From Entropy to Decommissioning: Cryptographic Key Management Strategies Across the Automotive Supply Chain.
Automotive cryptographic key management presents challenges fundamentally different from enterprise IT, driven by heterogeneous ECUs, multi‑tier supply chains, and vehicle lifetimes exceeding two decades. This paper analyzes cryptographic key management as a lifecycle‑coupled system spanning entropy generation, factory provisioning, secure storage, rotation and revocation, and decommissioning. It examines how alignment decisions between OEMs, Tier‑1 suppliers, and silicon vendors shape long‑term security outcomes and how early choices silently constrain or prevent recovery years later. Using real automotive failure modes—such as mis‑provisioning, revocation latency, irreversible trust anchors, and salvage‑yard exposure—the paper shows why many vehicle security incidents originate at production and manifest only in the field. The work emphasizes system‑level, process‑aware design over compliance‑driven or phase‑local controls.