公开(公告)号：DE68926005T2

公开(公告)日：1996-10-17

申请号：DE68926005

申请日：1989-08-09

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  ABRAHAM DENNIS G ,  JOHNSON DONALD B ,  KARNE RAMESH K ,  LE AN V ,  PRYMAK ROSTISLAW ,  THOMAS JULIAN ,  WILKINS JOHN D ,  YEH PHIL C ,  SMITH RONALD M ,  WHITE STEVE R ,  ARNOLD WILLIAM C

IPC: G07F7/10 ,  H04L9/00 ,  H04L9/08 ,  H04L9/32

Abstract: Arrangements are disclosed for validating that key management functions requested for a cryptographic key by the program have been authorised by the originator of the key. The invention includes a cryptographic facility characterised by a secure boundary through which passes an input path for receiving the cryptographic service requests, cryptographic keys and their associated control vectors, and an output path for providing responses thereto. There can be included within the boundary a cryptographic instruction storage coupled to the input path, a control vector checking unit and a cryptographic processing unit coupled to the instruction storage, and a master key storage coupled to the processing means, for providing a secure location for executing key management functions in response to the received service requests. The cryptographic instruction storage receives over the input path a cryptographic service request for performing a key management function on a cryptographic key. The control vector checking unit has an input coupled to the input path for receiving a control vector associated with the cryptographic key and an input connected to the cryptographic instruction storage, for receiving control signals to initiate checking that the control vector authorises the key management function which is requested by the cryptographic service request. The control vector checking unit has an authorisation output connected to an input of the cryptographic processing means, for signalling that the key management function is authorised, the receipt of which by the cryptographic processing unit initiates the performance of the requested key management function with the cryptographic key. The invention enables the flexible control of many cryptographic key management functions in the generation, distribution and use of cryptographic keys, while maintaining a high security standard.

公开(公告)号：DE69111556T2

公开(公告)日：1996-03-07

申请号：DE69111556

申请日：1991-09-25

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  JOHNSON DONALD B ,  LE AN V ,  MARTIN WILLIAM C ,  ROHLAND WILLIAM S ,  WILKINS JOHN D

IPC: G09C1/00 ,  H04L9/08 ,  H04L9/10 ,  H04L9/30 ,  H04L9/32

Abstract: A method and apparatus in a public cryptographic system, control the use of a public key, based on the level of integrity for the public key. The method and apparatus generate a control vector associated with the public key, having a first field. The public key and the control vector are transmitted from the location of generation over a communications link to a receiving location, using the selected one of a plurality of levels of integrity for the transmission. At the receiving location, the public key and the control vector are tested to determine the received level of integrity for the transmission. Then, a value is written into the first field of the control vector which characterizes the received level of integrity. Thereafter, cryptographic applications for the public key are limited by control vector checking, to only those applications which have a required level of integrity which is not greater than the received level of integrity characterized by the first field in the control vector.

公开(公告)号：DE69111556D1

公开(公告)日：1995-08-31

申请号：DE69111556

申请日：1991-09-25

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  JOHNSON DONALD B ,  LE AN V ,  MARTIN WILLIAM C ,  ROHLAND WILLIAM S ,  WILKINS JOHN D

IPC: G09C1/00 ,  H04L9/08 ,  H04L9/10 ,  H04L9/30 ,  H04L9/32

Abstract: A method and apparatus in a public cryptographic system, control the use of a public key, based on the level of integrity for the public key. The method and apparatus generate a control vector associated with the public key, having a first field. The public key and the control vector are transmitted from the location of generation over a communications link to a receiving location, using the selected one of a plurality of levels of integrity for the transmission. At the receiving location, the public key and the control vector are tested to determine the received level of integrity for the transmission. Then, a value is written into the first field of the control vector which characterizes the received level of integrity. Thereafter, cryptographic applications for the public key are limited by control vector checking, to only those applications which have a required level of integrity which is not greater than the received level of integrity characterized by the first field in the control vector.

公开(公告)号：DE68922884D1

公开(公告)日：1995-07-06

申请号：DE68922884

申请日：1989-08-09

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  JOHNSON DONALD B ,  ABRAHAM DENNIS G ,  KARNE RAMESH K ,  LE AN V ,  PRYMAK ROSTISLAW ,  THOMAS JULIAN ,  WILKINS JOHN D ,  YEH PHIL C ,  SMITH RONALD M

IPC: G06F9/30 ,  G07F7/10 ,  H04L9/32 ,  H04L9/00

公开(公告)号：DE69019593D1

公开(公告)日：1995-06-29

申请号：DE69019593

申请日：1990-03-28

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  ABRAHAM DENNIS G ,  JOHNSON DONALD B ,  KARNE RAMESH K ,  LE AN V ,  MCCORMACK PATRICK J ,  PRYMAK ROSTISLAW ,  WILKINS JOHN D

IPC: G09C1/00 ,  G06F9/30 ,  G07B17/00 ,  H04L9/08 ,  G07F7/10 ,  H04L9/32

公开(公告)号：CA2036858C

公开(公告)日：1994-03-01

申请号：CA2036858

申请日：1991-02-21

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  JOHNSON DONALD B ,  LE AN V ,  MARTIN WILLIAM C ,  PRYMAK ROSTISLAW ,  WILKINS JOHN D

IPC: G06F21/22 ,  G09C1/00 ,  H04L9/08 ,  G06F9/445 ,  G06F9/00 ,  G06F9/44

Abstract: SECURE KEY MANAGEMENT USING PROGRAMMABLE CONTROL VECTOR CHECKING The invention includes a control vector checking code repository located either within the same system as the cryptographic facility or alternately remotely from the system containing the cryptographic facility. The control vector checking code repository will be linked to the cryptographic facility by one of several means. A first means for linking the repository to the cryptographic facility would include a physically secure data communications link. A second means for connecting the repository to the cryptographic facility would be by using an insecure channel with authentication, wherein either a modification detection code or alternately a message authentication code would be transmitted to the cryptographic facility and then the desired control vector checking code would be transmitted over the link. The cryptographic facility will include a code authorization mechanism to compare the transmitted MAC or MDC with a corresponding value computed from the received control vector checking code. If the two values of the MDC or the MAC compare, then the control vector checking code is authenticated and loaded into the control vector checking unit for carrying out the control vector checking operations desired. The control vector checking code repository can be located in a remote system connected by means of the communications link to the crypto facility, or alternately the repository can reside in the same system as the crypto facility. This provides for the dynamic updating of control vector checking code, where improvements or alterations are made to the control vector checking sequence. This also provides for a reduced memory size in the crypto facility, being sufficiently large to accommodate subsidiary control vector checking applications, with alternate control vector checking applications requiring the reloading of the control vector checking unit from the repository.