Table of Contents
Definition Encryption Keys
Key management
Key management is of the most complicated processes of applied cryptography and occurs at the time of the formation and function of cryptographic systems for the protection of information. The vulnerabilities of the key management components – generation, storage, use, distribution as well as exchange protocols, etc. they are the main reasons for the intrusion of real information protection systems. That’s why we pay close attention to managing the key life cycle, starting with their generation and ending with deletion and change in Stealthphone and Stealthphone Tell systems.
Also read: What is Document Scanning? – Definition, Examples, And More
Quality control of keys
During the generation of the keys by the hardware means (Stealthphone Hard, Stealthphone Key Hard) and the software means (Stealthphone Soft, Stealthphone Tell, Stealthphone Key), the permanent quality control of the keys needs examining their static parameters and verification of the absence of regularities.
Hardware generators
They use random number indicators based on physical processes whose characteristics were confirmed by laboratory research.
Software generators
They work on the principle of constant accumulation of entropy (a genuinely random sequence) and its subsequent use in key generation procedures. The source of entropy is all the processes that happen with the smartphone, tablet, and also personal computer. If the system considers the entropy volume insufficient, it can offer the subscriber to take some action with the device. The entropy accumulation processes used in software generators were tested and demonstrated excellent characteristics.
In all types of generation, various procedures work for the dynamic control of the static characteristics of the generated keys.
Keys storage
All keys are stored in encrypted form or are not stored and generated in real-time using the password and various additional data. We can do the decryption of encryption keys only in the case of their use to encrypt information. The keys, decrypted for the operation, are stored in encrypted form in the memory of the device.
The classification of the keys
Despite fundamental differences in their architectures, the Stealthphone and Stealthphone Tell core systems are based on the same key classification principles that determine the rules for their use:
All encryption keys divide into data encryption keys and key-encryption keys. We can use each key only to encrypt the data (including voice) or to encrypt the keys (the data and voice encryption keys).
All [encryption keys] divide up into long-use and single-use keys. Long-use keys are for a particular time; one-time keys are only once for encryption of a piece of data or voice. Long-use keys include the encryption keys of the keys and the encryption keys of the data in the memory of the smartphone or computer; Procedures for their replacement, regular or non-regular – in case of loss or intrusion are available for long-use keys.
The keys can form a hierarchy.
At the top is the authentication key that we do not store anywhere. And then is generated by subscriber authentication processes based on the password.
It gets followed by the encrypted master key with the authentication key used for encryption of:
- All [encryption keys] of data [encryption keys]
- All [encryption keys] for data stored on Stealthphone Hard, smartphone, or tablet.
The next level of keys is [encryption keys] for data [encryption keys] that are encrypted with the master key and used for encryption of single-use encryption data keys and also keys intended for the generation of the voice encryption session keys.
The bottom of the hierarchy consists of the keys that are present to encrypt the data.
Each key of this type is also encrypted.
- Firstly, for voice encryption, we can use only one-time session keys and remove them when the conversation ends.
- Secondly, the volume of voice data encrypted with a session key has limits.
- For encryption of transmitted data, only one-time keys get used.
- And also, the volume of data encrypted with a session key has limits.
Also read: What is Ad Fraud? – Definition, Types, And More