Cryptography – Key management – Having particular key generator
Utility Patent
1996-12-17
2001-01-02
Cangialosi, Salvatore (Department: 2732)
Cryptography
Key management
Having particular key generator
Utility Patent
active
06169802
ABSTRACT:
FIELD OF THE INVENTION
This invention relates in general to selective call signaling systems and more particularly to selective call signaling system that transports secure messages.
BACKGROUND OF THE INVENTION
In conventional selective call signaling systems, messages are “encoded” using methods and algorithms that provide immunity from channel based errors, e.g., multipath or simulcast distortion, or received power fading. These methods provide minimal protection from an individual that might monitor the communication channel, since commercially available products (e.g., channel test sets, monitors, communication analyzers and the like) can easily display the address and message information intended for one or more selective call signaling devices, or messaging devices. Consequently, manufacturers and developers of selective call signaling systems are investigating using channel based cryptographic techniques to encrypt, transmit, receive, and decrypt message information. This will allow a subscriber to receive messages containing sensitive business information without any fear that the information would be easily compromised.
Current cryptographic techniques fall into two general categories, public and private key systems. In a public key system, the user holds a secret key, known only to that user, and publishes a public key, usable by anyone to encrypt and send messages to the user. The public key encrypted message can only be decrypted by a user using the secret key. Public key systems essentially eliminate the need for exchange of a session key. A session key is a key known to both sender and recipient, useful only during a finite time associated with a secure messaging session or transaction. By removing this requirement, the security of the system is enhanced because in order to break the encryption, an eavesdropper must know the private key.
Public key cryptography, such as that which uses the RSA algorithm, (the name “RSA” is derived from the first letter of its inventors last names, Ron Rivest, Adi Shamir and Leonard Adleman), is based on the mathematical concept of a “one-way function.” One way functions are those that are much easier to perform in one direction than the other. Moreover, RSA uses large relatively prime numbers, ‘p’ and ‘q’. By multiplying ‘p’ and ‘q’ together, an even larger number, ‘n’ is produced. Next another large number, ‘e’ is chosen, such that ‘e’ is less than ‘n’ but still relatively prime with respect to the product of p−1 and q−1. The numbers ‘n’ and ‘e’ constitute what is called the public key, and the private key, ‘d’, can be computed using a mathematical formula relating ‘e’, ‘p’, and ‘q’. To encrypt data, the algorithm counts the bits of data contained in the data block to be encrypted, and raises the quantity to the power of ‘e’ and divides by ‘n’ creating the remainder (this is modulo arithmetic). To decrypt that same data block, the algorithm raises it to the power of ‘d’ and divides by ‘n’ keeping the remainder. The key size used by RSA may be varied depending on the level of security the user demands. A larger key number results in a more difficult to factoring problem, and therefore, a more secure system. By way of example, a 1024 digit number that is itself the product of two prime numbers would have only four factors (the number itself, 1, and the two prime numbers multiplied to derive the number). Finding the factors of the 1024 digit number on a state of the art super computer is computationally infeasible, taking as long as several centuries to complete.
Although the RSA cryptographic algorithm is an acceptable method for insuring security of wireless messages, the processor power needed to implement a real time RSA decoder in a personal messaging device is prohibitive based on battery life considerations alone. Consequently, one must either find an improved method for implementing a public key based cryptographic algorithm, or use a private key based system.
Regarding private key based systems, as stated before, they require the exchange of an identical secret key known as the session key. Consequently, at least two drawbacks exist in a conventional secret key system. First, compromise of the secret key by one user compromises the entire communications system for all users with that key. Second, since the secret key is typically handled by more than one entity in a secure communication system, the danger exists that compromise can occur at any point in that system.
Accordingly, what is needed is a secure messaging system that efficiently utilizes the benefits of either public or private key cryptography, to insure the privacy of messages communicated from a source to a destination reachable from the system, and prevent the interception and unauthorized decoding and decryption of secure messages.
REFERENCES:
patent: 4074066 (1978-02-01), Ehrsam et al.
patent: 4805216 (1989-02-01), Gruenberg
patent: 4926478 (1990-05-01), Gruenberg
patent: 5029210 (1991-07-01), Gruenberg
patent: 5247576 (1993-09-01), Bright
patent: 5319712 (1994-06-01), Finkelstein et al.
patent: 5455862 (1995-10-01), Hoskinson
patent: 5455864 (1995-10-01), Park
Burgan John
Lerner Kenneth
Cangialosi Salvatore
Meles Pablo
Motorola Inc.
LandOfFree
Dynamic private key security system for personal messaging... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Dynamic private key security system for personal messaging..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Dynamic private key security system for personal messaging... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2495125