Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

KEY-ENCRYPTION-KEY INTEGRITY CHECK IN A SERIAL SHIFT REGISTER DEVICE WITH ERROR CORRECTION

IP.com Disclosure Number: IPCOM000008610D
Original Publication Date: 1998-Mar-01
Included in the Prior Art Database: 2002-Jun-26
Document File: 3 page(s) / 208K

Publishing Venue

Motorola

Related People

Dean Vogler: AUTHOR

Abstract

The use of a hardware shift register device to store Key Encryption Keys (a.k.a. Master Keys, Key Protection Keys, etc.) is widespread in today's Motorola Secure products, especially due to its ability to perform active zeroization simply and efficiently (something that conventional memory devices such as RAM, EEPROM, or Flash parts, cannot do). The protection of the KEK from outside intrusion, or tamper detect, is a key requirement in the design of secure communications products. However, there are some important issues that must be addressed when using serial shift register devices. One is to ensure that the data (i.e. KEK) in the device remains in synchronization. The other is to ensure that the contents have not physically changed or corrupted. This paper describes a method that can ensure the correctness of the KEK, and also fix synchronization errors if they occur.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 29% of the total text.

Page 1 of 3

MOTOROLA Technical Developments

8

KEY-ENCRYPTION-KEY INTEGRITY CHECK IN A SERIAL SHIFT REGISTER DEVICE WITH ERROR CORRECTION

by Dean Vogler

ABSTRACT

  The use of a hardware shift register device to store Key Encryption Keys (a.k.a. Master Keys, Key Protection Keys, etc.) is widespread in today's Motorola Secure products, especially due to its ability to perform active zeroization simply and efficiently (something that conventional memory devices such as RAM, EEPROM, or Flash parts, cannot do). The protection of the KEK from outside intrusion, or tamper detect, is a key requirement in the design of secure communications products. However, there are some important issues that must be addressed when using serial shift register devices. One is to ensure that the data (i.e. KEK) in the device remains in synchronization. The other is to ensure that the contents have not physically changed or corrupted. This paper describes a method that can ensure the correctness of the KEK, and also fix synchronization errors if they occur.

INTRODUCTION

  One of the cornerstone functions of all Motorola Secure products is the ability to securely store the (voice or traffic) encryption keys that are used in a secure system. It is those encryption keys, distributed to all radios within a system, that allow radios to communicate with one another. Equally

important is that those encryption keys stored in each radio be secured as well, otherwise the security of the system would be easily compromised by simply retrieving the keys from the radio's memory.

  In Motorola Secure products, the voice/traffic encryption keys themselves are stored encrypted. This means that any malicious attempt to retrieve the encryption keys would be futile, as the encryp- tion key data is meaningless if stored in an encrypted format. That begs the question, what are the encryp- tion keys encrypted with? Another key of course! This key is referred to as the Key Encryption Key

(KEK), and also may be known as the Master Key or Key Protection Key. The KEK must be stored m-encrypted, otherwise the radio would not be able to decrypt the voice/traffic encryption keys. So, all that has been done so far is to reduce the number of u-encrypted keys from several (for multi-key secure radios), to one (the KEK). However, the KEK still needs to be secured, else the security system has been jeopardized.

  Currently in Motorola Secure products, the pro- tection of the KEK is handled by physical means. That is, any attempt to breach the security of the product is handled by actively zeroizing the KEK. The common method is to provide some sort of tamper circuitry around the KEK storage area. When the tamper switch is activated, by either opening a switch (such as removing a cover, or loss of battery), the tamper circuit is activated. A typical response is to perform active zeroization. Active zeroization means to write over the KEK's memory with other contents (random data, all I's, all O's, etc.), as oppo...