Key Ceremony Script

1.Purpose

[1] We have a requirement, that the generation of new RSA keys and creation of new Certification Authorities (CAs) must be witnessed by a third party auditor and appointed witnesses. We must therefore generate fresh keys which have been witnessed in the prescribed manner and use these keys to create new Certification Authorities (CAs).

The keys we generate today will be new keys, having no existing keys residing on the HSM device we are about to use during this ceremony. There are therefore no existing keys residing in the HSM device should this note be relevant to any party participating in this ceremony.

2.Background

We use the nCihper Hardware Security Module devices, model: netHSM 500. These devices are certified to FIPS 140-2 level 2 and 3, and level 3 configuration was chosen for the HSM device we are about to use today during this ceremony.

It is important to note, that the Key Generation and Certificate Signing operations occur entirely within the HSM device which uses a FIPS 140 approved pseudo random-number generator, which is seeded periodically from a random bit-value accumulator fed with an unpredictable input from an electronic noise source.

The prime number generator used in RSA key pair generation is entirely within the HSM and is covered by FIPS 140.

3.Key Generation and Certificate Signing Control Software

Cryptographic Operation Control software: HSM device Support Software and Digi-CA™ PKI [2] System, were both written so that together provide the following capabilities:

1. Instruct an HSM device to "wipe" all keys from its storage.
2. Instruct an HSM device to generate [n] x 4096 bits RSA key pairs.
3. Instruct an HSM device to generate [n] x 2048 bits RSA key pairs.
4. Instruct an HSM device to write those key pairs in an encrypted format to hard disk.
5. Create and split the private key encryption keys into encrypted sets, stored on individual PIN protected smart cards, such that the private keys could be accessed, reconstructed and re-imported to a (new) HSM device only using any 3 of the 5 cards from a defined card sets.
6. Copy the encrypted private key to separate removable media for backup purposes. This process is accomplished using the [Red Hat Enterprise Linux 5.0] operating system tools rather than the Cryptographic Operational Control Software.
7. Instruct an HSM device to Load or Import encrypted RSA key pairs from hard disk.
8. Instruct an HSM device to mark all private keys held within itself as non-exportable. This is a default limitation when HSM device is configured to operate in FIPS 140-2 level 3 mode.
9. Combine 3 (of the original 5) smart cards of private key encryption key fragments (components) to produce and encrypt a set of keys on the HSM device.
10. Instruct HSM device to load a private key and sign a new certificate data.

The software and the procedures were tested to ensure, that the keys were valid, and that the import and export procedures were working as required.

The source code was examined to ensure that its operation was correct.