Self-Managed Cryptography Security Pattern

In this pattern, the system itself manages the cryptographic keys, including storage and retrieval when necessary. The system is responsible for ensuring the confidentiality and integrity of cryptographic keys throughout their lifetime.

Key Responsibilities

When using self-managed cryptography, the system must handle:

• Key storage - Secure persistent storage of keys
• Key retrieval - Secure access to stored keys when needed
• Key distribution - Secure transmission of keys when required
• Key revocation - Proper invalidation and destruction of keys

Core Components

Role	Type	Responsibility
Application	Entity	Interacts with cryptographic library and manages keys
Cryptographer	Cryptographic Primitive	Library performing cryptographic operations
Key Storage	Storage	Persistently stores cryptographic key material

Note: The Application inherits the Entity role from the parent Cryptographic Key Management pattern.

Data Elements

• keyConf: Configuration for key generation (e.g., key length) - optional
• key: The actual cryptographic key material used by the Cryptographer
• id: Identifier used to store and retrieve keys from Key Storage
• input: Data on which cryptographic operation should be performed
• output: Result of the cryptographic operation
• config: Configuration for the cryptographic operation - optional

Actions

• generate_key: Generate new cryptographic key according to configuration
• store_key: Store the cryptographic key under given identifier in Key Storage
• get_key: Retrieve key information from Key Storage
• crypto_action: Perform cryptographic operation (encrypt, sign, etc.)

Pattern Flow

Key Generation and Storage

Application → [generate_key(keyConf)] → Cryptographer
Cryptographer → [key] → Application
Application → [store_key(id, key)] → Key Storage

The Application requests key generation from the Cryptographer, then stores the returned key in Key Storage with a chosen identifier.

Key Retrieval and Use

Application → [get_key(id)] → Key Storage
Key Storage → [key] → Application
Application → [crypto_action(input, key, config)] → Cryptographer
Cryptographer → [output] → Application

To use a stored key, the Application retrieves it from Key Storage, then provides it to the Cryptographer along with the input data.

Key Difference from Cryptography as a Service

Aspect	Self-Managed Cryptography	Cryptography as a Service
Key possession	Application holds actual key material	System holds only key identifiers
Key storage	Managed by application	Managed by external service
Key exposure risk	Higher (keys in application memory)	Lower (keys never exposed)
Control	Full control over keys	Dependent on service provider
Responsibility	Full responsibility for key security	Shared with service provider

Critical Security Considerations

Key Generation

Never implement custom key generation algorithms.

Generating good (random and unpredictable) cryptographic keys is complex. Always use the appropriate functions offered by the cryptographic library.

Key Derivation from Passwords

When deriving keys from user-provided passwords:

• Always use a suitable key derivation function (KDF)
• Use functions from the chosen cryptographic library
• Never devise custom key derivation algorithms

Recommended KDFs:

Function	Notes
Argon2	Modern, recommended for new applications
scrypt	Memory-hard, good alternative
PBKDF2	Use if FIPS-140 compliance is required

Verify that your cryptographic library uses up-to-date key derivation functions.

Key Storage Security

The Key Storage must protect cryptographic keys throughout their lifecycle:

Platform Security Features (Preferred):

• Take advantage of OS and hardware security features when possible
• Store keys in cryptographic modules (HSM, TPM) when available

When Platform Features Unavailable:

• Limit physical access to storage medium (protected area)
• Implement logical access controls (authentication, authorization)

Key Integrity Verification:

• Use MACs or digital signatures computed from the key
• Periodically verify integrity of all stored keys

Key Recovery:

• Maintain key copies in physically separate locations
• Enables restoration after unauthorized modifications

Key Confidentiality and Integrity in Transit

Both integrity and confidentiality of keys must be protected:

• During transmission between entities
• At rest in Key Storage

Exception: Confidentiality can be relaxed for public keys only (e.g., when verifying digital signatures).

Key Identifier (id) Protection

The identifier determines which key is used for cryptographic actions.

Risk: An attacker who can tamper with the id (e.g., change it to match a known key) can negate all security guarantees.

Required Protections:

• Protect id from tampering during transmission over uncontrolled channels
• Protect id from tampering when stored by Application

Limiting Key Exposure

Since the Application processes actual cryptographic keys, minimize exposure:

Practice	Description
Minimize time in memory	Load keys only when needed, clear immediately after
Zeroize memory	Overwrite key material before freeing memory
Avoid logging	Never log key material
Limit copies	Minimize the number of key copies in memory
Secure memory	Use secure memory allocation when available

Implementation Checklist

• [ ] Key generation uses cryptographic library functions (no custom algorithms)
• [ ] Password-derived keys use proper KDF (Argon2, scrypt, or PBKDF2)
• [ ] Key Storage protects confidentiality and integrity
• [ ] Platform security features utilized where available
• [ ] Physical and logical access to storage restricted
• [ ] Key integrity verified periodically (MACs/signatures)
• [ ] Key backups maintained in separate locations
• [ ] Keys protected during transmission
• [ ] Key identifiers protected from tampering
• [ ] Key exposure minimized (memory cleared after use)
• [ ] Public key exception applied only where appropriate

When to Choose Self-Managed vs. As-a-Service

Choose Self-Managed Cryptography when:

• Full control over keys is required
• Offline operation is necessary
• Regulatory requirements mandate key custody
• Integration with external KMS is not feasible

Choose Cryptography as a Service when:

• Reducing key exposure risk is priority
• External expertise in key management is desired
• Cloud-native deployment is standard
• Audit and compliance features are needed out-of-box

Related Patterns

• Cryptographic Key Management (parent pattern)
• Cryptography as a Service (alternative implementation)
• Cryptographic Action (uses keys managed by this pattern)
• Encryption (specific cryptographic action)
• Digital Signature (specific cryptographic action)
• Message Authentication Code (specific cryptographic action)

References

• Source: https://securitypatterns.distrinet-research.be/patterns/99_02_003__crypto_self_managed/
• E. Barker, 'Recommendation for Key Management: Part 1 – General', NIST SP 800-57 Part 1, May 2020
• OWASP, 'OWASP Top 10:2021 - A02: Cryptographic Failures'
• P. C. van Oorschot, Computer Security and the Internet - Tools and Jewels, 2020
• NIST SP 800-130, 'A Framework for Designing Cryptographic Key Management Systems'