Under the form requirements for storing secret and private keys, which method is acceptable for protecting keys used to encrypt/decrypt cardholder data?

• A. Stored in plaintext on the server.
• B. Shared with contractors.
• C. Encrypted with a key-encrypting key that is at least as strong as the data-encrypting key, and stored separately from the data-encrypting key.
• D. Stored within a secure cryptographic device.

Answer: (C)

Key management for protecting keys that encrypt cardholder data relies on layering and separation. The best approach is to protect the data-encryption key by encrypting it with a key-encrypting key that is as strong as or stronger than the data-encryption key, and then store that key-encrypting key separately from the data-encryption key. This creates two independent protections: even if the data-encryption key is exposed, the data remains unreadable without the KEK, and access to the KEK is controlled and kept in a separate secure location. The KEK should be managed in a secure cryptographic facility (such as a hardware security module) with strong access controls.

Why this is preferable to the other options: storing keys in plaintext on the server is insecure and directly exposes secrets; sharing keys with contractors expands the circle of risk and violates strict access controls; while storing keys in a secure cryptographic device is a good practice, the form requirement specifically emphasizes encrypting the data-encryption key with a KEK and separating the KEK from the DEK to achieve layered protection.