Apparatus and method for providing secured communications

Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C713S159000, C713S168000, C713S169000, C380S255000, C380S258000, C380S277000

Reexamination Certificate

active

06292892

ABSTRACT:

BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to the field of data security. More particularity, the present invention relates to a cryptographic semiconductor device storing encryption/decryption keys at manufacture and/or subsequent to manufacture to ensure secured communications between a system incorporating the semiconductor device and a device in remote communications with the system.
2. Art Related to the Invention
In today's society, it is becoming more and more desirable to transmit digital information from one location to another in a manner which is clear and unambiguous to a legitimate receiver, but incomprehensible to any illegitimate recipients. Accordingly, such information is typically encrypted by a software application executing some predetermined encryption algorithm and is transmitted to the legitimate receiver in encrypted form. The legitimate receiver then decrypts the transmitted information for use. This encryption/decryption transmission process is commonly used in governmental applications as well as for commercial applications where sensitive information is being transmitted.
Often, encryption/decryption of information is accomplished through symmetric key cryptography as shown in FIG.
1
. In symmetric key cryptography, an identical key
1
(e.g., a data string commonly referred to as a “symmetric key”) is used by both a legitimate sender
2
and a legitimate receiver
3
to encrypt and decrypt a message
4
(i.e., information) being transmitted between the sender
2
and receiver
3
. Such encryption and decryption may be performed through well-known conventional algorithms such as RAS, DES, etc. and transmitted in encrypted form through a public domain
5
such as a conventional network, telephone lines, etc.
Although symmetric key cryptography is computationally simple, it requires complex key management. Basically, each sender needs a different symmetric key to communicate with each legitimate receiver, thereby making it difficult, if not impossible, to be used by businesses having a large number of employees. For example, in a business of 1000 legitimate entities (e.g., employees), a maximum of 499,500 (1000×999/2) keys would need to be managed, provided that each legitimate entity is capable of communicating with any another legitimate entity within the business. In addition, symmetric key cryptography is difficult to implement in a network or global environment because there is no secure and convenient way of transmitting the symmetric key from the legitimate sender
2
to the legitimate receiver
3
.
Another method of encryption/decryption is to use two separate keys (referred to as a “key pair”) in which a first key (“a public key”)
10
of the key pair is used for encryption of a message
12
from a legitimate sender
13
while a second key (“a private key”)
11
of the key pair is used by the legitimate receiver
14
for decryption of the message
12
as shown in FIG.
2
. This method is commonly referred to as “asymmetric” (or public) key cryptography. One advantage of asymmetric key cryptography is that it alleviates the burdensome key management problem associated with symmetric key cryptography. Continuing the above example, the number of key pairs required for asymmetric key cryptography is equal to 1000, the total number of legitimate entities. However, in such communications system, it is known that an illegitimate entity (e.g., commercial spy) may attempt to impersonate a legitimate entity (e.g., employee, joint-venturer, etc.) by sending fraudulent messages to another legitimate entity for the purpose of disrupting work flow or obtaining confidential information. Thus, additional protocols are usually used in the asymmetric key system to ensure message and sender authentication.
Authentication of the sender (i.e., verifying that the sender of a public key is, in fact, the true owner of the public key) is a problem when communications are initially established between previously unknown parties. This problem is commonly avoided by incorporating a digital certificate
15
within the transmitted message
12
as shown in FIG.
3
. The digital certificate
15
is issued by a mutually trusted authority
16
(e.g., a bank, governmental entity, trade association, etc.) so that fraudulent attempts to use another's public key
10
will simply result in unreadable messages. Such mutually trusted authority
16
depends on the parties involved. For example, two individuals employed by the same business could both trust the certificates issued by a corporate security office of the business. Employees of two independent business entities, however, would require not only the certificates from the respective security offices, but also the certificates from, for example, some industry trade organization that certifies such business entities. This digital certificate
16
methodology “binds” a public key
10
to an entity (e.g., employee).
In the past few years, there have been many approaches toward protecting “key” information from being obtained by unauthorized persons. One such approach is employing mechanical security mechanisms, particular for portable computers which can be more easily appropriated. For example, certain companies have introduced a “secure” laptop using a tamper-detection mechanism to erase the key material if the laptop's casing is opened without authorization. However, there are several disadvantages associated with mechanical security devices.
A primary disadvantage associated with mechanical security mechanisms is that they may be circumvented through reverse engineering. Another disadvantage is that mechanical security mechanisms are costly to design and fabricate. Another disadvantage is that they are subject to accidental erasure of key information.
As a result, a number of companies are simply relying on software applications to utilize encryption/decryption protocols. However, as technology rapidly evolves, these encryption/decryption software applications place unnecessary limitations on transmission speeds of a communication system since the speed of encrypting or decrypting information is correlated to the execution speed of the instructions.
This approach for employing specific hardware into the customer's system to protect such keys from disclosure is also used in the rapidly growing area of “content distribution”, namely the electronic distribution of information. Some known content distribution systems include (i) selling software via modem or other electronic means and (ii) selling portion s of information distributed by compact disc (“CD”), etc. Such electronic sales often depend on the use of decryption keys to “decode” the specific data involved. For example, a customer may have free access to a CD containing many files of encrypted data, but to actually purchase a specific file, he buys the corresponding “decryption key” for that file. However, a primary problem with using specific hardware to protect the keys is that such hardware requires complete management and control by the information supplier to prevent any potential unauthorized uses.


REFERENCES:
patent: 5201000 (1993-04-01), Matyas et al.
patent: 0 624 014 (1994-11-01), None
patent: WO 90/02456 (1990-03-01), None
“The Directory—Authentication Framework”. 33 pages; Melbourne, 1998.
Lemcom Systems Inc. “ViaCrypt DigiSig plus DES”. 2 pages.
Dallas Semiconductor. “Product Data Book: 1992-1993”. 7 pages.
Proceedings: “4th Annual Symposium on Cryptographic Security for Data Processing and Data Communications”. Nov. 11-15, 1991. 24 pages.
European Committee for Standardization. “European Standard. Inter-sector Electronic Purse Part 1: Concepts and Structures”, 16 pages, 1992.
Blum, L., Blum, M. and Shub, M. A Simple Unpredictable Pseudo-Random Number Generator. Siam J. Comput., vol. 15, No. 2, 20 pages, May 1986.
SGS-Thomson Microelectronics. “CMOS Crypto-Computer Family”. Apr. 1993. 30 pages.
Motorolla. “HC11: M68HC11 Reference Manual”. Revision 3, 1991.
Motorolla. “Microprocessor, Micr

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Apparatus and method for providing secured communications does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Apparatus and method for providing secured communications, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus and method for providing secured communications will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-2487695

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.