Encyclopedia of Cryptography and Security

2011 Edition
| Editors: Henk C. A. van Tilborg, Sushil Jajodia

Key Encryption Key

  • Torben Pedersen
Reference work entry
DOI: https://doi.org/10.1007/978-1-4419-5906-5_291

Related Concepts


A key encryption key (KEK) is a cryptographic key that is used for encrypting other cryptographic keys.


The security of any use of cryptography depends on keeping the cryptographic keys secure. This follows Kerchoffs’ principle (see [1]) that when analyzing the strength of a cryptosystem, one should assume that the cryptographic algorithms are known to the attacker. This means that it is of utmost importance that cryptographic keys are managed securely when they are used and stored as well as when they are transmitted between parties sharing the keys. Such protection can be achieved by encrypting the keys under other cryptographic keys called key encryption keys. As a key encryption key can encrypt many other keys, proper handling of one key encryption key can be used to secure many other keys.


When a system or an...

This is a preview of subscription content, log in to check access.

Recommended Reading

  1. 1.
    Kerckhoffs A (Jan 1883) La cryptographie militaire. J Sci Mil IX:5–38. http://www.petitcolas.net/fabien/kerckhoffs/
  2. 2.
    FIPS140 (2001) Security requirements for cryptographic modules. FIPS 140-2. NIST, Gaithersburg, 25 May 2001Google Scholar
  3. 3.
    ISO/IEC 19790 Information technology – security techniques – security requirements for cryptographic modulesGoogle Scholar
  4. 4.
    ISO 11568-2 (2007) Banking – key management (retail) – symmetric ciphers, their key management and life cycleGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC 2011

Authors and Affiliations

  • Torben Pedersen
    • 1
  1. 1.CryptomathicÅrhusDenmark