Key processing with control vectors |
| |
Authors: | Stephen M Matyas |
| |
Affiliation: | (1) IBM Corporation (400/043), 9500 Godwin Drive, 22110 Manassas, VA, USA |
| |
Abstract: | A method is presented for controlling cryptographic key usage based on control vectors. Each cryptographic key has an associated control vector that defines the permitted uses of the key within the cryptographic system. At key generation, the control vector is cryptographically coupled to the key by way of a special encryption process. Each encrypted key and control vector are stored and distributed within the cryptographic system as a single token. Decryption of a key requires respecification of the control vector. As part of the decryption process, the cryptographic hardware verifies that the requested use of the key is authorized by the control vector. This article focuses mainly on the use of control vectors in cryptosystems based on the Data Encryption Algorithm. |
| |
Keywords: | Cryptography Encryption Key management Key distribution Access control Hash function |
本文献已被 SpringerLink 等数据库收录! |
|