KMS Requirements Specifications v1.0
Key Management Systems Requirements Specification v1.0 ‘future-proofs’ the management of cryptographic keys
18 November 2003: GlobalPlatform, the global leader in smart card infrastructure development, announces the first release of its Key Management Systems (KMS) Requirements Specification v1.0, which is now available for royalty free download from www.globalplatform.org
The new specification, which standardizes the exchange and control of cryptographic keys between systems (which produce / interact with smart cards) and organizations, results in three important benefits for the smart card industry:
– by defining a standardized way for GlobalPlatform compliant systems to exchange keys, the KMS Specification will lead to a reduction in proprietary key exchange methods. Ultimately this will mean that the key profile creator (e.g. issuer) will not be ‘locked in’ to any supplier who currently holds the key, as keys are easily and securely transferable from one GlobalPlatform compliant system to another.
- Greater control over usage of the keys / Increased key security
– by defining the minimum attributes a system must contain in order to adhere to the key profile (properties defined on the key itself, e.g. whether the key can be used to encrypt or decrypt, the validity period of the key and its import / export restrictions), the KMS Specification limits the functionality of a particular copy of a key in relation to its role within a specific system. This ensures that the key can only be used by the party, and for the purpose, intended.
- Future-proof Key Management Systems
– by standardizing key management systems now, GlobalPlatform is preparing systems’ vendors and users of cryptographic keys for the future, when standardization across systems will be required to support interoperability and to facilitate the penetration of smart card technology into new markets.
Gil Bernabeu of Gemplus and Chair of the GlobalPlatform Systems Committee, comments: “The launch of the KMS Requirements Specification is not only an achievement for GlobalPlatform in its quest for interoperability, but it is also a significant step forward for the industry, as it is one of the first efforts ever undertaken to standardize the functionality of a key management system.
“Cryptographic key users who insist on compliance with GlobalPlatform’s KMS Specification will see an immediate benefit, as they will have far greater control over their key definition than they currently have with proprietary key management systems. Over time, once the systems and organizations they interact with in a multi-application environment also implement the GlobalPlatform KMS Specification, they will gain full benefit from secure key exchange and management.”
For further information on the GlobalPlatform Key Management Systems Requirements Specification v1.0 please contact the GlobalPlatform Secretariat by email at: firstname.lastname@example.org or visit www.globalplatform.org
For further information regarding GlobalPlatform, or to arrange a briefing with a GlobalPlatform spokesperson, please contact Chrissie Green or Lee’ann Connell at Sinclair Mason on Tel: + 44 (0) 870 606 0960 or e-mail: email@example.com or firstname.lastname@example.org
GLOBALPLATFORM CONTACT AT CARTES:
Lee’ann Connell, Tel: +44 (0) 7802 487 624
Notes to editors About GlobalPlatform: GlobalPlatform is the global leader in smart card infrastructure development and its proven, technical specifications for cards, devices and systems are known as the standard for smart card infrastructure. GlobalPlatform has over 50 cross-industry members with representation from all world continents. www.globalplatform.org