Key management
Key Lifecycle Management

Global Key Types

1min

You can define a Global Key Type that is accessible across all services. Each service can modify the Global Key Type configuration or add a new Key Type that is only accessible under that service.

The following example demonstrates how to create Global Key Types for the 3DES KTK, MAK, PEK, and CVK keys:

1

Log in to the web dashboard under dual-control access with your Administrator users.

2

Select the gear icon in the upper-right corner of the page and go to Administration > Settings > Key Types:

3

Add the following 3DES symmetric keys:

  • 3DES KTK
    • Key Algorithm - T/DES
    • Key Size - Triple
    • Key Usage - Key Transport
    • TR-31 Header - D0000K0TN00E0000
    • AKB Header - 1KDNE000
    • Excrypt Modifier - 0
  • 3DES MAK
    • Key Algorithm - T/DES
    • Key Size - Triple
    • Key Usage - Signing
    • TR-31 Header - D0000M1TN00E0000
    • AKB Header - 1KDNE000
    • Excrypt Modifier - 3
  • 3DES PEK
    • Key Algorithm - T/DES
    • Key Size - Double
    • Key Usage - PIN Encryption
    • TR-31 Header - D0000P0TN00E0000
    • AKB Header - 1PUNE000
    • Excrypt Modifier - 1
  • 3DES CVK
    • Key Algorithm - T/DES
    • Key Size - Double
    • Key Usage - PIN Verification
    • TR-31 Header - D0000V0TN00E0000
    • AKB Header - 1CDNE000
    • Excrypt Modifier - 4









Updated 27 Nov 2024
Did this page help you?
PREVIOUS
Key component loading
NEXT
Identity and access management (IAM)
Docs powered by Archbee