[PCI DSS 1.x] 3.6.2 Secure cryptographic key distribution

[PCI-DSS] 3.6.2 Secure cryptographic key distribution

3.6.2 Verify that key-management procedures are implemented to require secure key distribution.

The following is a sample set of encryption key management procedures for a fictitious application. These can be used as a guide to create encryption key management documentation for other applications that would be compliant with PCI DSS requirement 3.6.

[FONT=monospace]I cannot understand one thing connected to this and to 3.6.6 Split knowledge and establishment of dual control of cryptographic keys[/FONT].

The master key is encrypted with a passwords in two parts that are only known from different persons. But when the application starts this two parts should be provided. How? Do they need a physical access to one and the same terminal? Or to have secure connection one after another?

So lets suppose the two parts of the password for the master key is provided in some way to the application. Then can the application keep this password in the memory and use it every time it needs to decrypt the master key? Or does it need to decrypt the master key only once and then keep it clear in memory? Or does it needs to decrypt all real data encryption keys and keep them in memory?

What about automatic restarts?

The application I have in my mind is Web server so it runs all the time but some times it needs to be restarted (for example we had some crashes of the JVM in the night).

I hope someone with better knoweadge can answer this? We expect soon to go to the procedure of certification for PCI-DSS but we are not sure about this questions.

Best regards,

Master Key

The sample policy in the post just before yours is pretty not bad. The Master Encryption Key (or Key Encrypting Key) should never be in the clear at all. If you read the sample policy from the post before yours it says “unreadable format.” The master key needs to not be openly visible if someone were to compromise the machine in some way. Obviously it needs to be used to decrypt the various data encryption keys, so you will need to use some method of obfuscation within your application.

The method of entering the two parts of the password is not set in stone - each person entering part at one terminal or from separate apps are each fine. The point is to keep the separation. And yes, they will need to do this for each restart.

I’m wondering if anybody can explain to me, or point me in the direction of a resource, what is the bare minimum for meeting this requirement? I think understanding that line will give me a better idea of what’s expected.

I really have very little idea of what is meant by secure key distribution, and I gather form the discussion in this thread that it means “you have to have a master key which decrypts your data keys, and the master key must follow all the other rules about key storage”.

But does the actual definition of “key distribution” really mean all that? Is key distribution not just “the method by which a key is chosen”? Is all this business about master keys implied when they say SECURE key distribution?