Versions Compared

Old Version 1

changes.mady.by.user IT-ADMIN G

Saved on

compared with

New Version 2

changes.mady.by.user Ryan Ho

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Cryptographic keys need to be kept secret to preserve the secrecy of the encrypted data. For this reason, keys that are used to encrypt payment transactions (production keys) should not exist in whole out side outside an HSM (Hardware Security Module). If a key needs to be transferred from one HSM to another, It can be split into partscomponents (usually 2 but sometime 3 components). Each part is then placed in a tamper evident package and shipped 

For spiting into 2 parts:

...

component is meaningless by itself. One can derive the key only with all the components. When transferring keys, great care should be taken to ensure the components are never in the same location at the same time. The HSM splits the key into components for trans port. Each component should be handled by different operators. Each operator will place a component into a tamper evident package and ship the package. Each packages will be shipped via different carriers to different recipients. The operators that receive components will enter the information into the receiving HSM. The KCV (Key Check Value) will be used to verify each component and the final key once the components have been combined.  Because, the splitting and combining is done for you (by the HSM), you really don't NEED to know HOW it's done. Some of us are just intellectually curious others have special projects that might benefit from knowing this information. Below I try to explain how to split and combine keys.

Spiting keys into components: 

2 component parts:

  1. Start with the Key1 (using the ANSI standard key for this example):0123456789ABCDEFFEDCBA9876543210
  2. create a random number of the same length (16 bytes in this example): 53F3E87462D80A4FC9DD9F3F3149D989 0452DDB661F7DCDC1046C2F044CAAAD5 (this will become key Component1)
  3. XOR the 2 numbers : 52D0AD13EB73C7A0370125A7471DEB99

The usual method of "splitting a key" K into two keys K0 and K1 given to two parties, for the purpose described, is as follows:

generate K1 randomly, of the same size as K;
set K0=K⊕K1K0=K⊕K1.
"Joining" K0K0 and K1K1 into KK is simply K=K0⊕K1K=K0⊕K1.

This construct is such that each of the two parties gain absolutely no advantage by getting its split key KjKj, unless it also gets the other; it just is random, and unrelated to KK.

This can be generalized to n>2n>2 parties that must all collaborate to reconstruct KK:

generate K1K1 to Kn−1Kn−1 randomly, of the same size as KK;
set K0=K⊕K1⊕..⊕Kn−1K0=K⊕K1⊕..⊕Kn−1.
Of course joining is K=K0⊕K1⊕..⊕Kn−1K=K0⊕K1⊕..⊕Kn−1.

The usual method of "splitting a key" KK into two keys K0K0 and K1K1 given to two parties, for the purpose described, is as follows:

  • generate K1K1 randomly, of the same size as KK;
  • set K0=KK1K0=K⊕K1.

"Joining" K0K0 and K1K1 into KK is simply K=K0K1K=K0⊕K1.

This construct is such that each of the two parties gain absolutely no advantage by getting its split key KjKj, unless it also gets the other; it just is random, and unrelated to KK.

This can be generalized to n>2n>2 parties that must all collaborate to reconstruct KK:

  • generate K1K1 to Kn1Kn−1 randomly, of the same size as KK;
  • set K0=KK1..Kn1K0=K⊕K1⊕..⊕Kn−1.

Of course joining is K=K0K1..Kn1K=K0⊕K1⊕..⊕Kn−1.

...

  1. (Component1 and Key1): 0452DDB661F7DCDC1046C2F044CAAAD5 XOR 0123456789ABCDEFFEDCBA9876543210 = 057198D1E85C1133EE9A7868329E98C5 (the result will be key component 2)
    Key:                 0123456789ABCDEFFEDCBA9876543210 KCV:08D7B4
    Component1:   0452DDB661F7DCDC1046C2F044CAAAD5 
    Component2:   057198D1E85C1133EE9A7868329E98C5 

Info

The KCV is the "Key Check Value" for the key, calculated by assuming the key/components are 3DES keys, and encrypting a string of binary zeroes. The KCV is the first six hex digits of the resulting ciphertext.

Combining components into keys:


3 component parts:

  1. Start with the Key1 (using the ANSI standard key for this example):0123456789ABCDEFFEDCBA9876543210
  2. create 2 random number of the same length (16 bytes in this example): 988A59D7273186B8C9C9922B6D40BA75 and 8936E5269ADFABE7D4829B2EFB3BF5D9 (the random numbers will become Component1 and Component2)
  3. XOR the 3 numbers. i.e. XOR Key1, Component1 and Component2 together: XOR(0123456789ABCDEFFEDCBA9876543210, 988A59D7273186B8C9C9922B6D40BA75, 8936E5269ADFABE7D4829B2EFB3BF5D9) = 109FF9963445E0B0E397B39DE02F7DBC (the result will be key Component3)


When combining keys. You will do the reverse

2 Parts:

XOR Component1 and Component2 to get Key1


3 Parts:

XOR Component1 and Component2 and Component3 to get Key1