Crypotographic key version control facility

Assignee

• International Business Machines Corporation · US

Inventors

• Lucina L. Green · Verbank, US
• Michael J. Kelly · Ottawa, CA
• Ronald M. Smith, Sr. · Wappingers Falls, US
• Julian Thomas · Blooming Grove, US
• Phil C. Yeh · Poughkeepsie, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F12/1408
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A facility for making dynamic changes to a system master key without stopping the system, and without loss of integrity to ongoing cryptographic operations. A version number is generated and associated with the current master key. A dynamic change is made to the master key, resulting in the then current master key becoming the old master key, and a "new" current master key (with a new version number) being placed into operation. Subsequent cryptographic requests using a supplied key enciphered under the old master key are identified by means of a supplied version number associated with the supplied key. This identification triggers a reencipher operation, reenciphering the supplied key under the now current master key--after which the cryptographic operation proceeds. Unique patterns are generated to verify the contents of the master key registers, and to authorize normal use of the cryptographic facility, and issuers of key-change operations.