Page 25

CR-3396

Revision Level: 21

Document is Uncontrolled When Printed.

Page 25 of 46

(7) Encrypted key storage (using AES 256 bit encryption, see Section 3.5.1) and key

access following the PKCS #11 standard.

(8) Destruction of cryptographic keys is performed in one of three ways as described

below in accordance with the PKCS #11 and FIPS PUB 140-2 standards:

a. An object on a Luna cryptographic module that is destroyed using the PKCS #11

function C_DestroyObject is marked invalid and remains encrypted with the

Partition User's key or a Luna cryptographic module

's general secret key until

such time as its memory locations (flash or RAM) are re-allocated for additional

data on a Luna cryptographic module, at which time they are purged and

zeroized before re-allocation.

b. Objects on a Luna cryptographic module that are destroyed as a result of

authentication failure are zeroized (all flash blocks in the Partition User

's memory

turned to 1's). If it is an SO authentication failure, all flash blocks used for key

and data storage on a Luna cryptographic module are zeroized.

c. Objects on a Luna cryptographic module that are destroyed through C_InitToken

(the SO-accessible command to initialize a Luna cryptographic module available

through the API) are zeroized, along with the rest of the flash memory being

used by the SO and Partition Users.

Keys are always stored as secret key or private key objects with the Sensitive attribute

set. The key value is, therefore, stored in encrypted form using the owning Partition

User

's Storage Key (USK) and the Master Tamper Key (MTK) stored in the battery-

backed RAM. Access to keys is never provided directly to a calling application. A

handle to a particular key is returned that can be used by the application in subsequent

calls to perform cryptographic operations.

Private key and secret key objects may be imported into a module using the Unwrap,

Unmask (if cloning and unmasking are enabled at the module level) or Derive operation

under the control of the Access Control Policy. Any externally-set attributes of keys

imported in this way are ignored by a module and their attributes are set by a module to

values required by the Access Control Policy.