Database Master Key

9.1 Database Master Key

MyID encrypts sensitive data that is stored in the database using the Master Key.

The Master Key is generated when GenMaster is first run, after MyID is installed.

9.1.1 Risks

An unauthorized party could try to extract or copy the Master Key.
The Master Key uses a cryptographic algorithm that is broken in the future.
Regulatory compliance may demand a more modern cryptographic algorithm for the Master Key.

9.1.2 Solution

The risk of an unauthorized party copying the Master Key is best solved by ensuring that the Master Key is generated within an HSM. If at the time the MyID system was installed, an HSM was not available, and later you want to upgrade it to use an HSM, it is possible to migrate this to the HSM.

The risk of the cryptographic algorithm being broken in the future is addressed by MyID supporting upgraded cryptographic algorithms, and supporting the migration from one Master Key to a new Master Key with a new algorithm.

Versions of MyID that were first installed before MyID 10.4 generated a 3DES (3TDEA) Master Key.
Versions of MyID that were first installed at version 10.4 or later generated an AES256 Master Key. Note that AES256 is the stronger and more modern algorithm.
When upgrading a version of MyID that was installed before MyID 10.4 to 10.4 or later, the Master Key remains as 3DES (3TDEA).
- There is a process available that can convert an upgraded MyID 10.4 or later installation to use an AES256 Master Key even if it started with a 3DES (3TDEA) Master Key. Intercede recommends this process to ensure that all production MyID installations at 10.4 or later use an HSM-protected AES256 Master Key.

9.1.3 Implementation

When first installing MyID, ensure an HSM is used to protect the Master Key.

If upgrading a production MyID installation that was installed before MyID 10.4 to 10.4 or later, upgrade the system to have an AES256 Master Key. For more information on this process, contact Intercede support quoting SUP-193.

If you have a production MyID Installation that does not currently use an HSM to protect the Master Key, Intercede recommends that this is upgraded to use an HSM. For more information on this process, contact Intercede support quoting reference SUP-193.