Cryptography – Key management
Reexamination Certificate
1999-08-11
2003-12-02
Peeso, Thomas R. (Department: 2132)
Cryptography
Key management
C380S278000, C713S156000, C713S168000, C713S169000
Reexamination Certificate
active
06658114
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to cryptographic communication, and in particular to a key management method to prevent illegal eavesdropping in a network system, wherein keys of the network system are divided into several family subkeys and several communication subkeys which are respectively preserved in plural trusted-key centers and are not available to any single trusted-key center, and in which communication keys are valid only during an authorized time period.
2. Description of the Related Art
FIG. 1
(Prior Art) is a diagram illustrating a current cryptographic network system. In
FIG. 1
, a trusted-key center CA is provided in the network system to preserve all session keys and to ensure data security, such as preventing passive eavesdropping and active tampering. When a user P
i
and another user P
j
want to communicate with each other on a telephone system or a communication system, the sender, e.g., the user P
i
, first passes a to-be-transferred message m to a cipher device
10
. The cipher device
10
then encrypts the input message m using a corresponding session key K
ij
and outputs the encrypted message E
kij
(m) to a decipher device
20
at the receiving terminal thereof. Thereafter, the decipher device
20
decrypts the encrypted message E
kij
(m) using the same session key K
ij
and then outputs the recovered message m to the receiver, e.g., the user P
j
.
In the cryptographic network system, once an eavesdropper P
k
is authorized to eavesdrop the communication between the user P
i
and the user P
j
, the trusted-key center CA will pass the corresponding session key K
ij
to the eavesdropper P
k
. However, the session key K
ij
preserved in the trusted-key center CA is not refreshed frequently, so the eavesdropper P
k
can still use the previously obtained session key K
ij
to eavesdrop the communication between the user P
i
and the user P
j
, even after the authority has expired.
Furthermore, due to a possible security compromise of the trusted-key center CA, a potential security risk is realized when all the session keys of a network system are stored in a single trusted-key center.
SUMMARY OF THE INVENTION
Therefore, it is an object of the present invention to provide a key management method for a network system, wherein keys of the network system are divided into several family subkeys and communication subkeys which are respectively preserved in plural trusted-key centers and are not available to any single trusted-key center, in order to prevent compromise of secure communications in the network system.
It is another object of the present invention to provide a key management method for a network system, wherein communication keys are not valid except during an authorized time period to prevent illegal eavesdropping.
It is another object of the present invention to provide a key management method for a network system, wherein each of the trusted-key centers generates a time-related and irreversible hash value which is used to calculate communication keys of the network system, so that the communication subkeys preserved in each of the trusted-key centers can be refreshed at a lower frequency.
It is another object of the present invention to provide a key management method for a network system, wherein each of the trusted-key centers only preserve subkeys of an order of t
2
, where t is the number of all network users. Because it is very fast to compute a one-way hash function, the computation loading for each of the trusted-key centers is very low.
To achieve the above and other objects, the present invention provides a key management method to prevent illegal eavesdropping in a network system. This method includes the following steps. First, keys of the network system are divided into several family subkeys and several communication subkeys. Then, a few trusted-key centers are provided for respectively preserving a part of the family subkeys and one of the communication subkeys, and generating a one-way hash value involving the preserved communication subkey and an open information. Thereafter, each of the trusted-key centers passes the hash value to an eavesdropper according to an authority certificate. Each of the trusted-key centers interchanges the preserved family subkeys according to the authority certificate to obtain a session key which is passed to the eavesdropper. Then, the eavesdropper combines all the hash values from the trusted-key centers to obtain a corresponding communication key, which is accompanied by the session key, in order to eavesdrop an authorized communication.
In this key management method, the open information may be a current time. The hash value may be obtained by calculating a one-way hash function of a sum of the preserved communication subkey and the current time. The communication key may be combined by adding all the hash values from the trusted-key centers.
REFERENCES:
patent: 5757920 (1998-05-01), Misra et al.
patent: 5812784 (1998-09-01), Watson et al.
Chao Cheng-Tsung
Farn Kwo-Jean
Hsu Chi-Kuo
Song Chen-Hwa
Birch & Stewart Kolasch & Birch, LLP
Industrial Technology Research Institute
Peeso Thomas R.
LandOfFree
Key management method does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Key management method, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Key management method will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3112678