An apparatus designed for handling sensitive information may be made secure by encrypting this information with the aid of a cryptographic key composed of several distinct elements. Such a key is thus conventionally defined by a pair of half-keys stored separately from one another. For example, a first half-key is stored within the secure apparatus while a second half-key is recorded on a medium external to the apparatus. When this external medium is connected to the apparatus, the two half-keys are combined to form the access key for the apparatus and thus allow its use. An example of such a securing method is designated by the acronym CIK for “Crypto Ignition Key”. The acronym CIK designates in a general manner the principle of use of a cryptographic key allowing the booting of a cryptographic apparatus. With a view to simplification, a recording medium external to the secure apparatus and able to store a CIK half-key will be designated by the expression “CIK plug”. A CIK plug may be allocated to a particular user or to a group of users and thus, in addition to allowing the unlocking of the secure apparatus, make it possible to identify a user, and to identify his role (administrator, maintenance agent, operator, etc.).
Conventionally, the complete initialization of a CIK plug necessitates its connection to the apparatus, the creation of a pair of half-keys, one of which is stored solely on the apparatus and the other of which is transmitted and recorded on the CIK plug, and then a configuration phase, for example to configure the access rights in respect of the user for whom the CIK plug is intended. Hence, when several users need to use a secure apparatus, it becomes necessary to initialize several CIK plugs, for example one plug per user, sometimes with different configurations from one CIK plug to another. The initialization of a series of CIK plugs therefore requires the execution of multiple cycles of connection/configuration/disconnection which render the manipulations lengthy and repetitive, and consequently also sources of errors, more particularly when the apparatus has no ergonomic means for transmitting instructions to it, for example no man-machine interface, no screen, no keyboard and no mouse. Moreover, the apparatus may be placed in a cramped space, for example on board a vehicle or an aircraft, thus making it difficult to access the connectors of the apparatus that are designed to receive the plugs, yet further complicating the task of the operator responsible for initialization, and immobilizing the vehicle for a certain period.
A first solution for simplifying the initialization of these media consists in installing on the apparatus to be secured a graphical interface and means of interaction with a user such as, for example, a keyboard. However, the apparatuses to be secured do not always lend themselves to the setting up of a graphical interface or to the connecting of user input/output means. For example, an onboard facility for encrypted radiocommunications is not designed to accommodate such upgrades. Moreover, a keyboard may not be usable within certain contexts of employment (notably with the use of gloves or mittens). Likewise, for example, a back-lit screen cannot be employed at night when it is desired to maintain a certain discreetness of use.
A second solution for simplifying the procedure for initializing the CIK plugs is to use a generic key-setup system. However, this type of system is very complex to implement, therefore very expensive.