From the course: Ethical Hacking: Cryptography
Join today to access over 24,500 courses taught by industry experts.
Key management principles
From the course: Ethical Hacking: Cryptography
Key management principles
- [Instructor] We've talked a lot about encryption and decryption keys. Perhaps, one of the more straightforward parts of a crypto system to analyze is the key management principles it implements. There are many phases of a key lifecycle. For example, keys need to be created, backed up or escrowed, deployed, monitored, rotated, expired, archived, and when their lifetime is over, they also must be destroyed at some point. Another component of key management is enforcing consistent policies on who manages the keys and at what level of authorization do they have, which needs to include evidence for auditing and compliance purposes. Any of these phases could represent weaknesses in a crypto system if exploited. There are many companies offering key management solutions today. Regardless of your selection, they must adhere to the following best practices. Exchange and store keys in a secure way. Change and update keys frequently. Leverage key stretching to add computational work. Select…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
