Data-translation keys are single-length (64-bit) keys that protect data that is transmitted through intermediate systems when the originator and receiver do not share a common key. Data that is enciphered under one data-translation key is reenciphered under another data-translation key on the intermediate node. During this process, the data never appears in the clear.

A data-translation key cannot be used in the decipher callable service to decipher data directly. It can translate the data from encipherment under one data-translation key to encipherment under another data-translation key. See Protection of Data for a description of how data-translation keys protect data that is sent through intermediate systems.

Restriction: Data-translation keys are not supported on the PCIXCC, CEX2C, or CEX3C.