The Local Master Key Variants described in the previous section are used only to protect key usage. The HSM can also use the variant technique to provide additional protection to Triple-DES keys:
· To ensure that the Left and Right parts of a double-length Triple-DES key can only be used as such.
· To ensure that the Left, Middle and Right parts of a triple-length Triple-DES key can only be used as such.
The following variants are used for this purpose:
Double length key Left part – A6
Right part – 5A
Triple length key Left part – 6A
Middle part – DE
Right part – 2B
Key Scheme tags are used to identify the technique used to encrypt keys.
· ‘U’ is used to identify double-length Triple DES keys that are encrypted using the Triple-DES variant Scheme
· ‘T’ is used to identify triple-length Triple DES keys that are encrypted using the Triple-DES variant scheme.
The example below demonstrates how a double-length MK-SMI is encrypted using this method. The test key to be encrypted is:
Test MK-SMI = F1F1 F1F1 F1F1 F1F1 C1C1 C1C1 C1C1 C1C1
1. Refer to the Key Type Table to select the appropriate LMK pair and variant for the type of key that you wish to encrypt. For example, for key type MK-SMI, LMK 28-29 Variant 2 is used (this is the LMK variant that was calculated in the example in section 15):
LMK 28-29 Variant 2 = 401A 1A1A 1A1A 1A1A 1C1C 1C1C 1C1C 1C1C
2. Select the appropriate variants to be applied to the encrypting key. In this case the MK-SMI is a double-length Triple-DES key, so the following variants should be used:
To encrypt the left part of the MK-SMI – A6
To encrypt the right part of the MK-SMI – 5A
3. To create the key with which to encrypt the left part of MK-SMI, Exclusive-OR A6 with the first byte of the right part of the LMK pair:
1C XOR A6 = BA
Key with which to encrypt left part of MK-SMI
= 401A 1A1A 1A1A 1A1A BA1C 1C1C 1C1C 1C1C
4. Use the key calculated in step 3 to encrypt the left part of the MK-SMI:
Key with which to encrypt left part of MK-SMI
= 401A 1A1A 1A1A 1A1A BA1C 1C1C 1C1C 1C1C
Left part of MK-SMI = F1F1 F1F1 F1F1 F1F1
Result of Triple-DES encryption is: 5178 C9D3 D105 2B15
5. To create the key with which to encrypt the right part of MK-SMI, Exclusive-OR 5A with the first byte of the right part of the LMK pair
1C XOR 5A = 46
Key with which to encrypt left part of MK-SMI
= 401A 1A1A 1A1A 1A1A 461C 1C1C 1C1C 1C1C
6. Use the key calculated in step 5 to encrypt the right part of the MK-SMI:
Key with which to encrypt right part of MK-SMI
= 401A 1A1A 1A1A 1A1A 461C 1C1C 1C1C 1C1C
Right part of MK-SMI = C1C1 C1C1 C1C1 C1C1
Result of Triple-DES encryption is:
BF6A EC45 8B4A 4564
7. The encrypted MK-SMI is the result of step 4 concatenated with the result of step 6:
5178 C9D3 D105 2B15 BF6A EC45 8B4A 4564
The example above can be demonstrated on an HSM by using the FK console command, with inputs as follows:
Offline-AUTH>FK
Enter key length [1,2,3]: 2
Enter key type: 209 (This is the Key Type for an MK-SMI - See Key Type Table)
Enter key scheme: U (This instructs the HSM to use the appropriate variants for double-length Triple-DES keys)
Enter component type [X,H,T,E,S]: X
Enter number of components [1-9]: 2
Enter component 1: 50505050505050505050505050505050 < RETURN >
Enter component 2: A1A1A1A1A1A1A1A19090909090909090 < RETURN >
Encrypted key: U 5178 C9D3 D105 2B15 BF6A EC45 8B4A 4564
Key check value: 8357D9
When the Variants are applied to the standard test LMK set, the first bytes of the second key are as follows: