Cryptography programs are often utilized to encrypt/decrypt sensitive data so that it may be transferred between a sender and an intended receiver via a non-secure means. When encrypting/decrypting data in blocks, cryptography programs may utilize a key schedule algorithm (along with a cryptography algorithm) for performing such operations. For example, a cryptography algorithm, such as a block cipher, may be used to encrypt/decrypt blocks of data. An example of a block cipher that may be utilized is a product cipher. The product cipher is an encryption/decryption algorithm that executes in rounds or iterations, encrypting/decrypting a block of data during each round. To encrypt/decrypt a block of data during each round, the product cipher utilizes subkeys generated by a key schedule algorithm. For instance, the key schedule algorithm generates one or more subkeys based on a master encryption/decryption key. Further, during each round, the product cipher then utilizes a subkey provided by the key schedule algorithm to encrypt/decrypt a block of data. Because a number of cryptography programs load key schedule algorithms and/or cryptography algorithms from various outside sources, security issues may arise. In particular, key schedule algorithms are a prime vehicle for Trojan Horse insertion. For example, a user may load a key schedule algorithm as an executable program file into his or her computer from an outside source. However, attached to the key schedule algorithm may also be a malicious program (Trojan Horse) that may compromise the security of the user's computer upon execution by accessing portions (ex.—memory) of the computer containing sensitive data and using the computer's serial ports or other devices for leaking sensitive data.
Therefore, it may be desirable to have a system and method for secure and flexible cryptographic key schedule generation which addresses the above-referenced problems and limitations of the current solutions.