公开(公告)号：DE68922884T2

公开(公告)日：1995-11-30

申请号：DE68922884

申请日：1989-08-09

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  JOHNSON DONALD B ,  ABRAHAM DENNIS G ,  KARNE RAMESH K ,  LE AN V ,  PRYMAK ROSTISLAW ,  THOMAS JULIAN ,  WILKINS JOHN D ,  YEH PHIL C ,  SMITH RONALD M

IPC: G06F9/30 ,  G07F7/10 ,  H04L9/32 ,  H04L9/00

公开(公告)号：CA1322418C

公开(公告)日：1993-09-21

申请号：CA602905

申请日：1989-06-15

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  ABRAHAM DENNIS G ,  JOHNSON DONALD B ,  KARNE RAMESH K ,  LE AN V ,  PRYMAK ROSTISLAW ,  THOMAS JULIAN ,  WILKINS JOHN D ,  YEH PHIL C

IPC: G09C1/00 ,  H04L9/00 ,  H04L9/08 ,  H04L9/10 ,  H04L9/32

Abstract: MA9-88-012 DATA CRYPTOGRAPHY OPERATIONS USING CONTROL VECTORS Data cryptography is achieved in an improved manner by associating with the data cryptography key, a control vector which provides the authorization for the uses of the key intended by the originator of the key. Among the uses specified by the control vector are limitations on encryption, decryption, authentication code generation and verification, translation of the user's data. Complex combinations of data manipulation functions are possible using the control vectors, in accordance with the invention. The system administrator can exercise flexibility in changing the implementation of his security policy by selecting appropriate control vectors in accordance with the invention. Complex scenarios such as encrypted mail box, session protection, file protection, ciphertext translation center, peer-to-peer ciphertext translation, message authentication, message authentication with non-repudiation and many others can be easily implemented by a system designer using the control vectors, in accordance with the invention.

公开(公告)号：CA1319198C

公开(公告)日：1993-06-15

申请号：CA600674

申请日：1989-05-25

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  ABRAHAM DENNIS G ,  ARNOLD WILLIAM C ,  JOHNSON DONALD B ,  KARNE RAMESH K ,  LE AN V ,  PRYMAK ROSTISLAW ,  WHITE STEVE R ,  WILKINS JOHN D

IPC: G09C1/00 ,  H04L9/08

Abstract: MA9-88-023 SECURE MANAGEMENT OF KEYS USING EXTENDED CONTROL VECTORS A method and apparatus are disclosed for use in a data processing system which executes a program which outputs cryptographic service requests for operations with cryptographic keys which are associated with control vectors defining the functions which each key is allowed by its originator to perform. The improved method and apparatus enable the use of control vectors having an arbitrary length. It includes a control vector register having an arbitrary length, for storing a control vector of arbitrary length associated with an N-bit cryptographic key. It further includes a control vector checking means having an input coupled to the control vector register, for checking that the control vector authorizes the cryptographic function which is requested by the cryptographic service request. It further includes a hash function generator having an input coupled to the control vector register and an N-bit output, for mapping the control vector output from the control vector register, into an N-bit hash value. A key register is included for storing the N-bit cryptographic key. It further includes a logic block having a first input coupled to the N-bit output of the hash function generator, and a second input connected to the key register, for forming at the output thereof a product of the N-bit key and the N-bit hash value. Finally, an encryption device is included having a first input for receiving a cleartext data stream and a key input coupled to the output of the logic block, for forming a ciphertext data stream at the output thereof from the cleartext data stream and the product. A decryption device can be substituted for the encryption device to perform decryption operations in a similar manner.

公开(公告)号：CA1313411C

公开(公告)日：1993-02-02

申请号：CA600676

申请日：1989-05-25

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  ABRAHAM DENNIS G ,  JOHNSON DONALD B ,  KARNE RAMESH K ,  LE AN V ,  PRYMAK ROSTISLAW ,  THOMAS JULIAN ,  WILKINS JOHN D ,  YEH PHIL C ,  SMITH RONALD M

IPC: G09C1/00 ,  G07F7/10 ,  H04L9/00 ,  H04L9/32

Abstract: PERSONAL IDENTIFICATION NUMBER PROCESSING USING CONTROL VECTORS Cryptographic PIN processing is achieved in an improved manner by associating control vectors with the PIN generating (verification) keys and PIN encrypting keys which provide authorization for the uses of the keys intended by the originator of the keys. The originator may be the local cryptographic facility (CF) and a utility program under the control of a security administrator, or the originator may be another network node. Among the uses specified by the control vector are limitations on the authority to use the associated key with certain PIN processing instructions, such as PIN generation, verification, translation and PIN block creation. Furthermore, the control vector may limit the authority of certain instructions to process clear PIN inputs (such as in PIN verification). The control vector may contain information identifying and, possibly restricting, PIN processing to a particular PIN format or particular processing algorithm. The control vector implementation provides a flexible method for coupling format, usage, and processing authorization to keys. The system administrator can exercise flexibility in changing the implementation of his security policy by selecting appropriate control vectors in accordance with the invention. Furthermore, a method is provided for the security administrator to restrict certain PIN format translations. MA9-88-013

公开(公告)号：DE69230489D1

公开(公告)日：2000-02-03

申请号：DE69230489

申请日：1992-09-11

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  JOHNSON DONALD B ,  LE AN V ,  PRYMAK ROSTISLAW ,  MARTIN WILLIAM C ,  ROHLAND WILLIAM S ,  WILKINS JOHN D

IPC: G09C1/00 ,  G06F1/00 ,  G06F21/00 ,  H04L9/08 ,  H04L9/32

Abstract: Device A in a public key cryptographic network will be constrained to continue to faithfully practice a security policy dictated by a network certification center, long after device A's public key PUMa has been certified. If device A alters its operations from the limits encoded in its configuration vector, for example by loading a new configuration vector, device A will be denied participation in the network. To accomplish this enforcement of the network security policy dictated by the certification center, it is necessary for the certification center to verify at the time device A requests certification of its public key PUMa, that device A is configured with the currently authorized configuration vector. Device A is required to transmit to the certification center a copy of device A's current configuration vector, in an audit record. The certification center then compares device A's copy of the configuration vector with the authorized configuration vector for device A stored at the certification center. If the comparison is satisfactory, then the certification center will issue the requested certificate and will produce a digital signature dSigPRC on a representation of device A's public key PUMa, using the certification center's private certification key PRC. Thereafter, if device A attempts to change its configuration vector, device A's privacy key PRMa corresponding to the certified public key PUMa, will automatically become unavailable for use in communicating in the network.

公开(公告)号：DE69230429D1

公开(公告)日：2000-01-20

申请号：DE69230429

申请日：1992-09-11

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  JOHNSON DONALD B ,  LE AN V ,  PRYMAK ROSTISLAW ,  MARTIN WILLIAM C ,  ROHLAND WILLIAM S ,  WILKINS JOHN D

IPC: G09C1/00 ,  G06F9/30 ,  H04L9/00 ,  H04L9/08

Abstract: A computer apparatus, program and method function in a data processing system to replicate a cryptographic facility. The system includes a first cryptographic facility containing a portable part which personalizes the first cryptographic facility. The system also includes a second cryptographic facility which is linked to the first cryptographic facility by a public key cryptographic system. The portable part of the first cryptographic facility is encrypted and transferred to the second cryptographic facility, where it is decrypted and used to personalize the second cryptographic facility to enable replication of the first cryptographic facility. In one application, personalization of the second cryptographic facility can be in response to the detection of a failure in the first cryptographic facility. In another application, multiple cryptographic facilities can be brought on-line for parallel operation in the data processing system.

公开(公告)号：CA2100234C

公开(公告)日：1999-01-19

申请号：CA2100234

申请日：1993-07-09

Applicant: IBM

Inventor： ELANDER ROBERT C ,  HOLLOWAY CHRISTOPHER J ,  JOHNSON DONALD B ,  RANDALL JAMES D ,  WILKINS JOHN D ,  KELLY MICHAEL J ,  LE AN V ,  LUBOLD PAUL G ,  MATYAS STEPHEN M

IPC: G09C1/00 ,  H04L9/06 ,  H04L9/08 ,  H04L9/30 ,  G09C5/00

Abstract: A method and system are disclosed for the implementation of a weakened privacy channel. This is achieved through use of a weakened symmetric cryptographic algorithm called commercial data masking. The masked text is created from clear text at one system and may to transported electronically to another system where the masked text may be unmasked to produce the clear text. The reason to use the commercial data masking algorithm for data privacy is that it is exportable to organizations to which products which contain the Data Encryption Algorithm when used for data privacy are not exportable. In addition, a method and system is disclosed by which the key when used for commercial data masking may be transformed into a key that may be used with the Data Encryption Algorithm.

公开(公告)号：CA2071413C

公开(公告)日：1999-01-05

申请号：CA2071413

申请日：1992-06-17

Applicant: IBM

Inventor： ROHLAND WILLIAM S ,  WILKINS JOHN D ,  JOHNSON DONALD B ,  LE AN V ,  MARTIN WILLIAM C ,  PRYMAK ROSTISLAW ,  MATYAS STEPHEN M

IPC: G09C1/00 ,  G06F1/00 ,  G06F21/00 ,  H04L9/08 ,  H04L9/32 ,  H04L9/30

Abstract: Device A in a public key cryptographic network will be constrained to continue to faithfully practice a security policy dictated by a network certification center, long after device A s public key PUMa has been certified. If device A alters its operations from the limits encoded in its configuration vector, for example by loading a new configuration vector, device A will be denied participation in the network. To accomplish this enforcement of the network security policy dictated by the certification center, it is necessary for the certification center to verify at the time device A requests certification of its public key PUMa, that device A is configured with the currently authorized configuration vector. Device A is required to transmit to the certification center a copy of device A's current configuration vector, in an audit record. The certification center then compares device A's copy of the configuration vector with the authorized configuration vector for device A stored at the certification center. If the comparison is satisfactory, then the certification center will issue the requested certificate and will produce a digital signature dSigPRC on a representation of device A's public key PUMa, using the certification center's private certification key PRC. Thereafter, if device A attempts to change its configuration vector, device A's privacy key PRMa corresponding to the certified public key PUMa, will automatically become unavailable for use in communicating in the network.

公开(公告)号：CA2075329C

公开(公告)日：1998-03-31

申请号：CA2075329

申请日：1992-08-05

Applicant: IBM

Inventor： WILKINS JOHN D ,  MARTIN WILLIAM C ,  ROHLAND WILLIAM S ,  JOHNSON DONALD B ,  MATYAS STEPHEN M ,  LE AN V ,  PRYMAK ROSTISLAW

IPC: G09C1/00 ,  G06F9/30 ,  H04L9/08 ,  H04L9/30

Abstract: A data processing system, method and program are disclosed, for managing a public key cryptographic system. The method includes the steps of generating a first public key and a first private key as a first pair in the data processing system, for use with a first public key algorithm and further generating a second public key and a second private key as a second pair in the data processing system, for use with a second public key algorithm. The method then continues by assigning a private control vector for the first private key and the second private key in the data processing system, for defining permitted uses for the first and second private keys. Then the method continues by forming a private key record which includes the first private key and the second private key in the data processing system, and encrypting the private key record under a first master key expression which is a function of the private control vector. The method then forms a private key token which includes the private control vector and the private key record, and stores the private key token in the data processing system. At a later time, the method receives a first key use request in the data processing system, requiring the first public key algorithm. In response to this, the method continues by accessing the private key token in the data processing system and checking the private control vector to determine if the private key record contains a key having permitted uses which will satisfy the first request. The method then decrypts the private key record under the first master key expression in the data processing system and extracts the first private key from the private key record. The method selects the first public key algorithm in the data processing system for the first key use request and executes the first public key algorithm in the data processing system using the first private key to perform a cryptographic operation to satisfy the first key use request.

公开(公告)号：DE69217428T2

公开(公告)日：1997-07-17

申请号：DE69217428

申请日：1992-07-10

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  JOHNSON DONALD B ,  LE AN V ,  MARTIN WILLIAM C ,  PRYMAK ROSTISLAW ,  ROHLAND WILLIAM S ,  WILKINS JOHN D

IPC: G06F21/20 ,  G06F9/30 ,  G09C1/00 ,  H04L9/08

Abstract: The patent describes a method and apparatus for securely distributing an initial Data Encryption Algorithm (DEA) key-encrypting key by encrypting a key record (consisting of the key-encrypting key and control information associated with that key-encrypting key) using a public key algorithm and a public key belonging to the intended recipient of the key record. The patent further describes a method and apparatus for securely recovering the distributed key-encrypting key by the recipient by decrypting the received key record using the same public key algorithm and private key associated with the public key and re-encrypting the key-encrypting key under a key formed by arithmetically combining the recipient's master key with a control vector contained in the control information of the received key record. Thus the type and usage attributes assigned by the originator of the key-encrypting key in the form of a control vector are cryptographically coupled to the key-encrypting key such that the recipient may only use the received key-encrypting key in a manner defined by the key originator. The patent further describes a method and apparatus to improve the integrity of the key distribution process by applying a digital signature to the key record and by including identifying information (i.e., an originator identifier) in the control information of the key record. The integrity of the distribution process is enhanced by verifying the digital signature and originator identifier at the recipient node.