4 Requirements to cryptosystems

1 Knowledge of encryption algorithm must not decrease cryptofirmness. Cryptofirmness of algorithm is based exceptionally on secrecy of the key.

2 A ciphered message must be able to be read only at knowledge of the key.

3 Cipher must be firm even when a disturber knows plenty of input data and cipher information corresponding to it.

4 Number of operations, necessary for deciphering of message by surplus of all of the possible keys must have a strict lower estimation. This number must either go outside the possibilities of modern computers or require creation of the expensive computer systems.

5 Insignificant change of the key or plaintext must cause the substantial change of ciphertext view.

6 Structural elements of encryption algorithm must be unchangable.

7 Length of ciphertext must be equal to length of plaintext.

8 Additional bits, entered in a message in the process of encipherement must be fully and reliably hidden in ciphertext.

9 There must not be simple and easily set dependences between the keys which are utillized in the process of encipherement.

10 Any key from the great number of the possible keys must provide a reliable information protection.

A necessity for storage and transmission of the keys, ciphered by other keys, results in conception of hierarchy of the keys. In the standard of ISO 8532 (Banking-key Management) the method of master/session keys is expounded in detail. Essence of method consists of that is entered hierarchy of the keys: master key (MK), key of cipherement of the keys (KK), key of cipherement of data (KD).

A hierarchy of the keys can be:

- two-level (KK / KD);

- three-level (MK / KK / KD).

A lowermost level are work or session KD, which are utillized for the cipherement of information, personal identification numbers (PIN) and authentification of message. When these keys are necessary to be ciphered for purpose of protection at a transmission or storage, utillize the keys of next level - keys of cipherement of the keys. The keys of cipherement of the keys never must be utillized as session (work) KD, and vice versa.

Such division of functions is needed for providing of maximal protection. A standard sets actually, that the different types of the work keys (for example, for the cipherement of information, for authentification et cetera) must be always ciphered by the different versions of the keys of cipherement of the keys.

In particular, keys the cipherements of the keys, in-use for sending of the keys between two nodes of network, are known also as keys of exchange between the nodes of network (cross domain keys). Usually in a channel two keys are utillized for an exchange between the nodes of network, one by one in every direction. Therefore every node of network will have the key of sending, for an exchange with the nodes of network and key of receipt for every channel, supported other node of network.

At top level of hierarchy of the keys a major key - master-key is disposed. This key is used for the cipherement of KK, when it is required to save them on a disk. Usually only one master-key is utillized in every computer.

Master-key spreads between the participants of exchange by an unelectronic method - at the personal contact, to eliminate his intercept and/or compromising. Opening of value of master - key by an opponent is fully destroys protection of computer.

A value is master-key fixed on great time (to a few weeks or months). Therefore generation and storage master-keys are the critical questions of cryptographic protection. In practice master- key of the computer is created by a random selection from all of possible values of the keys. Master-key is placed in a block which protects it from a read-out and record, and also from mechanical influences. However there must be a method of verification, whether a value of the key is correct.

A problem of authentification of master-key can be decided in various ways. One of methods of authentification is shoed on a figure 2.

E_kn (M)

Result

Figure 2 - Chart of authentification of master-key of khost-computer

An administrator, getting a new value of master-key K_n of khost-computer, ciphers some message M with the key K_n. A pair (a cryptogram and a message M) is placed in memory of computer. Every time, when authentification is required of master-key of khost-computer, message M undertakes from memory and given in the cryptographic system. The got cryptogram is compared to the cryptogram, kept in memory. If they coincide, it is considered that this key is correct.

The work keys (for example, session) are usually created by a pseudo-random generator, and can be kept in an unprotected place. It is possible, as such keys are generated in form the proper cryptograms, i.e. the generator of PRN gives out in place of the key K_s its cryptogram, got with a help master-key of computer. Decryption of such cryptogram is executed only before the use of the key K_s.