encryption, sometimes you have to keep old keys along with the old data, because re-encrypting everything is heavy on load. Therefore knowing which key to use when decrypting data requires more engineering (keeping key index, for example). Achieving robust key rotation is hard. Google Tink helps doing it right and it’s open source!
Therefore, we’re about to mention a few strategies that should generically capture both cases.
A time-based key rotation approach helps manage cryptographic keys where new keys are generated periodically and replaced with old ones over a predefined period. Keys may be rotated daily, weekly, monthly or as otherwise specified depending on organizational security policy. Granted, in the event a single key is compromised, the attacker cannot access all of the previously encrypted data since it was encrypted using different keys.
Advantages
Implementation Considerations
This key rotation approach helps organizations adapt according to the amount of data or transactions processed using cryptographic keys. Once a key reaches its usage threshold, it is replaced with a new one. This approach ensures that a single key does not encrypt an excessive amount of data, which could otherwise increase the potential impact of a key compromise.
Advantages
Implementation Considerations
Incident-triggered key rotation is typically employed manually when there are indications of possible security breach, suspicious activities or modifications to an organization's risk profile. This strategy helps to quickly mitigate key compromise, replacing potentially compromised keys with new ones quickly and swiftly.
Advantages
Implementation Considerations
Key rotation involves regularly updating cryptographic keys used for encryption and decryption to maintain data confidentiality while mitigating key compromise. It is recommended that keys will be rotated automatically by the system you build, reducing human error in running such a process manually. Common approaches used for rotating keys include:
Symmetric encryption utilizes one shared key for both encryption and decryption purposes, offering easier key rotation at scale. Key rotation in symmetric encryption requires generating a new secret key and securely distributing it to all relevant parties.
In the following example, we demonstrate key rotation using AES algorithms with Python using its cryptography library.
Step 1: Generate a new symmetric key
As the starting point, generate a new symmetric key with a cryptographically secure random number generator using os.urandom(). The new key will then be used to encrypt and decrypt data after the key rotation process is complete.
Executing the script, returns the output:
Step 2: Encrypt the new key
Encrypting the new key before distribution ensures that it remains confidential during transit. The encrypted new key can only be decrypted and used by parties who possess the old key or a dedicated key-encrypting key - a cryptographic key used for encrypting other cryptographic keys to add an additional layer of protection against data loss during transmission.
In our case, we encrypt the new key using the old key with the AES algorithm in GCM mode.
Which returns the output:
Step 3: Securely distribute the encrypted new key
The next step is to securely distribute the new encrypted key to prevent unauthorized access or interception. This typically involves sending the encrypted key and associated metadata (such as the tag, in the case of AES-GCM) through secure communication channels.
It’s important to make sure that TLS is used on the server side and that the client will verify the domain using an official certificate authority (this is normally the default OS behavior). However, using plain TCP/IP communications without TLS might expose the keys in case of a MITM attack. In such cases, implementing certificate pinning to verify the expected domain of the receiver's certificate is vital.
Step 4: Decrypt the new key
Once authorized parties receive the encrypted new key, they can decrypt it using the old key. Post decryption, they should update their encryption systems to use the new key for encrypting and decrypting data. This ensures that all parties maintain the ability to securely communicate with each other using the updated key.
To update the encryption systems of all authorized parties with the new key, use the following script:
Returns the output:
Once the new key is ready to be used, the old key should now be deleted from any storage mediums, backups, or logs where it may have been recorded. Before disposing of the old key, it is important to ensure the encrypted data is migrated to be used by the new key. In Python, you can use the ctypes library to overwrite the memory contents while securely deleting sensitive information from memory.
Asymmetric encryption, commonly referred to as public key cryptography, involves using two keys - public and private keys. Public keys can be freely distributed for others to encrypt data or validate digital signatures, while private keys remain private to their owner and used only for decrypting messages or signing them.
Key rotation in asymmetric encryption involves the following steps:
Step 1: Generate a new key pair
As the initial step, create a new pair of public and private keys to be used with asymmetric encryption. To do so, we are using RSA keys and the Python cryptography library in the example below.
Which generates the new public key as shown below:
Step 2: Sign the new public key with the old private key
Assuming you already have an existing private key (in this example, darwin_old_private_key), you can sign the new public key to establish trust.
Once the new public key is signed, the associated signature should be securely transmitted to authorized parties using secure communication channels, such as TLS or secure messaging protocols.
Step 3: Update systems with the new key pair
On the recipient side, verify the new signed public key using the old public key (in our example, darwin_old_public_key):
Once the new public key is verified, all parties can update their systems with the new public and private keys as necessary.
Step 5: Revoke and delete the old public key
As the last step, update key servers or certificate authorities with the revocation status of the old public key, ensuring that other parties do not mistakenly use the old public key for encryption or signature verification. Following this, delete the old private key using the ctypes library to overwrite the memory contents.
Quick note: As the cryptography library doesn't expose raw key material for RSA keys, ensure that any files or other storage mediums containing the old private key are securely deleted.
You can also utilize your Cloud Service Provider’s (CSP’s) built-in key management systems for key rotation. In most cloud services, Customer Master Keys (CMKs) are used to protect data encryption keys (DEKs). DEKs are actual encryption keys used for data encrypting and decrypting while CMKs add an extra layer of protection by encrypting DEKs. Rotating CMKs helps limit data encryption with one key, subsequently reducing the impact upon potential compromise.
Key rotation through CSP KMS services involves the following steps:
Step 1: Create a new Customer Master Key (CMK)
In this example, while we use Amazon Web Services (AWS) Key Management Service (KMS) and the AWS Command Line Interface (CLI), refer to your respective CSP’s documentation to ensure you follow the right steps for key rotation.
To generate a new CMK in AWS KMS, you can use the create-key command to create a new key that can be used later to replace the old one for encrypting and decrypting data.
Which returns the output:
Step 2: Create an alias for the new CMK
To make it easier to reference the new CMK, you can create an alias using the create-alias command.
Step 3: Re-encrypt data with the new CMK
To re-encrypt data with the new CMK, first decrypt the data using the old CMK and then encrypt it with the new CMK.
Once done, ensure all systems, applications, and services that previously used the old CMK are updated to use the new CMK for encryption and decryption. This may include updating configuration files, environment variables, or application code.
Step 4: Disable and schedule deletion of the old CMK
Once you have successfully re-encrypted all data and updated systems with the new CMK, you can disable and schedule the deletion of the old CMK.
Schedule deletion of the old CMK using the command:
Which returns the output:
Auditing and monitoring key rotation is a crucial aspect of maintaining secure and compliant data encryption practices. The processes collectively involve tracking key-related activities, detecting potential security incidents, and ensuring adherence to organizational policies and industry regulations.
Most key management systems (KMS) and CSPs provide built-in logging capabilities that record key rotation events. These logs help retain data for a predefined period, depending on organizational policies and regulatory requirements to help ensure traceability and facilitate incident response.
Key logs typically contain details about:
While logging is considered one of the foundational elements to audit key operations, monitoring is another crucial aspect that allows for timely detection of potential security incidents or policy violations. Monitoring key rotation can be achieved either by using built-in monitoring tools provided by KMS or CSPs, or by integrating with third-party security information and event management (SIEM) solutions.
Monitoring key rotation should involve identifying unusual key access or usage patterns, detecting potential key compromise or unauthorized attempts to rotate keys, and ensuring that key rotation occurs at specified intervals as defined by organizational policies or regulatory requirements
As organizations grow, scaling a key rotation solution presents its own set of challenges, from managing numerous keys and systems to ensuring secure key distribution and compliance. However, with the right practices, it is possible to overcome such challenges and maintain a robust security posture.
The table below lists various challenges and the recommended practices to overcome them.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Looking forward, as more organizations continue to adopt cloud-based application delivery and other distributed computing models, the importance of key rotation and other key management practices will only increase for stronger data protection. Some key questions, however, will remain pertinent:
With the above questions answered, the crucial aspects of maintaining key-level security can be addressed readily. Remember that even though keys are meant to secure data, they are equally susceptible to targeted attacks and compromise.
CTO & Co-founder
Ariel, despite holding a PhD in Computer Science, doesn't strictly conform to the traditional academic archetype. His heart lies in the realm of hacking, a passion he has nurtured since his early years. As a proficient problem solver, Ariel brings unmatched practicality and resourcefulness to every mission he undertakes.
Increased complexity as the number of keys and systems grow.
Adopt a centralized key management solution such as a Hardware Security Module (HSM) or cloud-based KMS to securely manage and control cryptographic keys at scale.
Ensuring secure and timely key distribution and synchronization at scale.
Automate key rotation processes to maintain synchronization, reduce human intervention, and minimize errors as the system grows.