Related Concepts
Definition
A key encryption key (KEK) is a cryptographic key that is used for encrypting other cryptographic keys.
Background
The security of any use of cryptography depends on keeping the cryptographic keys secure. This follows Kerchoffs’ principle (see [1]) that when analyzing the strength of a cryptosystem, one should assume that the cryptographic algorithms are known to the attacker. This means that it is of utmost importance that cryptographic keys are managed securely when they are used and stored as well as when they are transmitted between parties sharing the keys. Such protection can be achieved by encrypting the keys under other cryptographic keys called key encryption keys. As a key encryption key can encrypt many other keys, proper handling of one key encryption key can be used to secure many other keys.
Theory
When a system or an application...
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Kerckhoffs A (Jan 1883) La cryptographie militaire. J Sci Mil IX:5–38. http://www.petitcolas.net/fabien/kerckhoffs/
FIPS140 (2001) Security requirements for cryptographic modules. FIPS 140-2. NIST, Gaithersburg, 25 May 2001
ISO/IEC 19790 Information technology – security techniques – security requirements for cryptographic modules
ISO 11568-2 (2007) Banking – key management (retail) – symmetric ciphers, their key management and life cycle
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Pedersen, T. (2011). Key Encryption Key. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_291
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_291
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering