Effective key management is a critical component of a robust security architecture. Cryptographic keys safeguard security by ensuring confidentiality, integrity and data availability, while a key management system protects the key itself and ensures the use of ‘active’ keys throughout the product lifecycle for consistent data protection.

The paper introduces the fundamentals of cryptography and key management, highlighting relevant protocols and principles. It reviews standards established by various organizations in key management. Additionally, it provides best practices tailored for embedded security architects from the HCLTech Product Security team, covering areas such as key generation, storage, distribution, provisioning, rotation, and disposal, while addressing specific challenges in embedded security. Overall, it serves as a comprehensive guide for key management practices in embedded systems.