Cryptography – Key management – Key distribution
Reexamination Certificate
2000-04-07
2004-03-23
Moise, Emmanuel L. (Department: 2766)
Cryptography
Key management
Key distribution
C380S278000, C380S030000, C713S156000, C713S161000, C713S169000, C713S171000
Reexamination Certificate
active
06711263
ABSTRACT:
BACKGROUND
The present invention generally relates to applied cryptography, and more particularly to a method and system for secure distribution and protection of encryption key information.
Asymmetric cryptography, also referred to as public-key cryptography, makes use of two types of keys—public keys and private keys. Each communicating unit with asymmetric cryptography capabilities always has a pair of linked but separate keys, a public key and a private key. Information encrypted by one of the keys can only be decrypted by the other part of the key pair. The public key is normally made publically available for general use. The private key however should be kept private and not known to anybody, possibly except for the person to which it belongs.
In general, asymmetric cryptography is used in two ways, as illustrated in FIGS.
1
A-B:
For sending private messages (FIG.
1
A): If a message or a document is encrypted by the public key, it can only be decrypted by the private key. The sender can then be assured that only the intended receiver can decrypt the message. Hence the message will be private.
For signing messages (FIG.
1
B): If a message or document is encrypted by the private key, it can only be decrypted by the public key. The receiver can then be assured that it is the alleged that actually sent the message. Hence, the private key acts as a digital signature. In general, a one-way message digest algorithm is applied to the message, and then the digest is encrypted and sent together with the original message. On the receiving side, the encrypted digest is decrypted by the corresponding public key, and the digest algorithm is applied to the original message and the results compared to verify authenticity.
Asymmetric cryptography allows any person to encrypt a message or a document and send it to another person without any prior exchange or agreement.
However, how can a person, business partner or merchant be sure that the public key of another person, merchant or partner is authentic? What if someone forges a message and also forges a public key to open that message? This problem is generally solved by the use of Certificate Authorities. A Certificate Authority (CA), which is a trusted organization, verifies the credentials of people and puts its “stamp” of approval on those credentials by issuing so-called digital certificates. A digital certificate, hereinafter simply referred to as a certificate, verifies the authenticity of a user and certifies that a certain public key belongs to a certain individual. Normally, a certificate comprises a set of information concerning the approved individual, the public key of this individual, and possibly a set of information concerning the issuer of the certificate. In general, a message digest algorithm is applied to this information, and the digest is then encrypted by the private key of the CA. In a more general sense, the certificate can be seen as a container for a public key and information on the individual to which the public key is given. The container is then signed with the digital signature of the trusted CA.
A receiver of a certificate can then decrypt the digital signature by using the public key of the CA, apply the message digest algorithm to the original certificate and compare the results to verify that the certificate is authentic. This of course assumes that the CA is indeed trusted. In the United States, a hierarchy of trusted organizations is being formed, where private and local organizations are authorized by national CAs.
The asymmetric cryptography scheme together with digital certificates is well suited for electronic commerce, on-line business transactions and secure logon to servers, and is regarded by many as a key factor to secure and flexible communication over digital networks.
Asymmetric or public-key cryptography as such is well-known in the art, originally developed already in the mid 1970s by Diffie and Hellman, and later turned into the effective and usable RSA system developed by Rivest, Shamir and Adelman.
The problem area is the distribution of encryption key information such as private keys to different systems and units and storage of the keys in the units. An individual may have several communicating units, such as mobile telephones, personal computers and personal digital assistants. It is desirable, for convenience and flexibility, that the individual can use the same private key and the same certificate, independent of the unit by which the individual is communicating. Is it possible to securely distribute a private key to one or more distributed units and keep it there in a secure manner?
Usually, the key as well as the encryption algorithm are stored as software in each communicating unit. However, the main disadvantage with this method is that there is no secure way to store sensitive information in software other than what is provided for storing data in an ordinary PC or equivalent. This means that the private key may be illegitimately accessed rather easily by a person other than the key holder. In addition, there is no simple and secure way to distribute the key to other units.
Protecting circuits, sometimes referred to as tamper-resistant hardware modules, have been used to secure private keys, for example as described in U.S. Pat. No. 5,563,950. A protecting circuit is a physically and logically encapsulated circuit. For example, a protecting circuit could be in the form of an encapsulated integrated circuit having a restricted interface and equipped with non-erasable logic and a permanent memory for storing non-erasable sensitive information. An essential characteristic is that at least a subset of the logic and the stored information is not available or visible outside of the circuit. By encapsulating at least the cryptographic engine and the private key in such hardware, it is impossible to read the key from the outside. An individual may then use the circuit and the private key encapsulated therein for cryptography. The whole encapsulated system may receive information and encrypt it with the key, or receive encrypted information and decrypt it with the key. However, this method is inflexible. An individual who owns several communicating units is required to hold as many certificates and private keys. Furthermore, if the private key is to be replaced by a new key (it is strongly recommendable to replace the private key on a regular basis), the entire unit has to be changed.
Still another known solution is to use a tamper-resistant smart card provided with a private key. This means that each unit has to be equipped with a card reader. Although smart cards offer many advantages, smart cards are also quite inconvenient. Each time asymmetric cryptography is required, the smart card has to be inserted into the card reader. In addition, if another card, e.g. an ordinary credit card, is to be used for a transaction that requires encryption, yet another card reader is required. The need for additional card readers is of course a restriction, and leads to heavier, bigger and more expensive communicating units than would have been possible otherwise. For mobile telephones, personal digital assistants and portable computers where the trend is towards smaller and smaller units, the need for a card reader becomes a problem.
The present invention overcomes these and other drawbacks of the prior art.
U.S. Pat. No. 5,517,567 relates to the distribution of a communications key from a master unit to a remote unit, and employs first and second secret numbers, a random number, and first and second intermediate numbers generated from the secret numbers and the random number. The second intermediate number is combined with the key to generate a transmission number that is sent together with the random number from the master unit to the remote unit. The remote unit is able to reproduce the key by using the random number, the transmission number and the first and second secret numbers. Each one of the master and remote units includes XOR-circuitry for exclusive OR-ing of the
Hansson Allan
Nordenstam Jan Olof
Moise Emmanuel L.
Telefonaktiebolaget LM Ericsson (publ)
LandOfFree
Secure distribution and protection of encryption key... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Secure distribution and protection of encryption key..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure distribution and protection of encryption key... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3272555