Browse Prior Art Database

Verification of Manually Installed Keys via a Compute Verification Pattern Instruction not Susceptible to a Chosen Plaintext Attack

IP.com Disclosure Number: IPCOM000108946D
Original Publication Date: 1992-Jul-01
Included in the Prior Art Database: 2005-Mar-23
Document File: 6 page(s) / 260K

Publishing Venue

IBM

Related People

Abraham, D: AUTHOR [+6]

Abstract

This article describes a data encryption algorithm (DEA)-based cryptographic method for verifying the correctness of keys stored within a cryptographic facility (CF). The method is particularly useful when used in conjunction with manual key entry procedures to ensure that keys are installed correctly. The method may also be used to periodically recheck stored keys to ensure that they have not changed. The verification method is implemented via a Compute Verification Pattern (CVP) instruction, which has two modes of operation. The first CVP mode allows verification patterns to be generated for specified stored keys; the second CVP mode allows keys to be authenticated on the basis of supplied verification patterns.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 27% of the total text.

Verification of Manually Installed Keys via a Compute Verification Pattern Instruction not Susceptible to a Chosen Plaintext Attack

       This article describes a data encryption algorithm
(DEA)-based cryptographic method for verifying the correctness of
keys stored within a cryptographic facility (CF). The method is
particularly useful when used in conjunction with manual key entry
procedures to ensure that keys are installed correctly.  The method
may also be used to periodically recheck stored keys to ensure that
they have not changed.  The verification method is implemented via a
Compute Verification Pattern (CVP) instruction, which has two modes
of operation.  The first CVP mode allows verification patterns to be
generated for specified stored keys; the second CVP mode allows keys
to be authenticated on the basis of supplied verification patterns.
Other verification methods frequently calculate a verification
pattern by encrypting a constant value, or, alternatively, a value
supplied to the algorithm by the software.  In that case, the
candidate key is the only variable not under the control of an
insider adversary.  On the other hand, the present method makes use
of an internally generated random number not under the control of an
adversary, which affords maximum protection to 56-bit DEA keys.  This
assures that no exhaustive attack against the key can be launched,
which is more favorable than a straightforward direct search (i.e.,
searching the whole key space).

      Fig. 1 illustrates a cryptographic system consisting of a
cryptographic facility 1, a key storage 3, a cryptographic facility
access program (CFAP) 4, and using application programs 5.  The
cryptographic facility 1 also has a secure front panel interface 6
with a capability for the manual entry of keys.  A utility program 11
operating at a secure off-line device 10, e.g., an IBM Personal
Computer (PC), is used to calculate verification patterns on clear
keys.  The keys them selves, which are later installed within the
cryptographic facility via the key entry device 8, are either
supplied to, or generated by, the utility program.  These different
options and variations are unimportant to the method of key
verification.  Keys are entered into the cryptographic facility 1 via
a hand-held key entry device 8 incorporating a LED display and 16
buttons corresponding to 16 hexadecimal digits.  The LED display
permits visual verification of the key digits before the key is
actually installed within the cryptographic facility.  The key entry
process is also coordinated via a key installation utility
application program 9.  The key installation utility, via CFAP,
causes entered keys to be appropriately encrypted or stored in the
key register 7.  The key installation utility 9, via CFAP, also
issues a CVP instruction to verify the correctness of each entered
key.

      The complete procedure for computing verification patterns and
for manually installi...