Cryptographic protocol for secure communications

Cryptography – Particular algorithmic function encoding – Nbs/des algorithm

Patent

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

380 30, 380 44, 380 28, H04L 900

Patent

active

052415996

ABSTRACT:
A cryptographic communication system. The system, which employs a novel combination of public and private key cryptography, allows two parties, who share only a relatively insecure password, to bootstrap a computationally secure cryptographic system over an insecure network. The system is secure against active and passive attacks, and has the property that the password is protected against offline "dictionary" attacks. If Alice and Bob are two parties who share the password P one embodiment of the system involves the following steps: (1) Alice generates a random public key E, encrypts it with P and sends P(E) to Bob; (2) Bob decrypts to get E, encrypts a random secret key R with E and sends E(R) to Alice; (3) Alice decrypts to get R, generates a random challenge C.sub.A and sends R(C.sub.A) to Bob; (4) Bob decrypts to get C.sub.A, generates a random challenge C.sub.B and sends R(C.sub.A, C.sub.B) to Alice; (5) Alice decrypts to get (C.sub.A, C.sub.B), compares the first against the challenge and sends R(C.sub.B) to Bob if they are equal; (6) Bob decrypts and compares with the earlier challenge; and (7) Alice and Bob can use R as a shared secret key to protect the session.

REFERENCES:
patent: 4193131 (1980-03-01), Lennon et al.
J. J. Tardo and K. Alagappan, "SPX: Global Authentication Using Public Key Certificates," Proc. 1991 IEEE Computer Society Symposium, Research in Security and Privacy, pp. 232-244 (May 1991).
R. M. Needham and M. D. Schroeder, "Using Encryption for Authentication in Large Networks of Computers," Communications of the ACM, vol. 21, No. 12, 993-999 (Dec. 1978).
J. Steiner, C. Neumann, and J. I. Schiller, "Kerberos: An Authentication Service for Open Network Sytems," Proceedings USENIX Winter Conference, Dallas, Texas, pp. 191-202 (Feb. 1988).
W. Diffie and M. E. Hellman, "New Directions in Cryptography," I.E.E.E. Transactions on Information Theory, vol. IT-22, No. 6, pp. 644-654 (1976).
W. Diffie and M. E. Hellman, "Privacy and Authentication: An Introduction to Cryptography," Proceedings of the I.E.E.E., vol. 67, No. 3, pp. 397-427 (Mar. 1979).
S. M. Bellovin and M. Merritt, "Limitations of the Kerberos Authentication System," Proceedings USENIX Winter Conference, Dallas, Texas (1991).
T. M. A. Lomas, L. Gong, J. H. Saltzer and R. M. Needham, "Reducing Risks from Poorly Chosen Keys," Proceedings of the Twelfth ACM Symposium on Operating Systems Principles, SIGOPS, pp. 14-18 (Dec. 1989).
L. Gong, "Verifiable-Text Attacks in Cryptographic Protocols," Proceedings of the I.E.E.E. INFOCOM-The Conference on Computer Communications, San Francisco, California (Jun. 1990).

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Cryptographic protocol for secure communications does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Cryptographic protocol for secure communications, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Cryptographic protocol for secure communications will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-2303897

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.