CSA CCM CEK-20
Key Recovery

Key recovery is a process that allows organizations to retrieve or reconstruct cryptographic keys from backups or archives. It's an important consideration in maintaining operational continuity, but must be balanced against the risk of the keys and the information they protect being exposed if control is lost. Key recovery processes should take into account legal and regulatory requirements.

Where did this come from?

This control comes from the CSA Cloud Controls Matrix v4.0.10 - 2023-09-26, which can be downloaded from https://cloudsecurityalliance.org/artifacts/cloud-controls-matrix-v4. The Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing, composed of 197 control objectives structured in 17 domains, covering all key aspects of cloud technology.

For more information on key management in AWS, refer to the AWS Key Management Service Documentation: https://docs.aws.amazon.com/kms/index.html

Who should care?

This control is relevant for:

  • Security engineers responsible for designing cryptographic systems
  • Compliance officers ensuring adherence to legal and regulatory requirements
  • Business continuity planners preparing for loss of key control scenarios
  • Developers implementing cryptographic operations in applications

What is the risk?

The primary risk addressed by key recovery is the potential loss of operational continuity if control of cryptographic keys is lost. This could occur due to hardware failures, human error, malicious insiders, or other factors. Without a key recovery capability, the data or communications protected by the lost keys may be permanently inaccessible.

However, the key recovery capability itself introduces a risk - if the recovery process is not sufficiently secured, it could provide an avenue for unauthorized parties to gain access to the keys and the data they protect. Key recovery must balance these competing risks.

What's the care factor?

The importance of key recovery depends on the criticality of the data and operations protected by the keys. For an organization's most sensitive data and mission-critical systems, robust key recovery is essential and should be a high priority.

For less critical systems, the overhead of implementing secure key recovery may outweigh the benefits. A risk-based approach should be taken, considering the likelihood and impact of key loss scenarios.

When is it relevant?

Key recovery is relevant whenever cryptographic keys are used to protect data or communications, and that data has a long-term value or operational importance that extends beyond the lifetime of the keys.

It is particularly important for keys used for data at rest encryption, where the encrypted data may need to be accessed years into the future. It is less critical for ephemeral keys used for transient communications.

What are the trade offs?

Implementing key recovery introduces complexity and potential security risks that must be carefully managed. The key recovery process itself must be highly secured, as it provides a potential avenue for key compromise.

Key recovery also requires additional resources, including secure storage for key backups, procedures for authorization of recovery requests, and personnel to manage the process. These costs must be balanced against the benefits of enhanced business continuity.

How to make it happen?

  1. Inventory all cryptographic keys in use, documenting their type, application, ownership, and criticality.
  2. Assess the risks associated with the loss of each key type, considering the impact on operational continuity, legal and regulatory requirements.
  3. Design a key recovery process that balances these risks. This should include:
    • Secure storage of key backups or key components, using strong encryption and access controls.
    • A process for authorized entities to request key recovery, with appropriate authentication and approval workflows.
    • Procedures for the secure reconstruction of keys from backups or key components.
    • Monitoring and logging of all key recovery activities.
  4. Implement the key recovery process, ensuring that all technical and procedural controls are properly configured and operational.
  5. Test the key recovery process regularly to ensure it functions as intended and that personnel are familiar with their roles and responsibilities.
  6. Review and update the key recovery process on a regular basis, taking into account changes in the organization's risk environment and lessons learned from testing and actual recovery events.

What are some gotchas?

  • Ensure that key backups are stored securely and separately from the primary key storage, to avoid a single point of failure.
  • Carefully control and monitor access to the key recovery process. Implement multi-party control where possible, requiring multiple authorized individuals to cooperate to recover a key.
  • In cloud environments, understand the key management capabilities and limitations of your cloud service provider. Many providers offer key management services, but may have specific requirements or limitations around key recovery.
  • Regularly test your key recovery process to ensure it works as expected. Testing should include scenarios where key custodians are unavailable.

What are the alternatives?

An alternative to key recovery is to use a key escrow system, where keys are proactively split and distributed to trusted third parties. This can reduce the risk of key loss, but introduces additional complexity and potential for key compromise.

Another approach is to use ephemeral keys that are intentionally short-lived and not backed up. This is appropriate for some use cases, like session encryption, but not for situations where long-term data access is required.

Explore Further

Blog

Learn cloud security with our research blog

Your queues, your responsibility
August 20, 2024
Things you wish you didn't need to know about S3
May 30, 2024
S3 Bucket Encryption Doesn't Work The Way You Think It Works
April 19, 2024
Read more