A method introduced—and patented in a number of application scenarios—by IBM in the 1980s for the control of cryptographic key usage. The basic idea is that each cryptographic key has an associated control vector, which defines the permitted uses of the key within the system, and this is enforced by the use of tamper resistant hardware. At key generation, the control vector is cryptographically coupled to the key, e.g., by XOR-ring the key with the control vector before encryption and distribution. Each encrypted key and control vector is stored and distributed within the cryptographic system as a single token.
As an example, nonrepudiation may be achieved between two communicating hardware boxes by the use of a conventional MAC algorithmsusing symmetric methods. The communicating boxes would share the same key, but whereas one box would only be allowed to generate a MAC with that key, the other box would only be able to verify a MAC with the same key. The transform of the same key...
This is a preview of subscription content, log in via an institution.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this entry
Cite this entry
Landrock, P. (2005). Control Vectors. In: van Tilborg, H.C.A. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA . https://doi.org/10.1007/0-387-23483-7_77
Download citation
DOI: https://doi.org/10.1007/0-387-23483-7_77
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-23473-1
Online ISBN: 978-0-387-23483-0
eBook Packages: Computer ScienceReference Module Computer Science and Engineering