In 2012, the UK government’s National Technical Authority for Information and Assurance (CESG) defined MIKEY-SAKKE as a standard, to answer the security requirements from government to have a cryptographic method for validating an identity for government communications.
This standard was based upon an existing standard for elliptic curve signatures, the Elliptic Curve Digital Signature Algorithm (ECDSA) and an identity-based cryptographic protocol developed by two Japanese researchers, SAKAI and KASAHARA. Using these protocols for secure communications gave rise to MIKEY-SAKKE, defined by the IETF as RFC 6507 and RFC 6509.
The system used in Mikey Sakke means that each user is attached to a Key Management Server. This server distributes key information to the users it manages on a regular (typically monthly) basis. Unlike other closed secure communication systems, the approach in Secure Chorus is specifically adapted for workplaces.
The existence of the KMS means that an organisation has access to its own data, without giving access to unauthorised third parties. As an organisation’s data becomes increasingly valuable in today’s world, this access is critically important. With this access, data scientists can generate business intelligence, IT administrators can assess cyber incidents, and the legal department can comply with criminal investigations. All while ensuring individual user privacy is maintained.
The Key Management Server can be managed entirely by an organisation’s own IT team. And it may be kept offline for maximal security. Ultimately, thanks to the properties of MIKEY-SAKKE, only those explicitly authorised by an organisation can access that organisation’s data.