Cryptography – Particular algorithmic function encoding – Public key
Patent
1994-06-10
1996-12-24
Cangialosi, Salvatore
Cryptography
Particular algorithmic function encoding
Public key
380 21, H04L 930
Patent
active
055880606
ABSTRACT:
A first data processing device (node I) is coupled to a private network which is in turn coupled to the Internet. A second data processing device (node J) is coupled to the same, or to a different network, which is also coupled to the Internet, such that node I communicates to node J using the Internet protocol. Node I is provided with a secret value i, and a public value .varies..sup.i mod p. Node J is provided with a secret value j, and a public value .varies..sup.j mod p. Data packets (referred to as "datagrams") are encrypted using the teachings of the present invention to enhance network security. A source node I obtains a Diffie-Helman (DH) certificate for node J, (either from a local cache, from a directory service, or directly from node J), and obtains node J's public value .varies..sup.j mod p from the DH certificate. Node I then computes the value of .varies..sup.ij mod p, and derives a key K.sub.ij from the value .varies..sup.ij mod p. A transient key K.sub.p is then generated at random, and K.sub.p is used to encrypt the datagram to be sent by node I. K.sub.p is then encrypted with key K.sub.ij. Upon receipt of the encrypted datagram by the receiving node J, the node J obtains a DH certificate for node I, (either from a local cache, from a directory service, or directly from node J), and obtains the public value .varies..sup.i mod p. Node J then computes the value of .varies..sup.ij mod p and derives the key K.sub.ij. Node J utilizes the key K.sub.ij to decrypt the transient key K.sub.p, and using the decrypted transient key K.sub.p, node J decrypts the datagram packet, thereby resulting in the original data in unencrypted form.
REFERENCES:
patent: 4916704 (1990-04-01), Bruckert et al.
patent: 5001752 (1991-03-01), Fischer
patent: 5136642 (1992-08-01), Kawamura et al.
patent: 5201000 (1993-04-01), Matyas et al.
patent: 5237611 (1993-08-01), Rasmussen et al.
patent: 5341426 (1994-08-01), Barney et al.
patent: 5371794 (1994-12-01), Diffie et al.
patent: 5406628 (1995-04-01), Beller et al.
patent: 5416842 (1995-05-01), Aziz
patent: 5418854 (1995-05-01), Kaufman et al.
Diffie, et al. "New Directions in Cryptography," [IEEE Transactions On Information Theory]; vol. IT-22, No. 6, Nov. 1976; pp. 647, rt.col., ln 20 & 649, rt.col., ln 25.
Aziz, et al. "Privacy and Authentication for Wireless Local Area Networks," [IEEE Personal Communications]; First Quarter 1994, pp. 25-31.
Whitfield Diffie, "The First Ten Years of Public-Key Cryptography", (Proceedings of the IEEE, vol. 76, No. 5, May 1988).
Paul Fahn, "Answers to Frequently Asked Questions About Today's Cryptography", (RSA Laboratories, 1992).
"Part I: Message Encryption and Authentication Procedures", (Privacy Enhancement for Internet Electronic Mail, J. Linn (Network Working Group).
"Part II: Certificate-Based Key Management", (Privacy Enhancement for Internet Electronic Mail, S. Kent (Network Working Group).
"Part III: Algorithms, Modes, and Identifiers", (Privacy Enhancement for Internet Electronic Mail), D. Balenson (Network Working Group).
"Part IV: Key Certification and Related Services" (Privacy Enhancement for Internet Electronic Mail), B. Kaliski (Network Working Group).
Whitfield Diffie, Paul C. Van Oorschoot and Michael J. Wiener, "Authentication and Authenticated Key Exchanges" (Designs, Codes and Cryptography, 2-107-125 (1992), Kluwer Academic Publishers).
"The MD5 Message-Digest Algorithm"; MIT Laboratory for Computer Science and RSA Data Security, Inc. (1992), R. Rivest (Network Working Group).
RSA Data Security, Inc. Technology Bulletin.
Cangialosi Salvatore
Sun Microsystems Inc.
LandOfFree
Method and apparatus for a key-management scheme for internet pr does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for a key-management scheme for internet pr, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for a key-management scheme for internet pr will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1184313