Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Method to Generate DEA Keys that are Disjoint from CDMF Keys Transformed into DEA Keys

IP.com Disclosure Number: IPCOM000112583D
Original Publication Date: 1994-Jun-01
Included in the Prior Art Database: 2005-Mar-27
Document File: 2 page(s) / 78K

Publishing Venue

IBM

Related People

Johnson, DB: AUTHOR [+3]

Abstract

The Commercial Data Masking Facility (CDMF) algorithm can be thought of as selecting certain keys from the entire keyspace of the Data Encryption Algorithm (DEA). A CDMF key may be transformed into its equivalent DEA key by processing the CDMF key using only the CDMF key-shortening process. However, there is no distinguishing feature that allows the differentiation of a transformed CDMF key from a DEA key. Some applications may need the assurance that a DEA key does not conform to the attributes of a transformed CDMF key and be able to generate such DES keys rapidly and efficiently. The method defined in this article describes such a process.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

Method to Generate DEA Keys that are Disjoint from CDMF Keys Transformed
into DEA Keys

      The Commercial Data Masking Facility (CDMF) algorithm can be
thought of as selecting certain keys from the entire keyspace of the
Data Encryption Algorithm (DEA).  A CDMF key may be transformed into
its equivalent DEA key by processing the CDMF key using only the CDMF
key-shortening process.  However, there is no distinguishing feature
that allows the differentiation of a transformed CDMF key from a DEA
key.  Some applications may need the assurance that a DEA key does
not conform to the attributes of a transformed CDMF key and be able
to generate such DES keys rapidly and efficiently.  The method
defined in this article describes such a process.

      This article describes an efficient method to generate DEA keys
that do not have the same value as CDMF keys, that is, keys that have
been weakened by transforming them into their equivalent DEA form.

      The DEA is a symmetric key block cipher algorithm that is
described in ANSI standard X3.92.  A DEA key is 64 bits, of which 56
determine the exact cryptographic transformation and of which 8 may
be used as parity bits for error detection.  The CDMF algorithm is a
symmetric key block cipher algorithm with a strength of 40 DEA-key
bits and is based on the DEA.  Products containing cryptography are
subject to government export regulations.  Products containing the
CDMF algorithm for data privacy, when constructed appropriately, are
able to be generally exported from the U.S.A., unlike products which
contain the DEA when used for the privacy of data.  The ability for
an organization to purchase a product sold by a U.S.A.  company which
uses the DEA for data privacy depends on the activities of the
organization and the purposes for which the product will be used.
Financial institutions that are not based in North America are
usually able to acquire products with DEA-based data privacy.
However, manufacturing organizations that are not based in North
America are usually not able to acquire such products.  However, the
situation could easily exist where a manufacturing organization would
like to send information to a financial institution and would like
some form of data privacy to protect this information while it is
being transmitted.  To allow interoperability between these
organizations, a CDMF key may be transformed into the format of a DEA
key.  However, such a transformed CDMF key is indistinguishable from
a normal DEA key.  A customer may desire the ability to generate DEA
keys that are known to never coincide in value with transformed CDMF
keys.

      An efficient method of generating DEA keys that are disjoint
from transformed CDMF keys is as follows:

1.  A random number RN is generated by existing random or
    pseudo-random processes.

2.  RN is examined to determine if...