Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1999-11-04
2003-10-21
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S152000, C713S152000
Reexamination Certificate
active
06636968
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates to the field of communications systems, and in particular to the encryption of information for distribution to multiple recipients
2. Description of Related Art
Cryptographic systems are commonly used to encrypt sensitive or confidential information, and increasingly, to encrypt copy-protected material, such as copyright audio and video material. Generally, the content information is encrypted by a source device and communicated over a communications path to a destination device, where it is decrypted to recreate the original content material. The source device encrypts the material using an encryption key, and the destination device decrypts the material using a decryption key. A symmetric cryptographic system uses the same key to encrypt and decrypt the material; an asymmetric cryptographic system uses one of a pair of keys for encryption, and the other of the pair for decryption. Most cryptographic systems are based on the premise that the expected computation time, effort, and costs required to decrypt the message without a knowledge of the decryption key far exceeds the expected value that can be derived from such a decryption.
Often, a key-exchange method is employed to provide a set of encryption and decryption keys between a source and destination device. One such key-exchange system is the “Diffie-Hellman” key-exchange algorithm, common in the art.
FIG. 1
illustrates an example flow diagram for a key-exchange and subsequent encryption of content material using the Diffie-Hellman scheme. At
110
, a source device, device S, transmits a large prime n, and a number g that is primitive mod n, as a message
111
to a destination device, device D, that receives n and g, at
115
. Each device, at
120
and
125
, generates a large random number, x and y, respectively. At
130
, device S computes a number X that is equal to g
x
mod n; and, at
135
, device D computes a number Y that is equal to g
y
mod n. Device S communicates X to device D, and device D communicates Y to device S, via messages
131
,
136
, respectively. The numbers X and Y are termed public keys and the numbers x and y are termed private keys. Note that the determination of x from a knowledge of g and X, and y from a knowledge of g and Y, is computationally infeasible, and thus, an eavesdropper to the exchange of g, n, and the public keys X and Y will not be able to determine the private keys x or y.
Upon receipt of the public key Y, the source device S computes a key K that is equal to Y
x
mod n, at
140
, and the destination device D computes a key K′ that is equal to X
y
mod n, at
145
. Note that both K and K′ are equal to g
xy
mod n, and thus both the source S and destination D devices have the same key K, while an eavesdropper to the exchange of g, n, X, and Y will not know the key K, because the eavesdropper does not know x or y.
After effecting the key-exchange, the source device S encrypts the content material M
150
and communicates the encrypted material E
k
(M) to destination device D, at
160
, via communications path
161
. Because device D's key K′ is identical to the key K that is used to encrypt the content material M
150
, device D uses key K′ to decrypt the received encrypted material E
k
(M) to create a decrypted copy
150
′ of the content material M
150
, at
165
. This encryption method is referred to as symmetric because both devices use the same key K, K′ to encrypt and decrypt the content material M
150
. An eavesdropper to the communications path
161
, not having knowledge of the key K, is unable to decrypt the encrypted material E
k
(M), and thus unable to create a copy of the content material M
150
. Note that the source device S need not communicate its public key X to the destination device D until the key X is needed by the destination device D to create the decryption key K, and therefore the public key X is often included as an attached item to the content material. In this manner, a destination device need not maintain a record of each of the source devices with which it has exchanged keys. The destination device D creates the decryption key by raising the attached public key X′ to the power of its private key y, and applies it to the received encrypted material. X′ represents a public key of an arbitrary source device. Provided that the material was encrypted using the destination device's public key Y and the source device's private key x′ corresponding to the attached public key X′, the determined decryption key, (X′)
y
mod n at the destination device D will appropriately decrypt the material. The source device S can continue to encrypt other content material using the key K for communication to the destination device D, as required, without repeating the above key-exchange.
For device S to communicate encrypted information to another device, a similar key-exchange process is performed with the other device. Device S transmits its public key X, and receives a public key Z that is equal to g
z
mod n, where z is the private key of the other device. The new encryption/decryption key K is then computed by device S and the other device as g
xz
mod n, and this key is used to encrypt information from device S to the other device, and vice versa.
The source device S may keep a record of the appropriate key to use for communicating to each destination device, so that a key-exchange need not be repeated for each communication. It is also common practice to re-establish a new key between the source device and destination device at regular time intervals, to improve the security of the system. If the same content material is to be communicated from source device S to two destination devices, device S encrypts the content material using the key associated with the first destination device, then encrypts the content material using the key associated with the second destination device. If the content material is intended for three destination devices, three unique copies are required, and so on. This requirement of multiple copies for multiple destinations incurs a substantial overhead in terms of processing time and memory resources to encrypt the material, and additional communication time or bandwidth to communicate the information to each destination device.
BRIEF SUMMARY OF THE INVENTION
It is an object of this invention to provide a common encryption of content material that can be decrypted by multiple devices, each device having a unique private key. It is a further object of this invention to provide a multiple device key-exchange that facilitates a common encryption of content material for decryption by each device. It is a further object of this invention to provide a multiple device key-exchange that facilitates a common encryption of content material for selective decryption by one or more of the devices. It is a further object of this invention to minimize the computation requirements at a destination node for a multiple device key exchange.
These objects and others are achieved by creating a session key for encrypting content material that is based on each of the public keys of a plurality of destination devices. A partial key is also created corresponding to each of the destination devices that relies upon a private key associated with each destination device to form a decryption key that is suitable for decrypting content material that is encrypted by the session key. The encrypted content material and the corresponding partial key are communicated to each destination device. Each destination device decrypts the encrypted content material using the decryption key that is formed from its private key and the received partial key. Including or excluding the public key of selected destination devices in the creation of the session key effects selective encryption.
REFERENCES:
patent: 5218638 (1993-06-01), Matsumoto et al.
patent: 5796830 (1998-08-01), Johnson et al.
patent: 0810754 (1997-05-01), No
Epstein Michael A.
Pasieka Michael S.
Rosner Martin
Koninklijke Philips Electronics , N.V.
Peeso Thomas R.
Piotrowski Daniel J.
LandOfFree
Multi-node encryption and key delivery does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Multi-node encryption and key delivery, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Multi-node encryption and key delivery will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3166511