Cryptography – Communication system using cryptography – Symmetric key cryptography
Reexamination Certificate
1999-10-19
2004-02-24
Peeso, Thomas R. (Department: 2132)
Cryptography
Communication system using cryptography
Symmetric key cryptography
C380S274000, C380S278000, C380S283000
Reexamination Certificate
active
06697490
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention generally relates to cryptographic algorithms and in particular to an algorithm and apparatus that perform an automatic resynchronization of a certain type of cryptographic information known as cryptographic synchronization.
2. Description of the Related Art
The security of information conveyed over communication systems is a main source of concern for those who provide communication services to subscribers, viz., system operators. With the growing use of communication systems such as the Internet and wireless communication systems (e.g., cellular communication), information security has become an important consideration for system operators. Also, entities (e.g., individuals, corporations) who subscribe to widely used communication systems are also concerned about the security of their information. Often, the information conveyed over a widely used public communication system such as the Internet is sensitive information that is to be disclosed to only an intended parties.
One of the more effective techniques used by communication system operators is to encrypt information before such information is conveyed over a system. The intended receiver of the information is provided with the proper decryption equipment. The science and technology of keeping information secret from unauthorized parties by using a code or cipher is known as Cryptography,
Cryptography's Role In Securing The Information Society
, Kenneth W. Dam and Herbert S. Lin, Editors, National Academy Press 1996. In a basic form of Cryptography, the information is first encrypted and then transmitted over a communication system. Associated with the encryption applied to the information is a secret procedure or “key” that allows one to decrypt the encrypted information. In some cryptographic schemes, the key is known only to the authorized recipient of the information and the system operator. In other schemes, the key is public knowledge.
Referring to
FIG. 1
, there is shown a typical cryptographic scheme in which the “key” is public knowledge. A transmitter transmits information (i.e., plain text provided by module
106
) over lossy medium
108
to a receiver. Plain text is any type of unencrypted information (e.g., digital data, digitized voice or video) that is conveyed over lossy medium
108
. Prior to being transmitted over lossy medium
108
, the plain text is encrypted into cipher text by module
108
. The lossy medium is any actual medium (e.g., twisted pair wires, coaxial cable, air, fiber optic cable) through which communication signals are conveyed (i.e., transmitted and received) and experience adverse conditions possibly resulting in corrupted or loss of information.
The length of time elapsed during the initiation, conveyance and termination of communications between at least two subscribers of a communication system is called a session. At the beginning of the session, the cryptographic scheme depicted in
FIG. 1
designates a key for the session, viz., the session key. At the transmitter, module
102
provides a session key for each session. Module
104
contains cryptographic synchronization (hereinafter “crypto-sync”) information which is used by encryption module
100
to encrypt the plain text provided by module
106
.
The crypto-sync information enhances the ciphering of the plain text by providing variability to the ciphering process. For example, identical messages transmitted at different times and encrypted with different crypto-sync will have different cipher text. The cipher text is received and then decrypted back into plain text. The decryption is performed by module
110
which uses the session key from module
112
and crypto-sync information from module
114
to derive the plain text. The crypto-sync not only adds variability to the ciphered text but also enables the receiver decryption module to be synchronized with the transmitter encryption module. In other words, the particular encryption procedure applied to plain text has an associated decryption procedure which is applied to the cipher text. When the proper decryption is applied to the cipher text, the result is the plain text. Otherwise, the cipher text will not be decrypted properly.
At the beginning of a session crypto-sync modules
104
and
114
at the transmitter and receiver respectively are set to an initial value. Thus, the transmitter and receiver are synchronized. At the transmitter, the crypto-sync value is then incremented (by one) for each plain text message transmitted. Correspondingly, at the receiver, the crypto-sync value is incremented for each cipher text message received thus maintaining synchronization with the transmitter. The crypto-sync modules (
104
,
114
) are therefore, usually implemented as counters whose initial values are set at the beginning of a session. To conserve communication bandwidth, (communication bandwidth represent the limits on the amount of information that can be conveyed in a communication system) only a portion of the contents of this counter is actually transmitted from the transmitter to the receiver with every message, while the remaining portion of the contents of the counter is independently maintained by both transmitter and receiver. When the portion that is transmitted exceeds its maximum value, the remaining portion is incremented by both sides. Therefore, to ensure proper decryption the receiver has to maintain an integrity of the remaining portion even when some messages are lost during transmission and are not received.
Although not shown in
FIG. 1
, a Cyclic Redundancy Code (CRC) is appended to the plain text and the combined information (i.e., plain text and CRC) is encrypted using the crypto-sync value and the session key value. The CRC is a well known coding technique that is used to determine the occurrence of errors in information exposed to lossy media. The encryption and decryption performed are usually proprietary cryptographic procedures (i.e., cipher and decipher) known only to certain entities such as standards bodies and communication equipment manufacturers. At the receiver, module
110
deciphers the combined information resulting in plain text and the CRC. The session keys at modules
102
and
112
of the transmitter and receiver respectively are known and are the same. The crypto-sync value should be the same at the receiver as the crypto-sync value used at the transmitter; otherwise the transmitter is not synchronized to the receiver. To determine whether synchronization is maintained at the receiver, a CRC check is performed on the plain text. If the occurrence of errors has not been detected, the plain text is accepted and is then transferred to various processing equipment represented by module
122
for any necessary further processing. If the occurrence of errors has been detected, it is an indication that the receiver and transmitter are no longer synchronized to each other; that is, the crypto-sync values at the transmitter and the receiver are not equal to each other. Consequently, a cryptographic resynchronization procedure is initiated by module
120
. Typically, the resynchronization procedure involves exchange of messages between the transmitter and the receiver and the termination of the session currently in progress to allow for the crypto-sync counters at both the transmitter and receiver to be reset to a designated initial value. A new session can then be started. Also, the integrity of the received cipher text is validated with the use of well known techniques (such as error detection schemes).
A disadvantage in using the CRC to check for errors is that the length of the CRC is relatively lengthy thus reducing the amount of information that can be transmitted in one session; the use of the CRC represents an inefficient use of communication bandwidth. Another disadvantage in using the CRC of the plain text is that it has to be calculated for every message, as the plain text contained in it will be different every time. A further disadvantage in using
Mizikovsky Semyon B.
Soler Milton A
LandOfFree
Automatic resynchronization of crypto-sync information does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Automatic resynchronization of crypto-sync information, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Automatic resynchronization of crypto-sync information will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3284058