Master Encryption Key (MEK)

Master Encryption Key

A Master Encryption Key (MEK) is a special Symmetric Key used to protect (encrypt) the Data Encryption Keys (DEKs) contained in a Key Store. An organization can create up to 8 MEKs per environment on the IBM i. For instance, a MEK could be used to encrypt the Order Entry DEKs contained in a Key Store, and a second MEK used to encrypt the Payroll DEKs contained in another Key Store.

A MEK is generated by Powertech Encryption for IBM i using passphrases entered by designated users. Depending on the organization’s key policy, up to 8 different passphrases can be required (by different users) in order to generate a MEK.

MEKs are stored in a *VLDL (Validation List) object on the IBM i called CRVL001.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
4.0 | 202307100156 | July 2023