This section identifies the alternative algorithms and modes that shall be used when symmetric key management is employed, to encrypt data encryption keys (DEKs) and message integrity check (MIC) values. Character string identifiers are assigned for incorporation in encapsulated "Key-Info:" header fields to indicate the choice of algorithm employed.
All alternatives presently defined in this category correspond to different usage modes of the DES algorithm, rather than to other algorithms.
When symmetric key management is employed, the symmetrically encrypted DEK and MIC, carried in the third and fourth arguments of a "Key-Info:" header field, respectively, are each represented as a string of contiguous ASCII hexadecimal digits. The manner in which to use the following symmetric encryption algorithms and the length of the symmetrically encrypted DEK and MIC may vary depending on the length of the underlying DEK and MIC. Section 1, Message Encryption Algorithms, and Section 2, Message Integrity Check Algorithms, provide information on the proper manner in which a DEK and MIC, respectively, are symmetrically encrypted when the size of the DEK or MIC is not equal to the symmetric encryption algorithm's input block size. These sections also provide information on the proper format and length of the symmetrically encrypted DEK and MIC, respectively.