Browse Prior Art Database

Method for Ensuring the Privacy of Public Key Algorithm Private Keys

IP.com Disclosure Number: IPCOM000112696D
Original Publication Date: 1994-Jun-01
Included in the Prior Art Database: 2005-Mar-27
Document File: 4 page(s) / 140K

Publishing Venue

IBM

Related People

Johnson, DB: AUTHOR [+4]

Abstract

A method to ensure the confidentiality of public key algorithm (PKA) private keys is described. The requirements for key integrity and the coupling of relevant information about the key can be met through other methods which can be applied to PKA public keys which have similar requirements but which do not have any requirement for confidentiality.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 43% of the total text.

Method for Ensuring the Privacy of Public Key Algorithm Private Keys

      A method to ensure the confidentiality of public key algorithm
(PKA) private keys is described.  The requirements for key integrity
and the coupling of relevant information about the key can be met
through other methods which can be applied to PKA public keys which
have similar requirements but which do not have any requirement for
confidentiality.

      This article describes a method of ensuring the confidentiality
of the value of Public Key Algorithm (PKA) private keys using a
special symmetric key (e.g., DEA key), called the System Key Secrecy
Key (SKSK).  The SKSK is initialized when the cryptographic subsystem
is initialized, stored in internal memory of the subsystem, and is
used only by the subsystem during the internal processing of
operational PKA private keys.  Other uses of the SKSK (in particular,
the ability of a user application to use the key) are specifically
prohibited, and the implementation must ensure this via some method.
For an example of a method to restrict the usage of a key, see the
Common Cryptographic Architecture: Cryptographic Architecture
Programming Interface Reference, IBM publication SC40-1675.

      The SKSK is used to encrypt the components of the record
containing the PKA private key that are required to be secret.  In
particular, the components of the value of a PKA private key are
encrypted using the SKSK.  The encrypted value of the PKA private key
is then stored in the PKA key record.  To recover the plaintext value
of a PKA private key, the system decrypts the encrypted value in the
PKA key record using the SKSK.  Note that the use of an SKSK
specifically does not address any requirement regarding the need for
integrity of the value of the key or any other requirement.  Note
that an advantage of this method over others is that this method
specifically does not require PKA public keys to be processed by the
SKSK and therefore avoids paying the processing costs associated with
maintaining the secrecy of a key that does not need to be kept
secret.

      In the preferred embodiment, the SKSK is composed of two DEA
keys and the encryption method used is the multiple DEA CBC
encryption method with confounder as follows:

1.  Form the plaintext to be encrypted by concatenating a
    newly-generated 64-bit random number (termed a confounder) with
    the components of the value of the PKA private key.

2.  (Optional) Unambiguously pad the concatenated plaintext to form a
    multiple of 8 bytes, the blocksize of the DEA.  See below for
    explanation.

3.  CBC encrypt the resulting plaintext using the first DEA key.

4.  CBC decrypt the result of the encryption using the second DEA
    key.

5.  CBC encrypt the result of the decryption using the first DEA key.

      The result is called the multiple encrypted PKA private key.  A
flow diagram of the encryption process is given in Fig....