Cryptography – Particular algorithmic function encoding
Reexamination Certificate
1997-10-24
2001-04-17
Hayes, Gail (Department: 2766)
Cryptography
Particular algorithmic function encoding
C380S028000
Reexamination Certificate
active
06219421
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to data security.
2. Description of the Related Art
Many different types of data security measures are known. Presently, most widespread data security measures are based on public-key encryption. Public-key encryption is described, for example, in U.S. Pat. No. 4,218,582, incorporated herein by reference. Other patents relating to public-key encryption include U.S. Pat. Nos. 4,200,770; 4,405,829; 4,424,414 and 4,995,082, all of which are incorporated herein by reference.
One of the reasons for the relative prominence of public-key cryptography is that it solves the problem of key distribution in an elegant fashion.
Prior to public-key cryptography, symmetric-key cryptography required use of the identical key to decrypt the file as was used to encrypt the file. Hence, the key had to be communicated in secrecy between users. In public-key encryption, the encryption and the decryption keys are separate, with the encryption key being publicly known and the decryption key being kept secret. Public-key encryption may also be used for authentication.
Despite the important advantage of not requiring secure key distribution, public-key cryptography also suffers from various disadvantages. Administration is typically required to ensure that unique public-keys are assigned to each user. A person's public-key must be listed in a directory, and must be found in the directory prior to encrypting a message. The computational burden of public-key cryptography is significant both in generating random prime numbers for use as keys and in encryption and decryption processing itself. Furthermore, despite the computational complexity, public-key encryption using medium size keys has been shown to be insecure given the tremendous network computing resources that may be brought to bear on breaking the encryption.
What is needed, then, is a data security mechanism that surpasses in security present public-key cryptography methods and that minimizes the computational burden involved.
SUMMARY OF THE INVENTION
The present invention, generally speaking, provides a data security method and apparatus that provides an exceptional degree of security at low computational cost. The data security arrangement differs from known data security measures in several fundamental aspects. Most notably, the content of the message is not sent with the encrypted data. Rather, the encrypted data consists of pointers to locations within a virtual matrix, a large (arbitrarily large), continuously-changing array of values. The encryption technique is therefore referred to as Virtual Matrix Encryption. Furthermore, the data security arrangement uses a very large key of one million bits or more which creates a level of security much higher than any other existing method. The key is not transferred but is instead created from a file of any size that is available on both a computer used to send a secure message and a computer used to receive a secure message. The term Virtual Key Cryptographic as used herein to refer to techniques in which a key is recreated at a remote location from an electronic file without any transmission of the key itself. The file may be a system file, a file downloaded from the Internet, etc. A smaller, transaction-specific key, e.g., a 2,048 bit key, is sent end-to-end and is used in conjunction with the very large key to avoid a security hazard in instances where the same file is used repeatedly to create the very large key. A single byte may be encrypted many, many times, each successive result being passed to another algorithm in what may be regarded as a random path determined by reseeding of a random number generator at various junctures using values from the very large key, the smaller key and various other user supplied parameters, including, for example, source user, destination user, file name, save-as file name, and description. An optional higher level of security is available. If the message is secured using the same string as the file name and save-to file name, then when unlocking is attempted the first time, the original file will be overwritten, affording only a single opportunity for the message to be unlocked. A message may be secured in accordance with various options specifying an intended audience, including “global,” “specific” and “private” options. “Global” allows anyone having a copy of the data security software to decrypt the message providing that person has the correct keys and is able to supply parameters matching those with which the message was secured. “Group” allows the possibility of successful decryption by any of a number of users within a group identified by its members having copies of the software program with a common prefix. “specific” allows only a user having a particular numbered copy of the software program to decrypt. Finally, “private” allows decryption only by the same software copy used to secure the message originally. Without the correct keys and parameters, it is impossible for the message to be unlocked. The present invention further enhances security by allowing definition of a date range where the data can be decrypted correctly, hence preventing lengthy efforts to break the code by brute computational force.
REFERENCES:
patent: 744041 (1903-11-01), Burke
patent: 3250855 (1966-05-01), Vasseur
patent: 4157454 (1979-06-01), Becker
patent: 4740890 (1988-04-01), William
patent: 4988987 (1991-01-01), Barrett et al.
patent: 5058160 (1991-10-01), Banker et al.
patent: 5703948 (1997-12-01), Yanovsky
patent: 5712800 (1998-01-01), Aucsmith
patent: 5771291 (1998-06-01), Newton et al.
patent: 5787172 (1998-07-01), Arnold
patent: 5835600 (1998-11-01), Rivest
Schneier, Applied Cryptography 2e, pp. 170-177, 1996.*
Menezes, et al., Applied Cryptography, p. 172, 1996.*
Bruce Schneier, Applied cryptography, 2e, John Wiley pp. 183-184, 1996.
Backal Shaul O.
Burns Doane , Swecker, Mathis LLP
Hayes Gail
Seal James W
LandOfFree
Virtual matrix encryption (VME) and virtual key... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Virtual matrix encryption (VME) and virtual key..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Virtual matrix encryption (VME) and virtual key... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2541632