Cryptography – Particular algorithmic function encoding – Nbs/des algorithm
Patent
1996-03-13
1998-06-16
Cangialosi, Salvatore
Cryptography
Particular algorithmic function encoding
Nbs/des algorithm
H04L 908
Patent
active
057683816
DESCRIPTION:
BRIEF SUMMARY
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to arrangements for the automatic encryption and decryption of electronically transmitted messages, particularly in the fields of telephone, facsimile or computer data transmission for example.
2. State of the Art
In general, for the purposes of encrypting transmissions, the message is encrypted in accordance with a selected key. In transmission networks, all key generating systems aim to avoid an exponential growth in the number of encryption keys needed to serve the network, as the number of stations increases. Thus, the number of encryption keys needed is equal to N(N-1)/2, where N is the number of stations in the network. If there are 5 stations, the number of keys required (to provide a unique key for each pair of the network) is 5.times.4/2=10. However, if the number of stations grows to say 1000, the number of encryption keys required is 1000.times.999/2=499500.
Strong encryption depends upon a frequent change of the encryption key used for the transmission between each pair of stations: preferably the encryption key is changed for each transmission (or session). This then poses difficult problems for the dissemination or distribution of encryption keys in a large network of stations.
One solution to this problem is to provide a key distribution centre (KDC) situated in the network, which by some means distributes encryption keys securely on an ad hoc basis to both the sender and recipient of each transmission. Clearly these encryption keys cannot be sent openly, so the system requires a second level of encryption.
Another, and now generally favoured solution, is a system in which the problem of providing secret key distribution becomes irrelevant because recipient's keys are fixed and publicly known, so that it is only necessary for the sender to look up the recipient's public key (rather like looking up his telephone number), after which security of transmission is safeguarded by the mathematical logic and algorithms used in the message encryption and decryption processes. The outstanding contribution in this field is the system known as the RSA public key encryption system.
In the RSA system, a secure and tamper-proof memory store holds data derived form two very large, secret prime numbers, the product of which is the so-called "public key". The RSA system uses this data for generating encryption keys to allow an independently-designed cypher to transmit information securely between a pair of stations. If the value of either prime number becomes known, all future transmitted messages are breakable (decypherable). Like any other system using fixed keys, the RSA system is secured only by the physical difficulty of accessing the secret data and the complexity of running trial-and-error attempts to break the key.
SUMMARY OF THE INVENTION
In accordance with this invention, there is provided an encryption/decryption apparatus to enable encrypted communication between two stations each incorporating such an apparatus, said apparatus being arranged to create a mutual code from stored items of data, to generate a random session key and encrypt the random session key in accordance with the mutual code for transmission of the encrypted session key to a recipient station, to encrypt a main message in accordance with the random session key for transmission of the encrypted message to the recipient station, and to store a registration code for transmission to the recipient station to enable the recipient station to decode the registration code to thereby recreate said mutual code form items of data stored at the recipient station.
In use the encryption/decryption apparatus at the sender station transmits the encrypted session key and the registration code as preliminary items of data (or headers) to the main message. The encryption/decryption apparatus at the recipient station decodes the registration code to recreate the mutual code, using items of data stored at the recipient station: preferably these items of data inclu
REFERENCES:
patent: 4578531 (1986-03-01), Everhart et al.
patent: 4607137 (1986-08-01), Jansen et al.
patent: 4876716 (1989-10-01), Okamoto
patent: 5136642 (1992-08-01), Kawamura et al.
patent: 5179591 (1993-01-01), Hardy et al.
patent: 5253294 (1993-10-01), Maurer
patent: 5381481 (1995-01-01), Gammie et al.
patent: 5455862 (1995-10-01), Hoskinson
patent: 5517567 (1996-05-01), Epstein
patent: 5666415 (1997-09-01), Kaufman
IBM Technical Disclosure Bulletin, Cryptographi Key Distribution for Terminal To Terminal Communications vol. 22, No. 2 Jul. 1979.
Cangialosi Salvatore
Chantilley Corporation Limited
Gallagher Thomas A.
Gordon David P.
Jacobson David S.
LandOfFree
Apparatus for key distribution in an encryption system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Apparatus for key distribution in an encryption system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus for key distribution in an encryption system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1735583