Filter
Top Products
CCA Release 2.54
functions in which it can be used. The cryptographic subsystem uses a system
of control vectors
1
to separate the cryptographic keys into a set of key types
and restrict the use of a key. The subsystem enforces the use of a particular
key type in each part of a cryptographic command. To control the use of a
key, the control vector is combined with the key that is used to encipher the
control vector's associated key. For example, a key that is designated a
key-encrypting key cannot be employed in the decipher verb, thereby
preventing the use of a key-encrypting key to obtain a cleartext key.
Securely installing and verifying keys. Capabilities are provided to install keys,
either in whole or in parts, and to determine the integrity of the key or the key
part to ensure the accurate and secure entry of key information. The hardware
commands and profiles allow you to enforce a split-knowledge, dual-control
security policy in the installation of keys from clear information.
Generating keys. The system can generate random clear and enciphered
keys. The key-generation service creates an extensive set of key types for use
in both CCA subsystems and other DES-based systems. Keys can be
generated for local use and for distribution to remote nodes.
Securely distributing keys manually and electronically. The system provides for
unidirectional key-distribution channels and a key-translation service.
Your application program(s) should provide procedures to perform the following
key-management activities:
Generating and periodically replacing keys. A key should be used for a very
limited period of time. This may minimize the resulting damage should an
adversary determine the value of a key.
Archiving keys.
Destroying keys and media used to distribute keys.
Auditing the key generation, distribution, installation, archiving, and destruction
processes.
Reacting to unusual occurrences in the key-management process.
Creating management controls for key management.
Before a key is removed from a CCA cryptographic facility for storage in key
storage or in application storage, the key is multiply-enciphered under a master key
or another key-encrypting key. The master key is a triple-length DES key
composed of three 56-bit DES keys. The first and the second parts of a master
key (each 56-bit component) are required to be unique. For compatibility with other
implementations, it is permissible for the third part to be the same as the first part,
thus creating an effective “double-length” master-key.
Key-encrypting keys, sometimes designated “transport keys,” are double-length
DES keys composed of two halves, each half being a 56-bit DES key. The halves
of a key-encrypting key can be the same value, in which case the key-encrypting
key operates as though it were a single-length, 56-bit, DES key.
1
A control vector is a logical extension of a key variant, which is a method of key separation that some other cryptographic systems
use.
Chapter 5. DES Key-Management
5-3