I am going through the Thales HSM manuals, and frankly the key acronyms are driving me crazy. I would like to understand the differences between the following keys, and how they relate to one another:
- LMK
- TMK/TPK/TAK/TEK
- ZMK/ZPK/ZAK/ZEK
- DEK
- KEK
I know that in terms of "hierarchy" (if that's the right term to use), LMK > TMK/ZMK > TPK/ZPK...and that's it. Specifically, I would also like to know:
Which key should I use if I'm looking for general purpose encryption/decryption? How about key wrapping?
Can zone keys and terminal keys be used interchangeably (e.g TPK and ZPK)?