Last activity: 25 Feb 2022 11:57 EST
Platform cipher for Application data encryption - Key management
As per documentation Platform cipher refer the customer key stored in the “Key Store” and apply default cryptographic algorithm that is used by Pega Platform. (ref: https://docs-previous.pega.com/security/85/configuring-platform-cipher )
Could you please suggest for below regarding how exactly the process works:
- Is Pega Platform maintain any “internal key”/reference for mapping between Encrypted data and actual key ( along with IV ) sourced from Keystore instance ? so that it can identify the original key for decryption in case of key modified in source.
- Is this “internal key”/reference accessed and maintained during each transaction (encryption/decryption) ?
- Is this “internal key”/reference maintained in the server cache as well, if yes then what is maximum duration? Also is there any impact of the server reboot on performance w.r.t cached “internal key”/reference ?
- Is there any specific expiry of “internal key”/reference?
Thanks in advanced.