1 Scope
2 Normative reference
3 Definitions
4 Introduction to key management
4.1 Purpose of security
4.2 Level of security
4.3 Key management objectives
5 Principles of key management
6 Cipher systems
6.1 Symmetric ciphers
6.2 Asymmetric ciphers
7 Cryptographic environments
7.1 Secure cryptographic device
7.2 Physically secure environment
7.3 Security considerations for secret keys
7.4 Security considerations for public keys
7.5 Protection against counterfeit devices
8 Key management services for symmetric ciphers
8.1 Separation
8.2 Substitution prevention
8.3 Identification
8.4 Synchronization (availability)
8.5 Integrity
8.6 Confidentiality
8.7 Compromise detection
9 Key life cycle for symmetric ciphers
9.1 Generation
9.2 Storage
9.3 Backup
9.4 Distribution and loading
9.5 Use
9.6 Replacement
9.7 Destruction
9.8 Deletion
9.9 Archive
9.10 Termination
Annex A (normative) Procedure for approval of a
cryptographic algorithm
A.1 Justification of proposal
A.2 Documentation
A.3 Public disclosure
A.4 Examination of proposals
A.5 Public review
A.6 Appeal procedure
A.7 Incorporation of the new cryptographic
algorithm
A.8 Maintenance
Annex B (informative) Example of a retail banking environment
B.1 Introduction
Annex C (informative) Examples of threats in the retail banking
environment
C.1 Introduction
C.2 Threats
Annex D (informative) Bibliography