2.4.9 Encryption & Key Management
This section's intended audience is for those personnel who are responsible for the security of the IoT systems hardware key management and encryption. Guidance is available from the IoTSF [ref 44]1 regarding Encryption (Part G).
Req No | Requirement | Compliance Class And Applicability | Primary Keyword | Secondary Keyword |
---|---|---|---|---|
2.4.9.1 | Intentionally left blank to maintain requirement numbering | - | ||
2.4.9.2 | If present, a true random number generator source has been validated for true randomness. | Mandatory for Class 2 and above | System | Hardware |
2.4.9.3 | There is a process for secure provisioning of security parameters and keys that includes random and individual (unique) generation, distribution, update, revocation and destruction. | Mandatory for Class 2 and above | Business | Process |
2.4.9.4 | There is a secure method of key insertion that protects keys against copying. | Mandatory for Class 1 and above | System | Software |
2.4.9.5 | All the product related cryptographic functions have no publicly known unmitigated weaknesses in the algorithms or implementation, for example MD5 and SHA-1 are not used. | Mandatory for Class 1 and above | Business | Process |
2.4.9.6 | All the product related cryptographic functions are sufficiently secure for the lifecycle of the product, or cryptographic algorithms and primitives should be updateable ("cryptoagility")". | Mandatory for Class 1 and above | Business | Process |
2.4.9.7 | The product stores all sensitive unencrypted parameters (e.g. keys) in a secure, tamper-resistant location. | Mandatory for Class 1 and above | System | Hardware |
2.4.9.8 | The cryptographic key chain used for signing production software is different from that used for any other test, development or other software images or support requirement. | Advisory for all classes | System | Software |
2.4.9.9 | In device manufacture, all asymmetric encryption private keys that are unique to each device are secured. They must be truly randomly internally generated or securely programmed into each device. | Mandatory for Class 2 and above | Business | Process |
2.4.9.10 | All key lengths are sufficient for the level of assurance required. | Mandatory for Class 2 and above | Business | Policy |
2.4.9.11 | In systems with many layered sub devices, key management should follow best practice. | Mandatory for all classes | Business | Policy |
Footnotes
-
Enhanced Privacy standard for Anonymous Signatures ISO/IEC20008 [https://www.iso.org/standard/57018.html] ↩