Controls & Generation Events

Key Generation Ceremony

• 4. [1] The previous step left the HSM device #1 configured for use with our newly generated keys.
The encrypted private keys are now stored securely within an encrypted key repository on the hard disk within the computer, as well as on the removable media. Only the HSM device holding decryption keys for the particular key repository is able to decrypt the repository data. Further decryption process is also required to bring keys to an online state. The latter applies to particular keys, that we protected with additional encryption key during the key generation phase.

The encryption key elements [components] are stored on several PIN protected smart cards, herein referred to as "Key Access Component Cards", which are required to access these keys at any time. The smart cards are currently visible on the Inventory Table and during the later phase of this ceremony will be distributed to the Key Access Component Holders, who are the only holders possessing PIN codes necessary to access the data stored on these smart cards.

We note, that there is no need to delete our encrypted keys from the hard disk within the computer as these keys are strongly encrypted by the HSM device and additional encryption key, that was divided into key elements (components) within a key set. If the key repository data was stolen, it would be useless without the HSM decryption key and additional encryption key elements (components) distributed to Key Access Component Holders inside the PIN protected Key Access Component Cards. The encrypted keys stored within the repository are in offline state and the computer with the hard drive storing the encrypted repository data will be kept safe in an isolated room with strict personnel and network access controls in place as well as video camera monitoring maintained 24 hours per day throughout the year.




• 5. We will now generate checksum bytes, that will uniquely identify the encrypted private key data stored both on the hard disk and on the backup media disks.
For this purpose, we will use an Operating System tool [sha1sum]. The Key Ceremony Administrator will now sequentially, using the Key Map Document, read the file names and file system paths for each generated private key, generate the checksum bytes calculated on private keys stored inside the repository as well as on the backup media and note the checksum byte strings (below) in this script.

All witnesses attending this part of the ceremony must ensure, that the date entered into this script is correct and the checksum values presented on the computer screen upon sequential execution of the checksum calculation commands, that are performed on private key data stored inside the repository as well as on the backup media, and the values written below by the Key Ceremony Administrator, exactly match. They also must place their signatures where indicated (below) in this section of the script.

Date: …………………………………………

Key 1
Common Name: ………………………………………………………………………………………………………
Checksum: …………………………………………………………………………………………………………………

Key 2
Common Name: ………………………………………………………………………………………………………
Checksum: …………………………………………………………………………………………………………………

…

Key N
Common Name: ………………………………………………………………………………………………………
Checksum: …………………………………………………………………………………………………………………
Witnessing Attendees’ Signatures: