5.1.5.1 Keeping Information Secret

Any cryptographic key has to be kept secret. One also keeps secret any function of a secret (such as a key schedule), because knowing such functions would reduce an attacker's work in cryptanalyzing the secret.

When a secret has to be in the normal memory of a general purpose computer in order to be used, that secret should be erased (for example, replaced with a constant value, such as 0) as soon as possible after use.

A secret can be kept in a specially protected memory where it can be used without being erased. Typically, one finds such memory in a Hardware Security Module (HSM). If an HSM is used, it has to be compliant with [FIPS140], or the equivalent at a level consistent with the security requirements of the customer deploying the cryptographic protocol or the CA that uses the HSM.