Key Rotation: Cryptographic Key Rotation

Definition

Key Rotation Strategies for EUDI Wallet Issuers

Credential issuers are the most critical participants requiring strong key rotation practices. An issuer's signing key is used to create verifiable credentials that citizens carry in their EUDI Wallets. If this key is compromised, an attacker could forge credentials. Key rotation limits exposure by ensuring that each key is only used for a defined period.

The rotation process for issuers follows a structured approach. First, the issuer generates a new signing key pair, ideally within a Hardware Security Module (HSM). The new public key is added to the issuer's JWK Set with a new unique key identifier. New credentials are signed with the new key, while the old key remains in the JWK Set for verification of previously issued credentials.

After a grace period (determined by the maximum credential lifetime and verifier cache refresh intervals), the old key can be marked as retired in the JWK Set. Even after retirement from active use, the old public key should remain available for verification until all credentials signed with it have expired. This overlap strategy ensures zero disruption to credential verification.

For Person Identification Data (PID) credentials that might have multi-year validity periods, issuers must maintain old verification keys for extended durations. This creates a growing JWK Set over time, which must be managed carefully to prevent performance issues while maintaining backward compatibility.

Rotation for Transport and Session Keys

Transport-level encryption keys used in mTLS connections between EUDI Wallet infrastructure components rotate on shorter cycles. TLS certificate rotation typically follows annual or semi-annual schedules, aligned with certificate validity periods. The EUDI Wallet trust framework may specify maximum certificate lifetimes for infrastructure components.

Session-level keys used during credential presentation protocols (like the session encryption keys in ISO 18013-5 proximity presentations) are ephemeral by design -- they are generated fresh for each interaction and discarded after use. This provides perfect forward secrecy: even if a session key were somehow compromised, it could not be used to decrypt past or future sessions.

OAuth 2.0 access tokens and refresh tokens used in the EUDI Wallet issuance flows have built-in expiration mechanisms that effectively implement rotation. Short-lived access tokens (typically minutes to hours) limit the window of exploitation, while refresh tokens can be rotated at each use through rotation policies in the authorization server.

Automated Key Rotation and Monitoring

In production EUDI Wallet deployments, key rotation should be automated to minimize human error and ensure consistent execution. Automated rotation systems generate new keys on schedule, update JWK Sets, configure signing services to use the new key, and archive old keys according to the retention policy.

Monitoring is essential to detect rotation failures or key compromise indicators. EUDI Wallet operators should monitor for unexpected key usage patterns, failed rotation attempts, certificate expiration warnings, and unauthorized access to key management systems. ISO 27001 provides the governance framework for establishing and maintaining these monitoring procedures.

Emergency key rotation procedures must also be defined for cases where a key compromise is detected or suspected. These procedures should include immediate key revocation, expedited generation and deployment of replacement keys, notification of affected parties, and forensic analysis of the compromise. The speed of emergency rotation directly impacts the potential damage from a key compromise event.

Related Terms