Cryptography
Cryptography is used by Intel® DAL applets and firmware to exchange data securely, validate its integrity, and authenticate another party. The com.intel.crypto package provides an interface to cryptographic services.
The goals of cryptography are fourfold:
- Data Integrity – Ensure that data is created/modified by authorized parties only.
- Secrecy/Confidentiality – Restrict access to authorized parties only.
- Authentication – Verify the identity of an entity.
- Non-repudiation – Verify an action or data in such a way that denying its validity is impossible.
These goals can be achieved by using one or more of the following algorithms and a confidential key:
- Symmetric key cryptography:the same key is used for both encryption and decryption.
- Public (asymmetric) key cryptography:
- Encryption – a public key is used for encryption; a private key is used for decryption.
- Digital signing – a private key is used for signing; a public key is used for verification.
The following sections describe the cryptography algorithms that are supported by Intel DAL.