Controlled use of cryptographic keys via generating station established control values

Assignee

• International Business Machines Corporation · US

Inventors

• Stephen M. Matyas · Manassas, US
• Carl H. W. Meyer · Portage, US
• Bruno O. Brachtl · Eppelheim, DE

Key dates

Classification

• Technology area (CPC Y)Emerging Cross-Sectional Technologies
• CPC primaryY04S40/20
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method for controlling the use of a cryptographic key at a using station by a generating station in a network of generating and using stations is disclosed. A control value specifying the use of the cryptographic key is transmitted with a generated cryptographic key to at least two designated using stations one of which may be the generating station. Each of the generating and using stations have cryptographic facilities that securely store a master key. Two techniques are described for controlling the use of the cryptographic key. In the first, the key and the control value are authenticated via a special authentication code before use by the using station. In the second, the key and control value are coupled during key generation such that the key is recovered only if a correct control value is specified. In addition, two techniques are described for controlling who may use the cryptographic key. In the first, each using station has a unique secret transport key shared with the generating station which generates the key in such a way that it can be recovered or regenerated only by the designated using station possessing the correct secret transport key. In the second, secret tr…