CSA CCM CEK-10
Key Generation

In the world of cryptography, your keys are like your most precious belongings – you really don't want them falling into the wrong hands! That's why the Cloud Security Alliance Cloud Controls Matrix (CCM) lays out some sage advice on how to generate your keys the right way. By using industry-standard crypto libraries, cranking up the algorithm strength, and leveraging high-quality random number generators, you can make sure your keys are as solid as a rock.

Where did this come from?

This little gem of a control comes straight from the CSA Cloud Controls Matrix v4.0.10, hot off the presses on 2023-09-26. You can grab yourself a copy of the full CCM goodness at https://cloudsecurityalliance.org/artifacts/cloud-controls-matrix-v4. The CCM is pretty much the bee's knees when it comes to cloud security frameworks – it's the go-to for keeping your cloud assets locked down tight. If you want to dive deeper into what makes the CCM so awesome, check out the overview and guidance material: https://cloudsecurityalliance.org/research/cloud-controls-matrix/

Who should care?

If you're one of these fine folks, listen up:

  • Cryptography engineers who spend their days wrangling encryption algorithms
  • Security architects responsible for making sure the whole encryption shebang hangs together
  • Compliance officers keeping everything above board and regulation-friendly
  • Developers elbow-deep in encryption library code

This control is your new best friend!

What is the risk?

Here's the thing – if your key generation game is weak, your whole crypto castle comes crumbling down. You could end up with:

  • Attackers playing "guess the key" and making off with your secret stash
  • Keys having awkward identity crises and colliding with each other
  • Random numbers that aren't so random after all, making keys way too easy to crack

Sure, these nightmare scenarios might not happen every day, but if they do, you're gonna have a bad time. We're talking serious amounts of private data flapping in the breeze. But fear not – slapping this CCM control on your key generation process slashes the chances of things going sideways.

What's the care factor?

In a word – skyscraper high! This control should be right at the tippy top of your security to-do list. See, crypto is the backbone of so many other security bits and bobs. If your keys are toast, everything else may as well be too. Nailing the key generation piece is like making sure you've got a solid foundation before you start building the walls. Skimp on this and the rest of your crypto efforts are basically pointless.

When is it relevant?

Whip out this control anytime you're in the key generation zone, like when you're:

  • Spinning up some shiny new crypto systems or apps
  • Rotating your keys to keep things fresh
  • Kicking compromised keys to the curb and rolling out replacements

Key generation may be less relevant for use cases that do not involve highly sensitive data, or that employ other mitigating security controls.

What are the trade-offs?

Proper key generation does require some additional effort compared to ad-hoc approaches:

  • Key generation should use vetted, industry-accepted libraries rather than custom implementations
  • Systems require more computational entropy to generate strong random keys
  • Key generation processes should be formally documented, requiring time and expertise to develop
  • Secure key storage and rotation add operational complexity

However, these costs tend to be marginal in the scope of a larger system, and are far outweighed by the security benefits and risk reduction achieved.

How to make it happen?

To properly generate keys in AWS per CEK-10:

  1. Define your app's key generation requirements (algorithms, key lengths, etc.)
  2. Choose to either use the AWS Key Management Service (KMS) or an AWS CloudHSM with a FIPS 140-2 validated hardware security module (HSM). For most apps, KMS is a simpler option.
  3. If using KMS, create a customer master key (CMK) in your desired region with the appropriate parameters (key spec, origin, rotation schedule, etc)
  4. In your app's code, call the KMS GenerateDataKey or GenerateRandom APIs to generate data encryption keys
  5. Use the generated data keys to encrypt/decrypt data in your application
  6. Use KMS key policies and IAM permissions to control access to key generation operations
  7. Enable CloudTrail logging of all KMS API calls

What are some gotchas?

  • Many APIs provide both secure and insecure random number generation - be sure to explicitly select a CSPRNG. For example, in Java use SecureRandom instead of Random.
  • Some older systems have insecure default key generation configuration. Always specify key sizes and algorithms explicitly.
  • Key generation code often requires specific security permissions:
    • File system access to /dev/urandom on Unix
    • CryptoPermission in Java
    • CryptGenRandom access in Windows CNG
  • Be mindful of performance when generating large numbers of keys, as entropy can be a limited resource. Consider pre-generating a key pool.

Some potential challenges with key generation in AWS:

  • KMS has service limits which may need to be increased for high-volume key generation
  • Generating keys in KMS is a privileged operation requiring the kms:GenerateDataKey permission on the IAM principal (user/role)
  • Keys generated by KMS cannot be exported out of the region - they must be used with the KMS APIs
  • The security of local key generation (not using KMS) depends heavily on the quality of randomness available on the EC2 instance. Be very cautious of generating keys locally.
  • Logging and monitoring is essential to detect any anomalies in key generation such as unauthorized users creating keys

What are the alternatives?

Some cloud services handle key generation automatically as part of envelope encryption:

  • AWS KMS generates a unique data key for each encryption operation when you call GenerateDataKey
  • Google Cloud KMS does the same when calling Encrypt with a symmetric key
  • Azure Key Vault Secrets are always encrypted with an auto-generated key

This shifts the burden of secure key generation to the cloud provider, but you still must configure the KMS appropriately.

Explore further

  • Read the OWASP Cryptographic Storage Cheat Sheet for language-specific key generation guidance
  • Learn about upcoming post-quantum key generation in NIST PQC
  • Understand the key generation aspects of relevant compliance frameworks like NIST
  • Explore complementary controls like:
    • CKM-02 Key Lifecycle Management to handle keys post-generation
    • CEK-06 Approved Cryptographic Algorithms to select appropriate algorithms
    • AIS-04 Application Service Architecture to properly manage keys in applications

Blog

Learn cloud security with our research blog

Your queues, your responsibility
August 20, 2024
Things you wish you didn't need to know about S3
May 30, 2024
S3 Bucket Encryption Doesn't Work The Way You Think It Works
April 19, 2024
Read more