A key block is a unique cryptographic structure designed to protect cryptographic keys during transport over potentially insecure networks. A team around Mohammed M Atalla invented the concept of the key block with his Atalla key block. This solved several issues created by “key variants” that were then used for transporting keys.
Shortly after its invention, the key block was normalized in ISO and ANSI standards, among others. Several formats appeared during the time, based on the same original logic. Most of these formats respect the TR-31 technical report, which defines how a key block “should” minimally behave. TR-31 defines the general principle of a keyblock and is generally regarded as ‘the reference’ for keyblocks. TR-31 is an interoperable format which was defined by the American National Standards Institute (ANSI). It supports the secure interchange of cryptographic keys through key attributes included in the exchanged data. The TR-31 format enables the secure interchange of symmetric keys.
The ANSI X9.24 (1&2) norm also provides a background on how key transportation should be done in insecure environments.
Some key block formats, such as the Thales key block, respect the TR-31 norm but are totally proprietary. They will generally only work on Thales hardware. Others, such as the TR-34 key block format, expand the original idea of the key block but refine it, adding much more components and security.
Here is a list of the most common key block formats.
TR-31 Key Block Compatible
Atalla Key Block
This is by far the most ancient and the ‘father’ of all the other key blocks. The Atalla key block format contains:
- 8-byte header containing the attributes of the key (header)
- 48-byte key field containing the Triple-DES cipher block chaining (CBC) mode ciphertext of the key (encrypted key field)
- 16-byte field containing the Triple-DES message authentication code (MAC) computed over the header and the encrypted key field
They are proprietary key blocks that are used with Thales HSMs and contain four distinct blocks:
- Header (16 bytes)
- Optional header
- Encrypted key data
IBM (CCA) Key Block Format
IBM created this key block format for use with its Common Cryptographic Architecture.
This key format contains 3 to 5 blocks:
- Key encrypted with the CCA master key or the CCA KEK / transport key
- Control vector (public)
- Token validation value used to ensure the integrity of the whole key token
And, optionally and conditionally:
- Master key verification pattern
- RSA modulus and exponent
TR-31 Key Block Partially Compatible
TR-34 Key Block
This is a very sophisticated format, using the TR-31 design but adding more components. The TR-34 implementation is used mainly in retail banking. For instance, numerous POS terminals and ATMs use this method for remote key loading. It is also part of the PCI security norm.
It contains the following 11 blocks:
- Freshness token
- Optional header
- Encrypted KEK
- Key version (ciphered)
- Key ID (ciphered)
- Key (to be transported and encrypted)
- Header (again, ciphered)
- Optional header (again, ciphered)
Other Non-TR-31 Key Blocks
PKCS-8 Ciphered Private Key
This is a key block format that is totally outside the TR-31 design and belongs to the PKCS norm.
The PKCS-8 Ciphered Private Key’s blocks include the following:
- Key encryption algorithm
- Version (ciphered)
- Private key algorithm (ciphered)
- Private key (ciphered)
- Optional attributes (ciphered)
References and Further Reading
- ASC X9 TR 31-2018 - Interoperable Secure Key Exchange Key Block Specification (2018), by the American National Standards Institute (ANSI)