Cryptography – Key management – Key distribution
Reexamination Certificate
1998-12-16
2002-09-03
Barron, Gilberto (Department: 2132)
Cryptography
Key management
Key distribution
C380S044000, C380S045000, C380S268000, C380S277000, C380S262000, C380S278000
Reexamination Certificate
active
06445797
ABSTRACT:
BACKGROUND OF THE INVENTION
The present invention relates generally to methods and systems for performing secure electronic digital streaming, and more particularly, to a method and system for performing secure electronic digital streaming between two public entities for any binary bit based communication, e.g. any electronic communication that consists of binary bits represented as either a zero (0) or a one (1).
Securing a digital stream transfer between two public entities can be done in a variety of ways. But no matter the manner chosen, the goal is to positively transfer the stream contents through the public sector without the original configuration of the binary bits being discovered and used or read by anyone other than the intended recipient. This need for positive and secure digital streaming increases significantly along with the value of the information being passed. Various systems have been developed to perform secure streaming and the public record is well documented with both success and failure. The major component of almost every system developed is an encryption key that is used to translate information from a source bit to a cipher bit and back to the source bit.
A digital stream content key is just like a physical one—it is used to unlock, in this case secure data. All modern secure systems use keys of one type or another. The only difference between a streaming key and a physical one is that besides losing it or having it stolen, it can also be derived (“broken”) or discovered. The major weakness with public transfer of information is key discovery. Not the physical issues with loss or theft, which are faults that cannot be removed from any key-based system, but deriving and using a key without authorization.
The current electronic age has ushered in a dramatic increase in the need for secure digital streaming, and methodologies have been developed to attempt to meet the demand. Existing secure digital streaming systems include private and public key encryption systems. The private key types of systems rely on creating multiple round permutations (substitutions, shifts, XORS, etc.) of the binary bits in a key-based fashion that without mathematical proof supposedly yields security. The public key types of systems are those using sufficiently large keys for “back-door” functions that rely on the time differential between deciphering the code by attempting the “hard” portion of the problem and deciphering the code with the known private key. The majority of digital streaming systems includes the secret or private key systems.
A private key system is one in which only those who intend to share information will all posses the same key. The private key systems are ideal for bit encryption because the application of digital streaming technologies is generally used by devices (either hardware or firmware) or software systems that share the electronic language between themselves.
The limited set of possible values (either 0 or 1) for the source and cipher bits have resulted in most bit encryption technologies using a series of key based permutations (substitutions, shifts, XORs, etc.) that supposedly lead to reliance on the knowledge of the key to decrypt a communication. Almost all of these systems cannot mathematically prove that the permutation series does not have any short cuts, and some result in large blocks of what are called “weak keys”—keys that when used, result in ciphertext that can be quickly broken.
A major problem with these private key systems is that the number of permutations that must be performed makes the systems inherently slow. For every additional machine operation that must be performed, not only are there possible attack points for deciphering the key or the plaintext, but the performance suffers. These two different, opposing objectives of most streaming encryption algorithms leads to a compromise between the obscuring of a two state bit and permuting it the least possible number of times.
The public key systems are based on a concept called Public Key Encryption (PKE). These systems were developed to solve the supposed faults of the private key methods. PKE introduced a concept in which there are dual keys—one public and one private. The public key is freely distributed to anyone who wishes to transfer information to the entity holding the single private key. This dual key approach therefore solves the fault by not having to distribute a private key. The entire basis for PKE methods are the mathematically large disparity between decrypting the public key created cipher text with the PKE private key, which is very rapid and simple to do (polynomial time computation), and working through the possibilities without the key, which theoretically takes a very long time (factoring, requiring exponential time computation).
The systems are theoretically secure because the combination of the public key and the source information generate this theoretically long time to factor the possibilities without the PKE private key. The reason this is theoretical is that it is possible to develop a unique set of mathematical equations or even a single algorithm for either mimicking or rapidly factoring an integer in polynomial time, although no solution has been published to date. Alternatively, faster computers are always shortening the problem. Proposals have even been made to develop “quantum computers” that would perform these computations in a fraction of the expected time. Consequently, the controversial issue with these methods is that if the math were to be developed, or the shortcut found, then the security of these PKE systems completely and instantly evaporates.
In relation to securing bit-based message contents, the current systems have three major flaws, whether public or private key:
1. The mathematics of the systems cannot be demonstrably proven to be secure; e.g., message decryption is not solely dependent on “brute force” attempts of every possible key combination;
2. The derivation of a single message key reveals the private key for all messages sent using that key, e.g., once the key is discovered, and the discovery kept secret, all the multiple messages sent with that key can be broken and read;
3. As the number of machine operations per bit increases, the performance and use of the system in any intended public arena either adds cost or inconvenience or both, all the while not necessarily adding any proven increase in security;
Additionally, the private key systems:
Do not provide for any means to securely send new keys as part of the system's capability, e.g., secret key systems must rely on a different message channel to securely distribute the keys, and the current secret key systems must continually rely on the availability and security of this channel to exchange new keys.
Also, the public key systems:
Do not account for the single most important factor in secure streaming—authentication, of both the message's sender and the content condition (touched/untouched); e.g., the major benefit of using PKE is to not have any concern for the public distribution of the keys. Yet because the system cannot in and of itself perform any authentication (all send using the same public key), secure streaming using these systems then requires the additional use of another external system to perform the authentication which completely negates the use of PKE for secure streaming.
The present invention is therefore directed to the problem of developing a system for performing secure digital bit streaming that is not reliant on complicated mathematics or permutations that can negate key attempts, separates key discovery from message discovery making even key attempts valueless, provides a bit translation as opposed to a permutation that occurs in a single operation for encryption and one for decryption, provides for the ability to send new key messages that are mathematically indistinguishable as new key messages and indecipherable without the original key even if recognized, provides for embedded authentication and non-repudiation by virtu
Barron Gilberto
Fortkort, Esq. Michael P.
Mayer Fortkort & Williams PC
Secure Choice LLC
Zand Kambiz
LandOfFree
Method and system for performing secure electronic digital... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for performing secure electronic digital..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for performing secure electronic digital... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2826693