000013276 - How are keys generated and protected?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000013276
Applies ToRSA Data Protection Manager Server
RSA Data Protection Manager Appliance
IssueHow are keys generated and protected?
How are keys encrypted?
ResolutionAll Data Encryption Keys (DEK) that are returned to applications are generated by DPM Server.
DEKs are then encrypted and stored in the database. DEKs are encrypted using a Key Encryption Key (KEK). If an HSM is configured, that KEK is generated by the HSM (hardware master key), else a Software Master Key is used to encrypt all keys in the database.
The DEKs are encrypted using AES 256-bit encryption.
Legacy Article IDa47814

Attachments

    Outcomes