authentication. B responds with the enciphered rdc, thereby acknowledging that it has received the key K * , as shown in Table 15.4.Key maintenance includes procedures for key activation, key storage, key replacement, key translation, key recovery, black listing of compromised keys, key deactivation and key deletion. Some of the issues of key maintenance are addressed below.Storage of keying material refers to a key storage facility which provides secure storage of keys for future use, e.g. confidentiality and integrity for secret keying material, or integrity for public keys. Secret keying material must be protected by physical security (e.g. by storing it within a cryptographic device) or enciphered by keys that have physical security. For all keying material, unauthorized modification must be detectable by suitable authentication mechanisms.Key archival refers to procedures by which keys for notarization or nonrepudiation services can be securely archived. Archived keys may need to be retrieved at a much later date to prove or disprove certain claims.Key replacement enables parties to securely update their keying material. A key shall be replaced when its compromise is known or suspected. A key shall also be replaced within the time deemed feasible to determine it by an exhaustive attack. A replaced key shall not be reused. The replacement key shall not be a variant or any nonsecret transformation of the original key.Key recovery refers to cryptographic keys which may become lost due to human error, software bugs or hardware malfunction. In communication security, a simple handshake at session initiation can ensure that both entities are using the same key. Also, message authentication techniques can be used for testing that plaintext has been recovered using the proper key. Key authentication techniques permit keys to be validated prior to their use. In the case where a key was lost, it still may be possible to recover that key by searching part of the key space. This approach may be successful, if the number of likely candidates is small enough.Key deletion refers to procedures by which parties are assured of the secure destruction of keys that are no longer needed. Destroying a key means eliminating all records of this key, such that no information remaining after the deletion provides any feasibly usable information about the destroyed key.More information on key management can be found in References [33][34][35][36][37][38][39].