Cryptography – Communication system using cryptography – Wireless communication
Reexamination Certificate
1997-12-16
2001-12-25
Hayes, Gail (Department: 2131)
Cryptography
Communication system using cryptography
Wireless communication
Reexamination Certificate
active
06333983
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates to a method and apparatus for performing strong encryption or decryption of data using special encryption functions of a cryptographic facility. More particularly, the invention relates to a method and apparatus for performing 56-bit DES encryption of data for financial processing or other purposes using a cryptographic facility whose data encryption and decryption functions have been degraded to conform with export limitations.
2. Description of the Related Art
SET (Secure Electronic Transaction) is a protocol developed jointly by VISA International, MasterCard, and other companies for safeguarding payment card purchases made over open networks. The SET protocol specifies the use of DES (Data Encryption Standard) encryption and decryption using an 8-byte DES encryption key for the protection of purchase information and payment card information. A key length shorter than eight bytes is not allowed.
The U.S. Government regulates the export of products providing general purpose strong encryption. The use of DES with encryption keys longer than 40 bits for data encryption/decryption is not allowed on most machines shipped outside the U.S. Such machines are configured in the manufacturing environment so that hardware-implemented DES encryption or decryption is not enabled for invocation by software. SET itself is exportable. Products which implement the SET protocol currently do so via a software implementation. This implementation is not as secure as a hardware-based implementation because cryptographic keys appear in the clear in main storage.
The problem being solved is how to meet the SET protocol standards which require the use of DES encryption/decryption with an 8-byte DES encryption key in a secure manner (i.e., without disclosing keys in the clear) on a machine which does not have 56-bit DES enabled for software use.
SUMMARY OF THE INVENTION
In order to provide hardware DES encryption and decryption for SET data on an exportable machine, both the encryption and the decryption process make use of hardware cryptographic primitive operations which do not require that strong encryption be enabled. The encryption and decryption processes are described below.
REFERENCES:
patent: 4203166 (1980-05-01), Ehrsam et al.
patent: 4218738 (1980-08-01), Matyas et al.
patent: 4227253 (1980-10-01), Ehrsam et al.
patent: 4238553 (1980-12-01), Weddigen et al.
patent: 4238859 (1980-12-01), Badon, Jr.
patent: 4747050 (1988-05-01), Brachtl et al.
patent: 4755940 (1988-07-01), Brachtl et al.
patent: 4850017 (1989-07-01), Matyas et al.
patent: 4918728 (1990-04-01), Matyas et al.
patent: 4924514 (1990-05-01), Matyas et al.
patent: 4924515 (1990-05-01), Matyas et al.
patent: 4941176 (1990-07-01), Matyas et al.
patent: 4993069 (1991-02-01), Matyas et al.
patent: 5007089 (1991-04-01), Matyas et al.
patent: 5103478 (1992-04-01), Matyas et al.
patent: 5144665 (1992-09-01), Takaragi et al.
patent: 5177791 (1993-01-01), Yeh et al.
patent: 5200999 (1993-04-01), Matyas et al.
patent: 5432849 (1995-07-01), Johnson et al.
Bruce Schneier, Applied Cryptology, John Wiley & Sons, Inc. pp. 1, 280-283, Oct. 1995.*
Menezes et. al., Applied Cryptography, CRC Press, 1997.*
OS/390 Integrated Cryptographic Service Facility—Application Programmers Guide, Ver.2, Rel. 4—SC23-3796-01.
SET Secure Electronic Transaction Specification—Book 1: Business Description—Ver. 1.0—May 31, 1997—online http://www.visa.com.
Data Encryption Standard, Federal Information Processing Standards Publication—FIPS PUB 46—Jan. 15, 1977.
Cryptography: A New Dimension In Computer Data Security—Meyer al—J. Wiley 1982, pp. 72-73, 147-153, 243-249 and 696-697.
IBM TDB vol. 36, No. 3, 3/93—“Method of Thwarting Cryptographic Instruction Manipulation . . . Delay” by D. Johnson et al, pp. 415-418.
IBM TDB vol. 36, No. 11, 11/93—“Multiple-Entry Key Look-Aside Table . . . Functions” by Butter et al, pp. 437-442.
IBM TDB vol. 34, No. 9, 2/92—“Method For Authenticating Key Data Set Records . . . Codes” by Le et al, pp. 104-108.
IBM TDB vol. 28, No. 11, 4/86—“Terminal Master (Cryptographic Key Verification” by Martin et al, pp. 4697-4700.
IBM TDB vol. 34, No. 11, 4/92—“Controlled Access To System Managed Data Keys Via A Security Token”, by Matyas et al, pp. 70-74.
IBM TDB vol. 34, No. 11, 4/92—“Control Vector-Based Method For Controlling Export . . . Keys”, by Johnson et al, pp. 85-88.
IBM TDB vol. 35, No. 2, 7/92—“Method For Providing Cryptographic Separation . . . Keys”, by Abraham et al, pp. 111-113.
IBM TDB vol. 24, No. 1B, 6/81—“Application For Personal Key Crypto With Insecure Terminals”, by Lennon et al, pp. 561-565.
IBM TDB vol. 24, No. 3, 8/81,—“Terminal Control of Encipher And Decipher Data Operations”, by Ehrsam et al, pp. 1334-1339.
IBM TDB vol. 24, No. 12, 5/82—“Personal Verification and Message Authentication . . . Keys”, by Lennon et al, pp. 6504-6509.
IBM TDB vol. 25, No. 9, 2/83—“Improved Key Generation Procedure” by Lennon et al, pp. 4932-4933.
IBM TDB vol. 28, No. 3, 8/85—“Transaction Completion Code Based On Digital Signatures” by Lubold et al, pp. 1109-1122.
Enichen Margaret C.
Smith, Sr. Ronald M.
Yeh Phil Chi-Chung
Hayes Gail
International Business Machines - Corporation
Kinnaman, Jr. William A.
Seal James
LandOfFree
Method and apparatus for performing strong encryption or... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for performing strong encryption or..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for performing strong encryption or... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2594532