Skip to Main Content
A control vector is a data structure that specifies the nature and role of an associated cryptographic key. The control vector is checked by software and cryptographic hardware in order to limit the range of permissible operations to be undertaken with ciphertext produced with the key. The linking of the control vector and cryptographic key is such that attempts to modify, or substitute, control vectors will cause the subsequent processing to operate with a corrupted key, and hence ensure protection of data encrypted with the genuine key. A potential attack on the control vector approach is described in which the complement of the control vector is substituted. The manner in which such attacks are thwarted by the IBM implementation of control vectors is also described.
Note: The Institute of Electrical and Electronics Engineers, Incorporated is distributing this Article with permission of the International Business Machines Corporation (IBM) who is the exclusive owner. The recipient of this Article may not assign, sublicense, lease, rent or otherwise transfer, reproduce, prepare derivative works, publicly display or perform, or distribute the Article.