Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptographic Usage Mask

Published byLiani Darmali Modified over 6 years ago

Similar presentations

Presentation on theme: "Cryptographic Usage Mask"— Presentation transcript:

1 Cryptographic Usage Mask
Nitin Jain ( Safenet )

2 Cryptographic Usage Mask
Currently in KMIP spec usage masks are not briefed clearly under Cryptographic Usage Mask attribute. Add below table in KMIP spec and KMIP usage guide to understand the usage masks. Should add one more line in KMIP spec under Cryptographic Usage Mask attribute : “The Cryptographic Usage Mask attribute defines the cryptographic usage of a Symmetric Key, Private Key and Public Key Managed objects only.” Note: Request to remove Usage Masks marked with red. Usage Mask Description Applicable Objects 1 Sign Key can be used for Signing the Data. Private Key 2 Verify Key can be used for Verification of Data. Public Key 3 Encrypt Key can be used to Encrypt the Data. Symmetric and Public Key 4 Decrypt Key can be used to Decrypt the Data. Symmetric and Private Key 5 Wrap Key Key can be used to Wrap a Key. 6 Unwrap Key Key can be used to Unwrap a Key. 7 Export This is ambiguous but one thing for sure that this is not for exporting the Key Material (should be deprecated and removed from spec) 8 MAC Generate Key can be used to generate MAC. Symmetric Key 9 MAC Verify Key can be used to verify MAC. 10 Derive Key Key can be used to Derive a Key. Symmetric Key and Secret Data

3 Is it ok to deprecate these from spec and usage guide?
Usage Mask Table Usage Mask Description Applicable Objects 11 Content Commitment This usage mask provides non-repudiation. This mask is can be used when Public Key can be used to verify digital signatures. It protects against the signing entity falsely denying some action. Public Key 12 Key Agreement This mask can be used when Public Key can be used for key agreement. 13 Certificate Sign Key can be used to verify signatures on public key certificates (Public Key Case) or Key can be used to sign public key certificates (Private Key Case) Public Key, Private Key 14 CRL Sign Key can be used to verify signatures on certificate revocation lists (Public Key Case) or Key can be used to sign the CRL (Private Key Case) 15 Generate Cryptogram Description of these usage masks are given in KMIP Usage Guide under section 3.26 However I didn’t find any practical use case which any of KMIP client would use. Is it ok to deprecate these from spec and usage guide? 16 Validate Cryptogram 17 Translate Encrypt 18 Translate Decrypt 19 Translate Wrap 20 Translate Unwrap

Download ppt "Cryptographic Usage Mask"

Similar presentations

PKCS-11 Protocol for Enterprise Key Management

PKCS-11 Protocol for Enterprise Key Management
KMIP 1.3 SP800-130 Issues Joseph Brand / Chuck White / Tim Hudson December 12th, 2013 1.

KMIP 1.3 SP Issues Joseph Brand / Chuck White / Tim Hudson December 12th,
Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.

Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.
PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
Secure Socket Layer.

Secure Socket Layer.
©2009 HP Confidential1 Proposal to OASIS KMIP TC Stan Feather and Indra Fitzgerald Hewlett-Packard Co. 10 September, 2010 Encoding Options for Key Wrap.

©2009 HP Confidential1 Proposal to OASIS KMIP TC Stan Feather and Indra Fitzgerald Hewlett-Packard Co. 10 September, 2010 Encoding Options for Key Wrap.
Key Wrapping in KMIP Mark Joseph, P6R Inc 2/27/2015.

Key Wrapping in KMIP Mark Joseph, P6R Inc 2/27/2015.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
X.509 Certificate management in.Net By, Vishnu Kamisetty

X.509 Certificate management in.Net By, Vishnu Kamisetty
Key Management Lifecycle. Cryptographic key management encompasses the entire lifecycle of cryptographic keys and other keying material. Basic key management.

Key Management Lifecycle. Cryptographic key management encompasses the entire lifecycle of cryptographic keys and other keying material. Basic key management.
Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.

Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Key Management Workshop November 1-2, 2001. 3. Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.

Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.

Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Similar presentations

Ads by Google