| 主权项 |
1. A computer system, comprising:
memory configured to store information regarding predetermined conditions for performing an encryption operation; and a processor configured to analyze an inbound key and an outbound key of the encryption operation, to determine that the encryption operation includes a translation from a first class of encryption to a second class of encryption based on the analyzing the inbound key and the outbound key, and to determine whether the translation is permitted based on the predetermined conditions, wherein the first class of encryption is of an encryption algorithm type that is different than an encryption algorithm type of the second class of encryption; wherein upon determining that the second class of encryption is a weaker type of encryption as compared to the first class of encryption, and upon determining that the translation to the weaker type of encryption is permitted, the processor is configured to authorize the translation; wherein the outbound key has a lower cryptographic strength than the inbound key, wherein the class of encryption of the inbound key is one of an advanced encryption standard (AES), data encryption standard (DES) and triple data encryption standard (TDES), and the class of encryption of the outbound key is different one of the AES, TDES, and DES; wherein the processor is configured to determine a cipher block size defined by an outbound encryption class, to adjust padding of a cipher block of the cipher text based on the cipher block size defined by the outbound encryption class and based on inbound or outbound padding method information provided to the processor, and to perform the translation. |
