Cryptography – Particular algorithmic function encoding – Nbs/des algorithm
Patent
1991-12-12
1993-06-01
Swann, Tod
Cryptography
Particular algorithmic function encoding
Nbs/des algorithm
380 23, 380 25, H04L 902
Patent
active
052167151
DESCRIPTION:
BRIEF SUMMARY
BACKGROUND OF THE INVENTION
The invention relates to an arrangement and a method for key transmission in a public communication system having a plurality of subscriber stations.
In communication networks with an integrated services network such as ISDN represents for example, voice, text, data and images are transmitted over a line on a digital basis All services of a subscriber can be reached by the same call number on the same main subscriber line. This enables a flexible and versatile exchange of data between the various subscribers; however it is just this versatility of the various services offered which awakens the desire to exchange, besides public ones, also encrypted messages and data. In this case it is to be made more difficult for a third party to gain knowledge of the messages and data.
Various encryption methods are known for encrypting the data, for example symmetrical encryption methods or encryption methods with so-called public keys. In addition, in particular the three-pass protocol (U.S. Pat. No. 4,567,600, U.S. Pat. No. 4,587,627) and, for example, the method with a codeword (German Patent Specification 3,123,168) are of significance as encryption methods.
The encryption methods used here must be such that the various services of the network, such as, for example, conference connections, abbreviated numbers and connection establishment abbreviated for example by means of name keys by storage of the connections frequently dialled, are fully retained.
In order to ensure the authenticity of the subscribers, that is to say to verify that the transmission did in fact take place to the desired subscriber, it is customary to provide in the network a key distribution station on the basis of the public key systems, in which the keys for transmission are generated and distributed. In addition, all the call numbers and the associated public keys of all subscribers must be maintained there.
Key distribution stations of this type represent the main point of attack and the security weak point of the entire network. It is therefore necessary to protect them comprehensively.
In communication networks for a plurality of communication services, the desire also exists to be able to employ protection methods with different security levels appropriate to the services used. Thus, a system which is particularly easy to use and does not hinder the communication should be used for the telephone service. For the other services, such as text and data, an automatically executed protection method would be advantageous.
SUMMARY OF THE INVENTION
The object of the invention is to provide an arrangement and a method of the type mentioned at the beginning with which it is possible, without a comparatively large outlay and without any loss of security, to ensure, besides the confidentiality, also the authenticity of the subscribers.
This object is achieved in an arrangement and a method a public communication system having a plurality of subscriber stations, in which a key is agreed to between a transmitting station and a receiving station for the encrypted transmission of messages, and in which a cryptographic device is provided in each of the transmitting station and the receiving station, to which device a station key is assigned. The arrangement of the present invention has the following: the communication system has an arrangement for authentification of the subscriber stations for the key transmission,; depending on the desired security level of the key transmission and/or the operating mode of the subscriber stations, the arrangement for authentification has, on a first level preferably for voice communications, a device for monitoring the time frame of the key transmission and/or an arrangement for the indication of the agreed key in reduced form (HASH function) at the subscriber end, on a second level for automatic traffic handling, a key management station with integrated cryptographic device which, before the actual key transmission, receives an identification message block encrypted with a first key from
REFERENCES:
patent: 4438824 (1984-03-01), Mueller-Schloer
patent: 4500750 (1985-02-01), Elander et al.
patent: 4567600 (1986-01-01), Massey et al.
patent: 4578530 (1986-03-01), Zeidler
patent: 4587627 (1986-05-01), Omura et al.
patent: 4980913 (1990-12-01), Skret
patent: 5018196 (1991-05-01), Takaragi et al.
patent: 5081678 (1992-01-01), Kaufman et al.
Siemens Aktiengesellschaft
Swann Tod
LandOfFree
Key distribution in public communication networks taking account does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Key distribution in public communication networks taking account, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Key distribution in public communication networks taking account will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1821194