Cryptography – Particular algorithmic function encoding – Public key
Patent
1994-12-02
1997-09-16
Cangialosi, Salvatore
Cryptography
Particular algorithmic function encoding
Public key
380 21, H04L 930
Patent
active
056688776
ABSTRACT:
A method and apparatus for generating additional implicit keys from a key [K.sub.ij ].sub.N without the necessity of generating a new Diffie-Helman (DH) certificate or requiring communication between nodes to change implicit master keys is disclosed. A first data processing device (node I) is coupled to a private network which is in turn coupled to the Internet. A second data processing device (node J) is coupled to the same, or to a different network, which is also coupled to the Internet, such that node I communicates with node J using the Internet protocol. Node I is provided with a secret value i and a public value. Data packets (referred to as "datagrams") are encrypted to enhance network security. Each node maintains an internal value of N which is incremented based on time and upon the receipt of a data packet from another node. The key [K.sub.ij ].sub.N.sbsb.i is derived from the appropriate quantity of .alpha..sup.Nij by using high order key-sized bits of the respective quantity. The present invention then utilizes the key [K.sub.ij ].sub.N.sbsb.i to encrypt a transient key which is referred to as K.sub.p. Node I encrypts the IP data in K.sub.p and encrypts K.sub.p in [K.sub.ij ].sub.N.sbsb.i. Node I transmits the encrypted IP datagram packet in the encrypted key K.sub.p to the receiving node J. Node I further includes its current internal value of N.sub.i in the outgoing packet. The present invention also provides for the application of one-way functions to the shared secret to enhance security. Thus, either node I or node J may change the context such that if in the future [K.sub.ij ].sub.N.sbsb.i is compromised, or is not useable by a cracker to either decrypt prior encrypted packets. The present invention discloses methods and apparatus for achieving perfect forward security for closed user groups, and for the application of the SKIP methodology to datagram multicast protocols.
REFERENCES:
patent: 5124117 (1992-06-01), Tatebayashi et al.
patent: 5148479 (1992-09-01), Bird et al.
patent: 5241599 (1993-08-01), Bellovin et al.
patent: 5307410 (1994-08-01), Bennett
patent: 5313521 (1994-05-01), Torii et al.
patent: 5347580 (1994-09-01), Canetti et al.
patent: 5416842 (1995-05-01), Aziz
patent: 5515438 (1996-05-01), Bennett et al.
patent: 5544246 (1996-08-01), Mandelbaum et al.
patent: 5548646 (1996-08-01), Aziz et al.
patent: 5577124 (1996-11-01), Anshel et al.
Whitfield Diffie, "The First Ten Years of Public-Key Cryptography", (Proceedings of the IEEE, vol. 76, No. 5, May 1988).
Paul Fahn, "Answers to Frequently Asked Questions About Today's Cryptography", (RSA Laboratories, 1992).
"Part I: Message Encryption and Authentication Procedures", (Privacy Enhancement for Internet Electronic Mail, J. Linn (Network Working Group).
"Part II: Certificate-Based Key Management", (Privacy Enhancement for Internet Electronic Mail, S.Kent (Network Working Group).
"Part III: Algorithms, Modes, and Identifiers", (Privacy Enhancement for Internet Electronic Mail), D.Balenson (Network Working Group).
"Part IV: Key Certification and Related Services" (Privacy Enhancement for Internet Electronic Mail), B. Kaliski (Network Working Group).
"Whitfield Diffie, Paul C. Van Oorschool and Michael J. Wiener, Authentication and Authenticated Key Exchanges" (Designs, Codes and Cryptography, 2-107-125 (1992), Kluwer Academic Publishers).
"The MD5 Message-Digest Algorithm", MIT Laboratory for Computer Science and RSA Data Security, Inc. (1992), R. Rivest (Network Working Group).
RSA Data Security, Inc. Technology Bulletin.
Cangialosi Salvatore
Sun Microsystems Inc.
LandOfFree
Method and apparatus for stepping pair keys in a key-management does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for stepping pair keys in a key-management , we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for stepping pair keys in a key-management will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-224112