Key Import and Export
The TSM supports import and export of keys. The TSM applies several mechanisms to protect the key while in transit:
- The key is exported from / imported to the TSM via an MPC session. The MPC session only runs if all MPC nodes holding key shares agree to perform the export. Each SDK user therefore has the opportunity to enforce whatever policy it finds necessary, before it allows the key export / import.
- The key is exported / imported as a secret sharing, one key share exported from / imported to each MPC node. This lets you transfer the key to its destination using multiple channels.
- The key sharing is automatically re-randomized before export and after import. This means that security will not be affected, even if up to t of the shares in transit are compromized, where t is the security threshold of the key.
- Each key share is not exported in the clear, but is encrypted (wrapped) using a provided public key before being exported. You can restrict the set of allowed wrapping keys in your application, simply by making sure that the SDK only requests the export MPC session with an allowed wrapping key (because the MPC session export will only run if all SDKs agree on the wrapping key). Alternatively, the MPC nodes can be configured to only accept a certain set of wrapping keys.
- The export MPC session outputs the public key along with the private key shares. The public key can also be provided to the key import session, and will be used to verify the authenticity of the private key.
Use Cases
- Redundancy and fail-over When running in a high availability system, it may be important to have a fail-over site that can be switched to in case of failure in the primary site. Import and export allow you to easily move keys from one TSM to another. The TSM lets you keep the same key ID in the destination TSM so that users do not notice that the load has been shifted to an alternate TSM.
- Key migration The import / export may be used to import keys from, or export to, an external key store, such as an external (non-MPC) wallet. The external key is usually not secret shared, so you will have to handle the secret sharing and the wrapping of the key shares yourself. The SDK provides helper functions for this, as shown in the code examples below.
Updated 10 months ago