CSA CCM CEK-19
Key Compromise

In the world of cryptography, a compromised key is like a skeleton key that's fallen into the wrong hands. While it may seem like game over, there are actually some clever ways to handle these sticky situations. The key (pun intended) is to follow a well-defined process to minimize the damage and keep your data safe.

Where did this come from?

This sage advice comes straight from the CSA Cloud Controls Matrix v4.0.10 - 2023-09-26. You can download the full matrix chock-full of other security goodies at https://cloudsecurityalliance.org/artifacts/cloud-controls-matrix-v4. The matrix was inspired by the collective wisdom of security pros who've been around the block a few times. For some complementary AWS-specific info, check out their encryption docs at https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/introduction.html.

Who should care?

This one's for all the security engineers, compliance officers, and IT managers out there who are in charge of keeping encryption keys under lock and key (literally). If you're responsible for making sure data stays encrypted and secure, this control is right up your alley.

What is the risk?

A compromised encryption key is like giving a burglar the keys to your house. They can waltz right in and help themselves to all your sensitive data. This can lead to data breaches, compliance violations, and some seriously unhappy customers. The good news is that implementing this control can help limit the damage by ensuring compromised keys are properly revoked and only used for controlled decryption.

What's the care factor?

On a scale of "meh" to "drop everything and fix it now", this one leans towards the latter. Compromised keys can quickly snowball into a major security incident if not handled properly. Plus, there are often legal and regulatory requirements around how you handle these situations. So while it may be tempting to sweep it under the rug, it's critical to have a solid process in place.

When is it relevant?

This control comes into play anytime you suspect an encryption key has been compromised. This could be due to anything from an insider threat to a bug in your key management system. It's also relevant when you're designing your overall encryption strategy and need to plan for worst case scenarios. On the flip side, if you're not actually using encryption or if your keys are so well-protected that compromise is near impossible, you may be able to dial back on this a bit.

What are the trade offs?

Implementing a robust key compromise process does require some upfront effort. You'll need to document the process, train your team, and potentially invest in some tools to help automate revocation and notifications. There's also the risk of disrupting legitimate data access if you're too trigger-happy with revocation. But ultimately, the peace of mind and risk reduction is usually worth the cost.

How to make it happen?

Here's a step-by-step guide to nailing your key compromise process:

  1. Document a clear emergency revocation policy that outlines when and how to revoke compromised keys.
  2. Configure your key management system to support a "compromised" key state that prevents encryption but allows decryption.
  3. Set up automated alerts to notify you immediately if a key is marked as compromised.
  4. Maintain a "Compromised Key List" (CKL) that inventories all compromised keys and who was impacted.
  5. Notify impacted stakeholders as soon as possible if their data was encrypted with a compromised key.
  6. Conduct regular audits to proactively identify potential compromised keys before they're exploited.
  7. Use short cryptoperiods to limit the blast radius of a compromised key.
  8. Ensure your key inventory management system is always up-to-date with the latest key states.
  9. Only allow compromised keys to decrypt existing data - never use them to encrypt new data!
  10. Log all activity related to compromised keys for forensics and investigations.

What are some gotchas?

One common pitfall is not having granular enough permissions on your key management system. You'll want to make sure only authorized users can mark a key as compromised and initiate the revocation workflow. In AWS, this means tightly scoping permissions like kms:DescribeKey, kms:DisableKey, kms:EnableKey, kms:PutKeyPolicy etc.

What are the alternatives?

The only real alternative to a key compromise process is to just not use encryption at all. But in most cases, that's not a viable option. You could also explore using techniques like key rotation and envelope encryption to reduce the impact of a single compromised key.

Explore further

For the overachievers out there, check out CIS Controls v8 Section 3 "Data Protection" which dives deeper into encryption best practices. NIST SP 800-57 Part 1 Rev 5 is also a great resource for all things crypto. And if you really want to geek out, the AWS Cryptography Tools docs (https://docs.aws.amazon.com/crypto/latest/userguide/awscryp-service-toplevel.html) are a treasure trove of technical details.

Blog

Learn cloud security with our research blog

Your queues, your responsibility
August 20, 2024
Things you wish you didn't need to know about S3
May 30, 2024
S3 Bucket Encryption Doesn't Work The Way You Think It Works
April 19, 2024
Read more