IBM 2 Computer Hardware User Manual

Open as PDF

of 508

CCA Release 2.54

────────────┬─────────────────

┌──────────────────┐

│PKA_Key_Token_Build├┐

└┬──────────────────┘│

┌─────────┐ └──────┬───────┬────┘

│ │ │ │(Skeleton)

│ ┌─────────────┐ │ ┌───────────────┐

│ │PKA_Key_Import├┐ │ │PKA_Key_Generate├┐

│ └┬─────────────┘│ │ └┬───────────────┘│

│ └─────┬────────┘ │ └────┬───────────┘

│ └────────────────┐ │ │

│ │ │ │

│ ┌────────────────────┐ Data

│ │ PKA96 PU─PR Key Token │ ──┬──

│ │ PU: Clear │ ┌───────────┐

│ │ PR: eᑍMK(PR) │ │One_Way_Hash├┐

│ │ or eᑍKEK(PR) │ └┬───────────┘│

│ │ or Clear │ └─────┬──────┘

│ └───────────┬───────────┘ │

│ │ │

│  

└────────────────────────────┬─────┴────────┬────────┐ ├────────────────┐

│ │ ┌────────────────────────┐ │

┌─────────────────────┐ │ │Digital_Signature_Generate├┐ │

│PKA_Public_Key_Extract├┐ │ └┬─────────────────────────┘│ │

└┬─────────────────────┘│ │ └───────────┬──────────────┘ │

┌──────────┐ └─────────┬────────────┘ │ │ │

│eᑍMK.CV(K)│ │ │ ┌──────────┐ │

└─────┬────┘ ┌───────────────┐ │ │ Digital │ │

(DES/CDMF│ │ PU Key Token │ │ │ Signature │ │

Key) │ └────────┬───────┘ │ └─────┬─────┘ │

│ ┌───┴──────────────│──────┐ │ ┌────────────┘

┌────────────────────────┐ │ ┌─────────────────────┐

│PKA_Symmetric_Key_Export │ │ │Digital_Signature_Verify├┐

│PKA_Symmetric_Key_Generate├┐ │ └┬───────────────────────┘│

└┬─────────────────────────┘│ │ └───────────┬────────────┘

└─────────┬────────────────┘ │ 

│ │ yes/no

┌────────┐ │

│ePU(K),CV│ ┌─────────────────┘

└────┬────┘ │(Private key)

││

┌──────────────────────┐

│PKA_Symmetric_Key_Import├┐ ┌───────────────┐

└┬───────────────────────┘│ │Designates Verb├┐

└─────────┬──────────────┘ └┬──────────────┘│

│ └───────────────┘

┌─────────┐

│eᑍMK.CV(K)│ ┌───────────────┐

└──────────┘ │Data Structure │

(DES/CDMF Key) └───────────────┘

Figure 3-2. PKA96 Verbs with Key-Token Flow

Key Generation

You generate RSA public-private key-pairs using the PKA_Key_Generate verb.

You specify certain facts about the desired key in a “skeleton key token” that you

can create using the PKA_Key_Token_Build verb.

When generating the key-pair you must determine:

 The key-length

 How, or if, the private key should be encrypted

 If the key should be retained within the Coprocessor, and if so, its name (label)

 The form of the private key: modular-exponent or Chinese Remainder

 A key name if access-control on the name will be employed

 Whether the key should be usable in symmetric key-exchange operations

 Whether the key should be usable in digital signature generation operations.

3-2 IBM 4758 CCA Basic Services, Release 2.54, February 2005

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

IBM 2 Computer Hardware User Manual