The Key

  • Catherine H. Gebotys
Part of the Embedded Systems book series (EMSY)


This chapter will introduce the key, which is perhaps one of the most important aspects of any cryptographic system. A system is only as secure as the key. This was noted by Auguste Kerckhoffs in the nineteenth century and has since become known as Kerchoffs’ principle. Random values, secrets, keys, physically unclonable functions (PUFs), and trusted key storage will be covered in this chapter along with functions used to create, update, or freshen keys. Other important characteristics to be discussed include key length, key lifetime, key backup, key destruction, key recovery, and key revocation. An introduction to security equivalence is also provided since this relies heavily on key length. Various methods for storage of keys will be outlined along with a discussion of trusted platform modules (TPMs). In addition, a networks on chip (NoC) view of keys and their storage and use are also provided.

The specific value of keys may also be constrained by the cryptographic application in which they are used. For example, typically there are fewer constraints on symmetric keys as compared with public–private key pairs where special mathematical properties are required. Various techniques for generating keys and tests for randomness will be discussed in this chapter. In cryptographic theory, there are two general types of keys, symmetric keys and public (or asymmetric) keys (see Chaps. 4 and 5). There are different approaches to implementing public key schemes such as those based upon integer factorization (such as RSA), discrete logarithms (DSA, ElGamal), both discussed in Chap. 4 and Elliptical curve discrete logarithms (ECC), discussed in Chap. 5. Key distribution center, or KDC, key translation center, or KTC, and certificate authorities (CA) are third parties or trusted sources and are discussed further in Chap. 4. A more in-depth discussion of other key systems, such as identity key systems, can be found in Menezes et al. (1996). This chapter will discuss key generation and characteristics including key length, an important parameter dictating security, as well as how keys are restricted to be used with different sets of applications.


Ring Oscillator Message Authentication Code Trust Platform Module Brute Force Attack Secure Core 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. Abelson H et al (1998) The risks of key recovery, key escrow, trusted third party and encryption. Ad Hoc Group of Cryptographers and Computer Scientists.
  2. Atmel (2008) AT97SC3203S trusted platform module, Vers 1.2, SMBus Two-wire interface summary document.
  3. Barker E, Barker W, Burr W, Polk W, Smid M (2007) Recommendation for key management – Part 1: General (Revised). NIST Special publication 800–57Google Scholar
  4. Biham E, Shamir A (1990) Differential cryptanalysis of DES-like cryptosystems. In: Advances in cryptology, CRYPTO ‘90. doi = Springer, Berlin, pp 2–21Google Scholar
  5. Dichtl M, Golic JDj (2007) High-Speed true random number generation with logic gates only. In: Paillier P, Verbauwhede I (eds) CHES 2007, LNCS, vol. 4727. Springer, BerlinGoogle Scholar
  6. Gebotys C, Gebotys R (2003) A framework for security on NoC technologies. In: IEEE proceedings of annual symposium on VLSIGoogle Scholar
  7. Gebotys C, Zhang Y (2003) Security wrappers and power analysis for SoC technologies. In: Proceedings of ACM/IEEE/IFIP international conference on hardware/software codesign and system synthesis, pp 162–167Google Scholar
  8. Hardjono T, Kazmierczak G (2008) Overview of the TPM key management standard. TCG presentation.
  9. Huang A (2002) Keeping secrets in hardware: the Microsoft xbox study. MIT AI laboratory, AI Memo 2002–2008.
  10. Jun B, Kocher P (1999) The Intel random number generator. Cryptography research, Inc. White paper prepared for Intel corporationGoogle Scholar
  11. Kinney S (2006) Trusted platform module basics: using TPM in embedded systems. Newnes, Oxford.Google Scholar
  12. Kocher PC (1999) Leak-resistant cryptographic indexed key update. US Patent 6,539,092, 2003Google Scholar
  13. Lofstrom K, Daasch WR, Taylor D (2000) Identification circuit using device mismatch. In: Proceedings of ISSCC 2000Google Scholar
  14. Menezes A, van Oorschot P, Vanstone S (1996) Handbook of applied cryptography. CRC, Boca Raton, FLCrossRefGoogle Scholar
  15. Pappu R (2001) Physical one-way functions. PhD thesis, Massachusetts Institute of TechnologyGoogle Scholar
  16. Schneier B (1996) Applied cryptography. Wiley, New YorkGoogle Scholar
  17. Shamir A, Van Someren N (1998) Playing hide and seek with stored keys. In: Financial cryptography 1998, LNCS, vol. 1648. doi: 10.1007/3–540–48390-X 1999. Springer, Berlin, pp 118–124Google Scholar
  18. Skoric B, Tuyls P, Ophey W (2005) Robust key extraction from physical unclonable functions. In: Proceedings of the applied cryptography and network security conference 2005, LNCS, vol. 3531Google Scholar
  19. Stinson DR (2006) Cryptography, 3rd edn. Chapman and Hall/CRC, London/Boca Raton, FLMATHGoogle Scholar
  20. Suh GE, Devadas S (2007) Physical unclonable functions for device authentication and secret key generationGoogle Scholar
  21. Vasyltsov I et al (2008) Fast digital TRNG based on metastable ring oscillator, CHES 2008, LNCS, vol. 5154, IACR. Springer, Berlin, pp 146–163Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  1. 1.Department of Electrical & Computer EngineeringUniversity of WaterlooWaterlooCanada

Personalised recommendations