Browse Prior Art Database

Method for the Secure Entry of Cryptovariables into a Cryptographic Facility based on a Software Programmed Interface and an Enabling Physical Key-Activated Switch

IP.com Disclosure Number: IPCOM000104113D
Original Publication Date: 1993-Mar-01
Included in the Prior Art Database: 2005-Mar-18
Document File: 4 page(s) / 203K

Publishing Venue

IBM

Related People

Le, AV: AUTHOR [+3]

Abstract

This article describes a procedure for the entry of nonsecret cryptovariables into a cryptographic facility (CF) (e.g., a device identifier, control vector, verification pattern, authentication code, or encrypted key). The procedure makes use of a physical key-activated switch and a set of hardware and software functions that permit cryptographic variables to be installed. The initialization process consists of loading a cryptographic variable into the CF and temporarily storing it, disabling the loading function and testing that the correct cryptographic variable has been loaded, and then, activating the so-loaded cryptographic variable. The method is that a cryptographic variable is initialized within the CF only if it is first verified by authorized installation personnel to be correct.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 30% of the total text.

Method for the Secure Entry of Cryptovariables into a Cryptographic Facility based on a Software Programmed Interface and an Enabling Physical Key-Activated Switch

      This article describes a procedure for the entry of nonsecret
cryptovariables into a cryptographic facility (CF) (e.g., a device
identifier, control vector, verification pattern, authentication
code, or encrypted key).  The procedure makes use of a physical
key-activated switch and a set of hardware and software functions
that permit cryptographic variables to be installed.  The
initialization process consists of loading a cryptographic variable
into the CF and temporarily storing it, disabling the loading
function and testing that the correct cryptographic variable has been
loaded, and then, activating the so-loaded cryptographic variable.
The method is that a cryptographic variable is initialized within the
CF only if it is first verified by authorized installation personnel
to be correct.  If testing reveals that a temporarily stored
cryptographic variable is incorrect, it is erased, and the process is
repeated.  The process of loading cryptographic variables is
controlled via the physical key-activated switch, directly under the
control of authorized installation personnel (e.g., a security
officer).  Thus, an insider adversary with access to the
cryptographic system, but without use of the physical key that
operates the key-activated switch, is unable to subvert security.

      Fig. 1 illustrates a cryptographic system consisting of a
cryptographic facility 1 with an instruction processor 2 capable of
executing a set of cryptographic instructions, a key storage 3, a
cryptographic facility access program (CFAP) 4, and application
programs (APPLs) 5.  CF 1 has a device identifier storage 6 for the
storage of a nonsecret device identifier and a device identifier flag
7 with flag settings of empty, inactive, and active.  The setting
empty indicates that device identifier register 6 is empty.  The
setting inactive indicates that a device identifier has been loaded
into device identifier register 6 with a LOADC instruction, but has
not yet been activated.  The setting active indicates that the device
identifier in device identifier register 6 has been activated via a
SETC instruction and that other cryptographic instructions may now
use the device identifier.  CF 1 also has a front panel interface 8
with a key-activated switch 9, which is activated with physical key

10.  Key-activated switch 9 has three switch positions labelled 1 :
load, 2 :  read, and 3 : set.  Cryptographic instruction set 2
contains, among others, three instructions for initializing
cryptographic variables in the CF.  They are, Load Cryptographic
Variable (LOADC), Read Cryptographic Variable (READC), and Set
Cryptographic Variable (SETC).  The LOADC, READC, and SETC
instructions permit device identifier 6 to be initialized within CF
1.

      The LOADC, READC, and SETC instruct...