Hierarchical key management encoding and decoding
First Claim
1. An apparatus for key management comprising:
- (a) a multitude of key registers, said multitude of key registers having a hierarchy with levels;
(b) a multitude of type fields, wherein each type field is associated with a key register;
(c) a key management controller, said key management controller having a multitude of modes;
(d) at least one initialization vector;
(e) key management algorithms; and
(f) key management functions;
wherein said mode is determined by the hierarchical level of the key register, and the key management algorithm used is determined by the key management function being used and said mode.
7 Assignments
0 Petitions
Accused Products
Abstract
The present invention discloses a construction for key management module functionality which provides for secure encoding and decoding of messages which are up to two blocks long. A method for generating an encoded value having a first encoded value part and a second encoded value part from an unencoded value having a first unencoded value part and a second unencoded value part, comprising the steps of: obtaining an initialization vector; and generating the first and second encoded value parts. The first encoded value part is generated by: generating a first result by encrypting the first unencoded value part; generating a second result by performing an exclusive or operation on the first result and the second unencoded value part; generating a third result by performing an exclusive or operation on the second result and the initialization vector; generating a fourth result by encrypting the third result; generating a fifth result by performing an exclusive or operation on the fourth result and the first unencoded value part; and encrypting the fifth result. The second encoded value part is generated by encrypting the second result.
-
Citations
16 Claims
-
1. An apparatus for key management comprising:
-
(a) a multitude of key registers, said multitude of key registers having a hierarchy with levels;
(b) a multitude of type fields, wherein each type field is associated with a key register;
(c) a key management controller, said key management controller having a multitude of modes;
(d) at least one initialization vector;
(e) key management algorithms; and
(f) key management functions;
wherein said mode is determined by the hierarchical level of the key register, and the key management algorithm used is determined by the key management function being used and said mode. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for generating an encoded value having a first encoded value part and a second encoded value part from an unencoded value having a first unencoded value part and a second unencoded value part, comprising the steps of:
-
(a) obtaining an initialization vector;
(b) generating the first encoded value part by;
(i) generating a first result by encrypting the first unencoded value part;
(ii) generating a second result by performing an exclusive or operation on the first result and the second unencoded value part;
(iii) generating a third result by performing an exclusive or operation on the second result and the initialization vector;
(iv) generating a fourth result by encrypting the third result;
(v) generating a fifth result by performing an exclusive or operation on the fourth result and the first unencoded value part; and
(vi) encrypting the fifth result; and
(c) generating the second encoded value part by encrypting the second result. - View Dependent Claims (14)
-
-
15. A method for generating an unencoded value having a first unencoded value part and a second unencoded value part from an encoded value having a first encoded value part and a second encoded value part, comprising the steps of:
-
(a) obtaining an initialization vector;
(b) generating the first unencoded value part by;
(i) generating a first result by decrypting the second encoded value part;
(ii) generating a second result by performing an exclusive or operation on the first result and the initialization vector;
(iii) generating a third result by encrypting the second result;
(iv) generating a fourth result by decrypting the second encoded value part; and
(v) performing an exclusive or operation on the third result and the fourth result;
(c) generating the second unencoded value part by;
(i) generating a fifth result by encrypting the first unencoded value part; and
(ii) generating a sixth result by decrypting the second encoded value part; and
(d) performing an exclusive or operation on the fifth result and the sixth result. - View Dependent Claims (16)
-
Specification