The use of session keys requires two functions, key handing, and decryption itself
Key Handling:
Once session keys are intercepted, SKI Sensors export the keys. Options for key handling include writing keys to file, piping to other local applications and processes, or securely forwarding them across networks to authorized receivers.
- Keys can be sent directly to authorized decryption systems
- Sent to Keystore database or file
- Sent to Key Servers, memory functions, or containers that can temporarily hold keys and serve them to requesting descriptors and that can filter, replicate, and push keys to targets.
Once decryption is complete, keys are typically destroyed (e.g., inside 5 seconds) but can also be archived for forensics purposes.
Decrypt Using Keys:
Using Session keys, high-throughput, low latency, and low-cost decryption can be easily achieved without modifications to authentication, handshakes, or production traffic and without any server keypairs or PKI. Decryption can far exceed the performance specs of exotic crypto cards and chips using commodity CPU instruction sets.
Option 1: Simple Decrypt using keylog files on any enabled system.
Option 2: Make minor modifications to an existing decrypt engine to receive keys.
Option 3: Add SKI-based decryption support using Nubeva’s Decrypt C Library or turnkey Decrypt Container.
Once decryption is completed, keys can be destroyed (typically seconds after creation and use), and perfect forward secrecy is maintained. Optionally and with proper security considerations, keys can be archived for forensic purposes.
.svg)
