CA2056886C - Method for secure communication - Google Patents
Method for secure communicationInfo
- Publication number
- CA2056886C CA2056886C CA002056886A CA2056886A CA2056886C CA 2056886 C CA2056886 C CA 2056886C CA 002056886 A CA002056886 A CA 002056886A CA 2056886 A CA2056886 A CA 2056886A CA 2056886 C CA2056886 C CA 2056886C
- Authority
- CA
- Canada
- Prior art keywords
- key
- message
- party
- numbers
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000004891 communication Methods 0.000 title claims abstract description 19
- 230000005540 biological transmission Effects 0.000 claims description 7
- 238000013507 mapping Methods 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 5
- 230000006870 function Effects 0.000 description 23
- 230000004044 response Effects 0.000 description 9
- 230000015654 memory Effects 0.000 description 8
- 239000008186 active pharmaceutical agent Substances 0.000 description 2
- 150000001768 cations Chemical class 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0625—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/088—Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
- Facsimile Transmission Control (AREA)
- Computer And Data Communications (AREA)
Abstract
A method for the secure communication of messages. A
first party is provided with a set of numbers that have the property that when encrypted using an RSA encryption key the resulting set of encrypted numbers is of an order substantially smaller than that of the original set. If the encryption key and the original set of numbers are of the order of 200 decimal digits then the resulting set of encrypted numbers may be of the order of 15-30 decimal digits.
To communicate a message the first party selects a number from the original set and applies a hashing function to the selected number to obtain a 64 binary bit DES key. The selected number is then encrypted with the RSA key and a message is encrypted with the DES key obtained. The encrypted message and the encrypted selected number are combined and the combined message is sent to a second party who has the corresponding RSA decryption key and knows the hashing function. The second party then decrypts the number, applies the hashing function to obtain the DES key and decrypts the message. Thus the parties may communicate with substantially the security of RSA while significantly reducing the minimum message length which may be securely encrypted.
first party is provided with a set of numbers that have the property that when encrypted using an RSA encryption key the resulting set of encrypted numbers is of an order substantially smaller than that of the original set. If the encryption key and the original set of numbers are of the order of 200 decimal digits then the resulting set of encrypted numbers may be of the order of 15-30 decimal digits.
To communicate a message the first party selects a number from the original set and applies a hashing function to the selected number to obtain a 64 binary bit DES key. The selected number is then encrypted with the RSA key and a message is encrypted with the DES key obtained. The encrypted message and the encrypted selected number are combined and the combined message is sent to a second party who has the corresponding RSA decryption key and knows the hashing function. The second party then decrypts the number, applies the hashing function to obtain the DES key and decrypts the message. Thus the parties may communicate with substantially the security of RSA while significantly reducing the minimum message length which may be securely encrypted.
Description
~o~
METHOD FOR ~ECURE COMM~NICATION
Backqround Of The Invention The subject invention relates to a method for the secure communication of messages. More particularly, it relates to a method whereby relatively short messages may be encxypted and communicated with a high degree of security. Canadian Patent Application Serial No. 2,056,935, filed December 4, 1991 and assigned to the assignee of the subject invention for a METHOD
AND APPARATUS FOR THE RELIABLE AUTHENTICATION OF COMMUNICATIONS
inventor J. Pastor, discloses an application of the invention of the subject application which is useful for authenticating messages such as postal indicia.
The following definitions and notations are used in the subject application:
E, D - are a pair of keys used in a "public key"
encryption system.
K - is a key used in a "secret key" encryption system.
Keys may be specified by use of subscripts or functional notation as necessary. For example, Ki(t) is the key used by the ith party for transaction t.
E[M]; D[M]; K[M] - represent encryption, using the specified key and the appropriate corresponding encryption technique, of a message M.
E[D[M]]; D[E[m]]; K[K[M]] - represent decryption, using the specified key and the appropriate corresponding encryption technique; of the encrypted message M.
(Ml, E[P]) - represents an unencrypted message comprising the specified elements. Note elements may have been previously encrypted.
{a'} - represents a set of numbers or values.
Hard/easy - as applied to a computation refer to the relation between the cost of the computation and the value of the result. A computation is "hard" if the cost of performing it, using the best available algorithm, is substantially greater than the value of the result. (Those skilled in the ,.~,.
~ts6~86 art will recognize that the above definition differs from that normally used in complexity theory. The above definition is preferred in the context of the subject which is directed to the protection of the information value of messages rather than theoretical considerations of complexity.) The "order of a number or variable refers to the number of digits, or bits, needed to express the number or the greatest allowed value of the variable.) The DES encryption technique is an encryption technique which was developed by the National Bureau Standards, and is in wide spread use, particularly in the financial industry for the secure transfer of funds by wire. DES encrypts information in 64 bit blocks using a secret encryption key, also of the order of 64 bits, and decrypts the information using the same key. DES is well known in the art and a further description will not be necessary for an understanding of the subject invention.
Recently questions have been raised as to the security of the DES technique and another, more secure, technique for encryption, the RSA technique, has been developed. In this technique an encryption key pair E,D is provided and data encrypted using either key may only be decrypted by the other.
Further, it is hard to determine one key from knowledge of the other. For this reason RSA is sometimes known as a "public key" system since knowledge of the key used for encryption may be widely distributed and only the key used for decryption need be kept secret. Like DES, RSA is a well known technique in the art and need not be described further for an understanding of the subject invention.
While highly successful as a method of providing secure transmission of messages RSA suffers from the disadvantage that keys and corresponding blocks of information must be of a relatively high order to provide adequate security. RSA
encryption using a key of the order of 30 decimal digits can be broken using a modern super computer in only a few seconds of computing time; and it is believed that adequate security for RSA encryption is achieved only with keys on the order of 150-200 decimal digits. Since the encrypted messages are of the same order as the key used for encryption the resulting 20568~6 minimum order for RSA encrypted messages is substantially larger than the 64 bit block encrypted using DES. This of course is disadvantageous in applications where it is desirable to limit the amount of information transmitted. For example, in the above method co-pending application it is desirable to significantly reduce the amount of information which must be encrypted as part of a postal indicia because of the generally limited space available on a mail piece or label. Also, in many applications it is desirable to reduce the length of transmission in order to decrease the likelihood that the message will be intercepted.
Another secret key encryption technique which may be used in the subject invention and which is significantly more secure than DES and requires a relatively small key (though somewhat larger than a DES key) is the "eliptical logarithm technique". This technique, while not as commonly used as DES
is well known in the cryptographic art and is further described in the above mentioned application filed on even date herewith. The eliptical logarthm technique is also described in Kolbitz, Neal; A Course in Number Theory and Cryptoqraphy; Chapter VI, Vol. 114, Graduate Texts in Mathematics; Springer-Verlog (1987).
Thus, it iæ an object of an aspect of the subject invention to provide a method for the secure commlln;cation of messages which provides the security of RSA encryption while substantially reducing the order of the messages which are transmitted.
Brief Summary of the Invention The above objects are achieved and the disadvantages of the prior art are overcome in accordance with the subject invention by means of a method which includes generation of an encryption/decryption key pair Es, Ds, where the keys are of a first order selected to provide a predetermined level of security, a set of numbers {a'} wherein numbers a' have the property that when encrypted with the key Es resulting encrypted numbers Es[a'] are of an order substantially less than the first order, a hashing function H for mapping numbers a' onto numbers of third order smaller than the first order.
Key Es, set {a'~, and hashing function H are provided to a first party. Key Ds and hashing function H are provided to a second party, who maintains at least Ds in secret. To send a message the first party selects a particular one of the numbers a', encrypts the selected number a' with the key Es to obtain a particular value Es[a'], and operates on the selected number a' with the hashing function H to obtain an encryption key Ki, equal to H(a'). The first party then forms a first level message M1 and encrypts the first level message Ml with the encryption key Ki. The first party then forms a second level message M2 which includes the encrypted first level message Ki[M1] and the particular value Es[a'] and sends the second level message M2 to the second party. The second party then recovers the particular value Es[a'] from the received second level message M2 and decrypts the particular value Es[a'] with key Ds to obtain the selected number a'. The third party then operates on the selected number a' with the hashing function H to obtain the encryption key Ki, recovers the encrypted first level message Ki[M1] from the second level message M2, and decrypts the encrypted first level message Ki[M1] with the encryption key Ki to obtain the level message M1. (Messages can also be "signed" if encryption key Es is kept secret since only a party knowing Es can generate Es[a' ] . ) In accordance with one aspect of the subjection invention the numbers a' have a recognizable property (e.g., preselected bits in the binary representation of the numbers are identical for each number a' in the set (a'}), in order to make the task of generating counterfeit communications more difficult for an unauthorized person in possession of key Ds.
In accordance with another aspect of the subject invention the first level message M1 is encrypted using the DES encryption technique.
In accordance with still another aspect of the subject invention the first party maintains the key Es in secret, and the second party is provided with a set of numbers (a"}, and the second party may communicate with the first party in a symmetrical manner.
Other aspects of this invention are as follows:
p~
A method for secure communications comprising the steps of:
a) providing a first party with:
al) a key Es, said key Es being one key of an encryption/decryption key pair ES,Ds, said key pair Es,Ds, comprising keys Es and Ds of a first order selected to provide a predetermined level of security;
a2) a set of numbers ~a'), said numbers a' having the property that when encrypted with said key Es values Es[a'] of a second order substantially less than said first order are obtained; and a3) a hashing function H for mapping said numbers a' onto numbers of a third, smaller order;
b) providing a second party with said key Ds and said hashing function H, said second party keeping said key Ds in secret;
c) said first party communicating a message Ml by the steps of:
cl) selecting a number a' from said set ~a'};
c2) encrypting said selected number a' with said key Es to obtain a particular value Esta~];
c3) operating on said selected number a' with said hashing function H to obtain a single key encryption key Ki, Ki being equal to H(a');
c4) encrypting a message M1 with said key Ki;
c5) forming a second level message M2 including said encrypted message Ki[Ml] and said particular value Es[a'], and sending said second level message to said second party; and d) said second party receiving said second level message and:
dl) recovering said particular value Es[a'] from said second level message M2;
d2) decrypting said particular value Es[a'] to obtain said selected number a' d3) operating on said selected number a' with said hashing function H to obtain said key Ki equal to H(a');
d4) recovering said encrypted message Ki[Ml] from said second level message M2; and - 4a -2056~6 a5) forming a second level message M2' including said encrypted message Kj[Ml] and said particular value Ds[a''], and sending said second level message M2 to said first party; and b) said first party receiving said second level message and:
bl) recovering said particular value Ds[a''] from said second level message M2';
b2) decrypting said particular value Ds[a''] to obtain said selected number a".
b3) operating on said selected number a" with said hashing function H to obtain said key Kj equal to H(a");
b4) recovering said encrypted message Kj[M1'] from said second level message M2'; and b5) decrypting said encrypted message Kj[ml"] with said key Kj to obtain said message M1' equal to Kj[kj[Ml']].
A system for transmitting secure communications, comprising:
a) first means for storing a key Es, said key Es being on of an encryption/decryption key pair Es,Ds, said key pair comprising keys ES and Ds of a first order selected to provide a predetermined level of security;
b) second means for storing:
bl) a set of numbers {a'~, said numbers a' having the property that when encrypted with said key Es values Es[a'] of s second order substantially less than said first order are obtained; and b2) a hashing function H for mapping said numbers a' onto numbers of a third smaller order;
c) data processing means responsive to said first and second storing means for:
cl) selecting a number a' from said set {a');
c2) encrypting said selected number a' with said key Es to obtain a particular value Es[a'];
c3) operating on said selected number a' with said hashing function H to obtain a single key encryption key Kj, Kj being equal to H(a');
c4) encrypting a message Ml with said key Kj;
;., .
- 4b -A system for receiving secure communications, comprising:
a) secure first means for storing a key Ds, said key Ds being one of an encryption/decryption key pair Es, Ds, said key pair comprising keys Es and Ds of a first order selected to provide a predetermined level of security;
b) second means for storing: a hashing function H for mapping numbers of set [a'], said numbers a' having the property that when encrypted with said key Es values Es [a']
of a second order substantially less than said first order are obtained, onto numbers of a third, smaller order;
c) receiving means for receiving messages; and, d) data processing means responsive to said first and second storing means and said receiving means for:
dl) receiving a second level message M2, and recovering an encrypted message Kj[M1] and a particular value Es[a'] from said second level message M2;
d2) decrypting said particular value Es[a'] to obtain a selected number a';
d3) operating on said selected number a' with said hashing function H to obtain a key Kj;
d4) decrypting said encrypted message Kj[Ml] with said key Kj to obtain said message M1 equal to Kj[Kj[M1]].
Thus, it can be seen that the subject invention advantageously achieves the above objects and overcomes the ,, - 4c -2 0 ~
disadvantages of the prior art. Particularly, since each key Ki may be randomly chosen for each message Ml the technique of the subject invention provides the security (and the public key property) of RSA while requiring the transmission of substantially less data. Other objects and advantages of the subject invention will be apparent to those skilled in the art from consideration of the detailed description set forth below and of the attached drawing.
Brief Description Of The Drawings Figure 1 shows a symbolic representation of a communication in accordance with the subject invention.
Figure 2 shows a schematic block diagram of a system for communication in accordance with the subject invention.
Detailed Description Of Preferred Embo~iments Of The Invention Figure 1 shows a representation of communication in accordance with the subject invention. At 10 a first party is provided with an encryption key Es from an encryption/decryption key pair Es, Ds, a set of numbers (a'} and a hashing function H. The numbers a' have the property that when encrypted with the key Es the values Es[a'] are of an order substantially less than the order of the numbers a'. Preferably the numbers a' may be of an order of from 150 to 200 digits and the values Es[a'] may be of the order of 15 to 30 digits.
Those skilled in art will recognize that in general the set {a'} will be too large for convenient storage as a list of numbers. Thus, the first party is preferably "provided'' with a set ~a'} by providing the first party with the ability to compute numbers of the set. In the embodiment under discussion the first party may compute values of a' from the relationship a' = Ds[x]; where x is number in the desired range for the values Es[a'].
In accordance with a preferred embodiment of the subject invention the set of numbers {a'} may be further restricted by selecting set {a'} such that numbers a' share a common, easily identifiable property. For example, if numbers a' where of the order of 600 binary bits the set {a'} could be chosen so 2 ~ 8 6 that for all numbers a' a particular 50 predetermined bits would be equal. That is, for example, for numbers a' the first bit would be one, the seventh bit would be zero, etc.
In this embodiment an off-line computation of a large number of values Ds[x] would be made and the values computed would be examined to find some common property shared by a sufficiently large number of values. These values would then be selected as the set {a'} and provided as a list to the first party. It will be hard for an unauthorized person in possession of key Ds to find values of x such that Ds[x] has the predetermined properties, i.e, is a member of the set ~a'}. This will increase the difficulty faced by such person in producing counterfeit communications, as will see from the description set forth below.
Hashing function H maps number a' onto a set of numbers of lower order such that H (a') = Kj may be used as an encryption key.
The second party is provided with key Ds and hashing function H, and maintains at least key Ds in secret.
To communicate a message, at 100 the first party selects a number a' and at 102 encrypts the selected number a' with key Es to obtain a particular value Es[a']. Then at 104 the first party operates on the selected number a' with hashing function H to obtain an encryption key Ki which is preferably a DES key. At 108 the first party encrypts message M1 with encryption Ki, and at 110 forms a message M2 which includes encrypted message Ki[M1] and particular value Es[a'] and sends the message to the second party. At 120 the second party recovers encrypted message Ki[Ml] and particular value Es[a']
from message M2, and at 124 decrypts particular value Es[a']
with key Ds to obtain Ds[Es]a']] equal to selected number a'.
At 128 the second party then operates on selected number a' with hashing function H to obtain encryption key Ki then, at 130 the second party decrypts encrypted message Ki[Ml] with encryption key Ki to obtain Ml equal to Ki[Ki[Ml]].
If the second party desires to sent a return communication the second party is provided with a second set of numbers ~a"} which when encrypted with key DS provide 205~8~
particular values Ds[a"] in the same manner as has been described above for set {a') and key Es.
Then at 140 the second party selects a number a'' and at 144 encrypts selected number a'' with key Ds to obtain particular value Ds[a'']. At 148 the second party operates on selected number a" with h~sh;ng function H to obtain encryption key Kj, and at 150 encrypts response message Ml' with encryption key Kj. At 152 the second party forms a second level response message M2' which includes encrypted message Kj[Ml'] and particular value Ds[a''], and sends second level response message M2' to the first party.
At 160 the first party receives message M2' and recovers encrypted message Kj[Ml'] and particular value Ds[a'']. At 164 the first party decrypts particular value Ds[a"] with key Es to obtain selected number a" equal to Es[Ds]a'']]. At 168 the first party operates on selected number a" with hashing function H to obtain encryption key Kj equal to H(a"). At 170 the first party decrypts encrypted message Kj[Ml'] with encryption key Kj to obtain response message M1' equal to Kj[Kj[Ml']].
If the response messages Ml prime are to be secure then the first party must keep key Es in secret. However, even if key Es is known response message Ml' still have the property that they are in effect "signed" by the second party since only message encrypted with key DS have any significant possibility of producing a meaningful message when decrypted with key Es-Figure 2 shows a system for communication using the technique of the subject invention. Station 200-1 includes a data processor 203-1, and memories 204-1 and 206-1. Memory 204-1 stores hashing function H and set {a'}, as described above, while, since the system of Figure 2 is intended for secure two-way communication, memory 206 is a secure memory which stores key Es, as described above. Of course, if response messages need not be secure memory 206-1 need not be secure and may be a portion of memory 204-1.
Data processor 203-1 is also connected to receiver 208-1 and transmitter 210-1 for communication over channel 220.
2~6~8~
Station 200-2 is substantially constructionally identical to station 200-1, differing in that memory 204-2 stores set {a"~ with hashing function H, and secure memory 206-2 stores key Ds.
Channel 220 is intended to be completely general and details of its structure form no part of this invention.
Thus, for example, receiver 208-1 and transmitter 210-1, and receiver 208-2 and transmitter 210-2 may each be comprised in a modem and channel 220 may be a communications path through the public switch telephone network. Or, receivers 208-1 and transmitter 210-1, and receiver 208-2 and transmitter 210-2 may be radio equipment and channel 220 may be a radio frequency channel.
In operation data processor 203-1 receives message Ml from a conventional data source (not shown) which forms no part of the subject invention. Data processor 203-1 then selects a number a', generates an encryption key Ki and forms message M2 for transmission as described above. Data processor 203-2 then recovers encrypted message KitMl] and particular value Es[a'] from message M2, recovers key Ki and decrypts encrypted message Ki[Ml] to recover message Ml as described above. As also described above, transmission of response message M1', received from another conventional data source (not shown), which also forms no part of the subject invention, is carried out in an essentially manner; encrypting a particular number a" with key Ds to form second level response message M2' for transmission over channel 220, and corresponding decryption by station 200-1.
The embodiments described above and shown in the attached drawings have been provided way of illustration only, and numerous other embodiments will be apparent to those skilled in art from consideration of the present disclosure.
Accordingly, limitations on the subject invention are to be found only in the claims set forth below.
METHOD FOR ~ECURE COMM~NICATION
Backqround Of The Invention The subject invention relates to a method for the secure communication of messages. More particularly, it relates to a method whereby relatively short messages may be encxypted and communicated with a high degree of security. Canadian Patent Application Serial No. 2,056,935, filed December 4, 1991 and assigned to the assignee of the subject invention for a METHOD
AND APPARATUS FOR THE RELIABLE AUTHENTICATION OF COMMUNICATIONS
inventor J. Pastor, discloses an application of the invention of the subject application which is useful for authenticating messages such as postal indicia.
The following definitions and notations are used in the subject application:
E, D - are a pair of keys used in a "public key"
encryption system.
K - is a key used in a "secret key" encryption system.
Keys may be specified by use of subscripts or functional notation as necessary. For example, Ki(t) is the key used by the ith party for transaction t.
E[M]; D[M]; K[M] - represent encryption, using the specified key and the appropriate corresponding encryption technique, of a message M.
E[D[M]]; D[E[m]]; K[K[M]] - represent decryption, using the specified key and the appropriate corresponding encryption technique; of the encrypted message M.
(Ml, E[P]) - represents an unencrypted message comprising the specified elements. Note elements may have been previously encrypted.
{a'} - represents a set of numbers or values.
Hard/easy - as applied to a computation refer to the relation between the cost of the computation and the value of the result. A computation is "hard" if the cost of performing it, using the best available algorithm, is substantially greater than the value of the result. (Those skilled in the ,.~,.
~ts6~86 art will recognize that the above definition differs from that normally used in complexity theory. The above definition is preferred in the context of the subject which is directed to the protection of the information value of messages rather than theoretical considerations of complexity.) The "order of a number or variable refers to the number of digits, or bits, needed to express the number or the greatest allowed value of the variable.) The DES encryption technique is an encryption technique which was developed by the National Bureau Standards, and is in wide spread use, particularly in the financial industry for the secure transfer of funds by wire. DES encrypts information in 64 bit blocks using a secret encryption key, also of the order of 64 bits, and decrypts the information using the same key. DES is well known in the art and a further description will not be necessary for an understanding of the subject invention.
Recently questions have been raised as to the security of the DES technique and another, more secure, technique for encryption, the RSA technique, has been developed. In this technique an encryption key pair E,D is provided and data encrypted using either key may only be decrypted by the other.
Further, it is hard to determine one key from knowledge of the other. For this reason RSA is sometimes known as a "public key" system since knowledge of the key used for encryption may be widely distributed and only the key used for decryption need be kept secret. Like DES, RSA is a well known technique in the art and need not be described further for an understanding of the subject invention.
While highly successful as a method of providing secure transmission of messages RSA suffers from the disadvantage that keys and corresponding blocks of information must be of a relatively high order to provide adequate security. RSA
encryption using a key of the order of 30 decimal digits can be broken using a modern super computer in only a few seconds of computing time; and it is believed that adequate security for RSA encryption is achieved only with keys on the order of 150-200 decimal digits. Since the encrypted messages are of the same order as the key used for encryption the resulting 20568~6 minimum order for RSA encrypted messages is substantially larger than the 64 bit block encrypted using DES. This of course is disadvantageous in applications where it is desirable to limit the amount of information transmitted. For example, in the above method co-pending application it is desirable to significantly reduce the amount of information which must be encrypted as part of a postal indicia because of the generally limited space available on a mail piece or label. Also, in many applications it is desirable to reduce the length of transmission in order to decrease the likelihood that the message will be intercepted.
Another secret key encryption technique which may be used in the subject invention and which is significantly more secure than DES and requires a relatively small key (though somewhat larger than a DES key) is the "eliptical logarithm technique". This technique, while not as commonly used as DES
is well known in the cryptographic art and is further described in the above mentioned application filed on even date herewith. The eliptical logarthm technique is also described in Kolbitz, Neal; A Course in Number Theory and Cryptoqraphy; Chapter VI, Vol. 114, Graduate Texts in Mathematics; Springer-Verlog (1987).
Thus, it iæ an object of an aspect of the subject invention to provide a method for the secure commlln;cation of messages which provides the security of RSA encryption while substantially reducing the order of the messages which are transmitted.
Brief Summary of the Invention The above objects are achieved and the disadvantages of the prior art are overcome in accordance with the subject invention by means of a method which includes generation of an encryption/decryption key pair Es, Ds, where the keys are of a first order selected to provide a predetermined level of security, a set of numbers {a'} wherein numbers a' have the property that when encrypted with the key Es resulting encrypted numbers Es[a'] are of an order substantially less than the first order, a hashing function H for mapping numbers a' onto numbers of third order smaller than the first order.
Key Es, set {a'~, and hashing function H are provided to a first party. Key Ds and hashing function H are provided to a second party, who maintains at least Ds in secret. To send a message the first party selects a particular one of the numbers a', encrypts the selected number a' with the key Es to obtain a particular value Es[a'], and operates on the selected number a' with the hashing function H to obtain an encryption key Ki, equal to H(a'). The first party then forms a first level message M1 and encrypts the first level message Ml with the encryption key Ki. The first party then forms a second level message M2 which includes the encrypted first level message Ki[M1] and the particular value Es[a'] and sends the second level message M2 to the second party. The second party then recovers the particular value Es[a'] from the received second level message M2 and decrypts the particular value Es[a'] with key Ds to obtain the selected number a'. The third party then operates on the selected number a' with the hashing function H to obtain the encryption key Ki, recovers the encrypted first level message Ki[M1] from the second level message M2, and decrypts the encrypted first level message Ki[M1] with the encryption key Ki to obtain the level message M1. (Messages can also be "signed" if encryption key Es is kept secret since only a party knowing Es can generate Es[a' ] . ) In accordance with one aspect of the subjection invention the numbers a' have a recognizable property (e.g., preselected bits in the binary representation of the numbers are identical for each number a' in the set (a'}), in order to make the task of generating counterfeit communications more difficult for an unauthorized person in possession of key Ds.
In accordance with another aspect of the subject invention the first level message M1 is encrypted using the DES encryption technique.
In accordance with still another aspect of the subject invention the first party maintains the key Es in secret, and the second party is provided with a set of numbers (a"}, and the second party may communicate with the first party in a symmetrical manner.
Other aspects of this invention are as follows:
p~
A method for secure communications comprising the steps of:
a) providing a first party with:
al) a key Es, said key Es being one key of an encryption/decryption key pair ES,Ds, said key pair Es,Ds, comprising keys Es and Ds of a first order selected to provide a predetermined level of security;
a2) a set of numbers ~a'), said numbers a' having the property that when encrypted with said key Es values Es[a'] of a second order substantially less than said first order are obtained; and a3) a hashing function H for mapping said numbers a' onto numbers of a third, smaller order;
b) providing a second party with said key Ds and said hashing function H, said second party keeping said key Ds in secret;
c) said first party communicating a message Ml by the steps of:
cl) selecting a number a' from said set ~a'};
c2) encrypting said selected number a' with said key Es to obtain a particular value Esta~];
c3) operating on said selected number a' with said hashing function H to obtain a single key encryption key Ki, Ki being equal to H(a');
c4) encrypting a message M1 with said key Ki;
c5) forming a second level message M2 including said encrypted message Ki[Ml] and said particular value Es[a'], and sending said second level message to said second party; and d) said second party receiving said second level message and:
dl) recovering said particular value Es[a'] from said second level message M2;
d2) decrypting said particular value Es[a'] to obtain said selected number a' d3) operating on said selected number a' with said hashing function H to obtain said key Ki equal to H(a');
d4) recovering said encrypted message Ki[Ml] from said second level message M2; and - 4a -2056~6 a5) forming a second level message M2' including said encrypted message Kj[Ml] and said particular value Ds[a''], and sending said second level message M2 to said first party; and b) said first party receiving said second level message and:
bl) recovering said particular value Ds[a''] from said second level message M2';
b2) decrypting said particular value Ds[a''] to obtain said selected number a".
b3) operating on said selected number a" with said hashing function H to obtain said key Kj equal to H(a");
b4) recovering said encrypted message Kj[M1'] from said second level message M2'; and b5) decrypting said encrypted message Kj[ml"] with said key Kj to obtain said message M1' equal to Kj[kj[Ml']].
A system for transmitting secure communications, comprising:
a) first means for storing a key Es, said key Es being on of an encryption/decryption key pair Es,Ds, said key pair comprising keys ES and Ds of a first order selected to provide a predetermined level of security;
b) second means for storing:
bl) a set of numbers {a'~, said numbers a' having the property that when encrypted with said key Es values Es[a'] of s second order substantially less than said first order are obtained; and b2) a hashing function H for mapping said numbers a' onto numbers of a third smaller order;
c) data processing means responsive to said first and second storing means for:
cl) selecting a number a' from said set {a');
c2) encrypting said selected number a' with said key Es to obtain a particular value Es[a'];
c3) operating on said selected number a' with said hashing function H to obtain a single key encryption key Kj, Kj being equal to H(a');
c4) encrypting a message Ml with said key Kj;
;., .
- 4b -A system for receiving secure communications, comprising:
a) secure first means for storing a key Ds, said key Ds being one of an encryption/decryption key pair Es, Ds, said key pair comprising keys Es and Ds of a first order selected to provide a predetermined level of security;
b) second means for storing: a hashing function H for mapping numbers of set [a'], said numbers a' having the property that when encrypted with said key Es values Es [a']
of a second order substantially less than said first order are obtained, onto numbers of a third, smaller order;
c) receiving means for receiving messages; and, d) data processing means responsive to said first and second storing means and said receiving means for:
dl) receiving a second level message M2, and recovering an encrypted message Kj[M1] and a particular value Es[a'] from said second level message M2;
d2) decrypting said particular value Es[a'] to obtain a selected number a';
d3) operating on said selected number a' with said hashing function H to obtain a key Kj;
d4) decrypting said encrypted message Kj[Ml] with said key Kj to obtain said message M1 equal to Kj[Kj[M1]].
Thus, it can be seen that the subject invention advantageously achieves the above objects and overcomes the ,, - 4c -2 0 ~
disadvantages of the prior art. Particularly, since each key Ki may be randomly chosen for each message Ml the technique of the subject invention provides the security (and the public key property) of RSA while requiring the transmission of substantially less data. Other objects and advantages of the subject invention will be apparent to those skilled in the art from consideration of the detailed description set forth below and of the attached drawing.
Brief Description Of The Drawings Figure 1 shows a symbolic representation of a communication in accordance with the subject invention.
Figure 2 shows a schematic block diagram of a system for communication in accordance with the subject invention.
Detailed Description Of Preferred Embo~iments Of The Invention Figure 1 shows a representation of communication in accordance with the subject invention. At 10 a first party is provided with an encryption key Es from an encryption/decryption key pair Es, Ds, a set of numbers (a'} and a hashing function H. The numbers a' have the property that when encrypted with the key Es the values Es[a'] are of an order substantially less than the order of the numbers a'. Preferably the numbers a' may be of an order of from 150 to 200 digits and the values Es[a'] may be of the order of 15 to 30 digits.
Those skilled in art will recognize that in general the set {a'} will be too large for convenient storage as a list of numbers. Thus, the first party is preferably "provided'' with a set ~a'} by providing the first party with the ability to compute numbers of the set. In the embodiment under discussion the first party may compute values of a' from the relationship a' = Ds[x]; where x is number in the desired range for the values Es[a'].
In accordance with a preferred embodiment of the subject invention the set of numbers {a'} may be further restricted by selecting set {a'} such that numbers a' share a common, easily identifiable property. For example, if numbers a' where of the order of 600 binary bits the set {a'} could be chosen so 2 ~ 8 6 that for all numbers a' a particular 50 predetermined bits would be equal. That is, for example, for numbers a' the first bit would be one, the seventh bit would be zero, etc.
In this embodiment an off-line computation of a large number of values Ds[x] would be made and the values computed would be examined to find some common property shared by a sufficiently large number of values. These values would then be selected as the set {a'} and provided as a list to the first party. It will be hard for an unauthorized person in possession of key Ds to find values of x such that Ds[x] has the predetermined properties, i.e, is a member of the set ~a'}. This will increase the difficulty faced by such person in producing counterfeit communications, as will see from the description set forth below.
Hashing function H maps number a' onto a set of numbers of lower order such that H (a') = Kj may be used as an encryption key.
The second party is provided with key Ds and hashing function H, and maintains at least key Ds in secret.
To communicate a message, at 100 the first party selects a number a' and at 102 encrypts the selected number a' with key Es to obtain a particular value Es[a']. Then at 104 the first party operates on the selected number a' with hashing function H to obtain an encryption key Ki which is preferably a DES key. At 108 the first party encrypts message M1 with encryption Ki, and at 110 forms a message M2 which includes encrypted message Ki[M1] and particular value Es[a'] and sends the message to the second party. At 120 the second party recovers encrypted message Ki[Ml] and particular value Es[a']
from message M2, and at 124 decrypts particular value Es[a']
with key Ds to obtain Ds[Es]a']] equal to selected number a'.
At 128 the second party then operates on selected number a' with hashing function H to obtain encryption key Ki then, at 130 the second party decrypts encrypted message Ki[Ml] with encryption key Ki to obtain Ml equal to Ki[Ki[Ml]].
If the second party desires to sent a return communication the second party is provided with a second set of numbers ~a"} which when encrypted with key DS provide 205~8~
particular values Ds[a"] in the same manner as has been described above for set {a') and key Es.
Then at 140 the second party selects a number a'' and at 144 encrypts selected number a'' with key Ds to obtain particular value Ds[a'']. At 148 the second party operates on selected number a" with h~sh;ng function H to obtain encryption key Kj, and at 150 encrypts response message Ml' with encryption key Kj. At 152 the second party forms a second level response message M2' which includes encrypted message Kj[Ml'] and particular value Ds[a''], and sends second level response message M2' to the first party.
At 160 the first party receives message M2' and recovers encrypted message Kj[Ml'] and particular value Ds[a'']. At 164 the first party decrypts particular value Ds[a"] with key Es to obtain selected number a" equal to Es[Ds]a'']]. At 168 the first party operates on selected number a" with hashing function H to obtain encryption key Kj equal to H(a"). At 170 the first party decrypts encrypted message Kj[Ml'] with encryption key Kj to obtain response message M1' equal to Kj[Kj[Ml']].
If the response messages Ml prime are to be secure then the first party must keep key Es in secret. However, even if key Es is known response message Ml' still have the property that they are in effect "signed" by the second party since only message encrypted with key DS have any significant possibility of producing a meaningful message when decrypted with key Es-Figure 2 shows a system for communication using the technique of the subject invention. Station 200-1 includes a data processor 203-1, and memories 204-1 and 206-1. Memory 204-1 stores hashing function H and set {a'}, as described above, while, since the system of Figure 2 is intended for secure two-way communication, memory 206 is a secure memory which stores key Es, as described above. Of course, if response messages need not be secure memory 206-1 need not be secure and may be a portion of memory 204-1.
Data processor 203-1 is also connected to receiver 208-1 and transmitter 210-1 for communication over channel 220.
2~6~8~
Station 200-2 is substantially constructionally identical to station 200-1, differing in that memory 204-2 stores set {a"~ with hashing function H, and secure memory 206-2 stores key Ds.
Channel 220 is intended to be completely general and details of its structure form no part of this invention.
Thus, for example, receiver 208-1 and transmitter 210-1, and receiver 208-2 and transmitter 210-2 may each be comprised in a modem and channel 220 may be a communications path through the public switch telephone network. Or, receivers 208-1 and transmitter 210-1, and receiver 208-2 and transmitter 210-2 may be radio equipment and channel 220 may be a radio frequency channel.
In operation data processor 203-1 receives message Ml from a conventional data source (not shown) which forms no part of the subject invention. Data processor 203-1 then selects a number a', generates an encryption key Ki and forms message M2 for transmission as described above. Data processor 203-2 then recovers encrypted message KitMl] and particular value Es[a'] from message M2, recovers key Ki and decrypts encrypted message Ki[Ml] to recover message Ml as described above. As also described above, transmission of response message M1', received from another conventional data source (not shown), which also forms no part of the subject invention, is carried out in an essentially manner; encrypting a particular number a" with key Ds to form second level response message M2' for transmission over channel 220, and corresponding decryption by station 200-1.
The embodiments described above and shown in the attached drawings have been provided way of illustration only, and numerous other embodiments will be apparent to those skilled in art from consideration of the present disclosure.
Accordingly, limitations on the subject invention are to be found only in the claims set forth below.
Claims (12)
1. A method for secure communications comprising the steps of:
a) providing a first party with:
a1) a key Es, said key Es being one key of an encryption/decryption key pair Es,Ds, said key pair Es,Ds, comprising keys Es and Ds of a first order selected to provide a predetermined level of security;
a2) a set of numbers {a'}, said numbers a' having the property that when encrypted with said key Es values Es[a'] of a second order substantially less than said first order are obtained; and a3) a hashing function H for mapping said numbers a' onto numbers of a third, smaller order;
b) providing a second party with said key Ds and said hashing function H, said second party keeping said key Ds in secret;
c) said first party communicating a message M1 by the steps of:
c1) selecting a number a' from said set {a'};
c2) encrypting said selected number a' with said key Es to obtain a particular value Es[a'];
c3) operating on said selected number a' with said hashing function H to obtain a single key encryption key Ki, Ki being equal to H(a');
c4) encrypting a message M1 with said key Ki;
c5) forming a second level message M2 including said encrypted message Ki[M1] and said particular value Es[a'], and sending said second level message to said second party; and d) said second party receiving said second level message and:
d1) recovering said particular value Es[a'] from said second level message M2;
d2) decrypting said particular value Es[a'] to obtain said selected number a' d3) operating on said selected number a' with said hashing function H to obtain said key Ki equal to H(a');
d4) recovering said encrypted message Ki[M1] from said second level message M2; and d5) decrypting said encrypted message Ki[M1] with said key Ki to obtain said message M1 equal to Ki[Ki[M1]].
a) providing a first party with:
a1) a key Es, said key Es being one key of an encryption/decryption key pair Es,Ds, said key pair Es,Ds, comprising keys Es and Ds of a first order selected to provide a predetermined level of security;
a2) a set of numbers {a'}, said numbers a' having the property that when encrypted with said key Es values Es[a'] of a second order substantially less than said first order are obtained; and a3) a hashing function H for mapping said numbers a' onto numbers of a third, smaller order;
b) providing a second party with said key Ds and said hashing function H, said second party keeping said key Ds in secret;
c) said first party communicating a message M1 by the steps of:
c1) selecting a number a' from said set {a'};
c2) encrypting said selected number a' with said key Es to obtain a particular value Es[a'];
c3) operating on said selected number a' with said hashing function H to obtain a single key encryption key Ki, Ki being equal to H(a');
c4) encrypting a message M1 with said key Ki;
c5) forming a second level message M2 including said encrypted message Ki[M1] and said particular value Es[a'], and sending said second level message to said second party; and d) said second party receiving said second level message and:
d1) recovering said particular value Es[a'] from said second level message M2;
d2) decrypting said particular value Es[a'] to obtain said selected number a' d3) operating on said selected number a' with said hashing function H to obtain said key Ki equal to H(a');
d4) recovering said encrypted message Ki[M1] from said second level message M2; and d5) decrypting said encrypted message Ki[M1] with said key Ki to obtain said message M1 equal to Ki[Ki[M1]].
2. A method as described in claim 1 wherein said encryption in step (4) is DES encryption.
3. A method as described in claim 2 wherein said numbers a' share a recognizable property.
4. A method as described in claim 1 wherein said numbers a' share a recognizable property.
5. A method as described in claim 4 wherein said first party keeps said key Es in secret.
6. A method as described in claim 3 wherein said first party keeps said key Es in secret.
7. A method as described in claim 2 wherein said first party keeps said key Es in secret.
8. A method as described in claim 1 wherein said first party keeps said key Es in secret.
9. A method as described in claim 1 wherein said second party is provided with a second set of numbers {a"}, said numbers having the property that when encrypted with said key Ds values Ds[a"] of a fourth order substantially less than said first order are obtained comprising the further steps of:
a) said second party communicating a message M1' by the steps of:
a1) selecting a number a" from said set {a"};
a2) encrypting said selected number a" with said key Ds to obtain a particular value Ds[a"]
a3) operating on said selected number a" with said hashing function H to obtain a single key encryption key Kj, Kj being equal to H(a"};
a4) encrypting as message M1' with said key Kj;
a5) forming a second level message M2' including said encrypted message Kj[M1] and said particular value Ds[a"], and sending said second level message M2 to said first party; and b) said first party receiving said second level message and:
b1) recovering said particular value Ds[a"] from said second level message M2';
b2) decrypting said particular value Ds[a"] to obtain said selected number a".
b3) operating on said selected number a" with said hashing function H to obtain said key Kj equal to H(a");
b4) recovering said encrypted message Kj[M1'] from said second level message M2'; and b5) decrypting said encrypted message Kj[m1"] with said key Kj to obtain said message M1' equal to Kj[kj[M1']].
a) said second party communicating a message M1' by the steps of:
a1) selecting a number a" from said set {a"};
a2) encrypting said selected number a" with said key Ds to obtain a particular value Ds[a"]
a3) operating on said selected number a" with said hashing function H to obtain a single key encryption key Kj, Kj being equal to H(a"};
a4) encrypting as message M1' with said key Kj;
a5) forming a second level message M2' including said encrypted message Kj[M1] and said particular value Ds[a"], and sending said second level message M2 to said first party; and b) said first party receiving said second level message and:
b1) recovering said particular value Ds[a"] from said second level message M2';
b2) decrypting said particular value Ds[a"] to obtain said selected number a".
b3) operating on said selected number a" with said hashing function H to obtain said key Kj equal to H(a");
b4) recovering said encrypted message Kj[M1'] from said second level message M2'; and b5) decrypting said encrypted message Kj[m1"] with said key Kj to obtain said message M1' equal to Kj[kj[M1']].
10. A system for transmitting secure communications, comprising:
a) first means for storing a key Es, said key Es being on of an encryption/decryption key pair Es,Ds, said key pair comprising keys Es and Ds of a first order selected to provide a predetermined level of security;
b) second means for storing:
b1) a set of numbers {a'}, said numbers a' having the property that when encrypted with said key Es values Es[a'] of s second order substantially less than said first order are obtained; and b2) a hashing function H for mapping said numbers a' onto numbers of a third smaller order;
c) data processing means responsive to said first and second storing means for:
c1) selecting a number a' from said set {a'};
c2) encrypting said-selected number a' with said key Es to obtain a particular value Es[a'];
c3) operating on said selected number a' with said hashing function H to obtain a single key encryption key Kj, Kj being equal to H(a');
c4) encrypting a message Ml with said key Kj;
c5) forming a second level message M2 including said encrypted first level message Kj[M1] and said particular value Es[a']; and, d) transmission means responsive to said data processing means for sending said second level message M2.
a) first means for storing a key Es, said key Es being on of an encryption/decryption key pair Es,Ds, said key pair comprising keys Es and Ds of a first order selected to provide a predetermined level of security;
b) second means for storing:
b1) a set of numbers {a'}, said numbers a' having the property that when encrypted with said key Es values Es[a'] of s second order substantially less than said first order are obtained; and b2) a hashing function H for mapping said numbers a' onto numbers of a third smaller order;
c) data processing means responsive to said first and second storing means for:
c1) selecting a number a' from said set {a'};
c2) encrypting said-selected number a' with said key Es to obtain a particular value Es[a'];
c3) operating on said selected number a' with said hashing function H to obtain a single key encryption key Kj, Kj being equal to H(a');
c4) encrypting a message Ml with said key Kj;
c5) forming a second level message M2 including said encrypted first level message Kj[M1] and said particular value Es[a']; and, d) transmission means responsive to said data processing means for sending said second level message M2.
11. A system as described in claim 10 wherein said first storing means is secure against access by unauthorized parties to said key Es.
12. A system for receiving secure communications, comprising:
a) secure first means for storing a key Ds, said key Ds being one of an encryption/decryption key pair Es, Ds, said key pair comprising keys Es and Ds of a first order selected to provide a predetermined level of security;
b) second means for storing: a hashing function H for mapping numbers of set [a'], said numbers a' having the property that when encrypted with said key Es values Es [a']
of a second order substantially less than said first order are obtained, onto numbers of a third, smaller order;
c) receiving means for receiving messages; and, d) data processing means responsive to said first and second storing means and said receiving means for:
d1) receiving a second level message M2, and recovering an encrypted message Kj[M1] and a particular value Es[a'] from said second level message M2;
d2) decrypting said particular value Es[a'] to obtain a selected number a';
d3) operating on said selected number a' with said hashing function H to obtain a key Kj;
d4) decrypting said encrypted message Kj[M1] with said key Kj to obtain said message M1 equal to Kj[Kj[M1]].
a) secure first means for storing a key Ds, said key Ds being one of an encryption/decryption key pair Es, Ds, said key pair comprising keys Es and Ds of a first order selected to provide a predetermined level of security;
b) second means for storing: a hashing function H for mapping numbers of set [a'], said numbers a' having the property that when encrypted with said key Es values Es [a']
of a second order substantially less than said first order are obtained, onto numbers of a third, smaller order;
c) receiving means for receiving messages; and, d) data processing means responsive to said first and second storing means and said receiving means for:
d1) receiving a second level message M2, and recovering an encrypted message Kj[M1] and a particular value Es[a'] from said second level message M2;
d2) decrypting said particular value Es[a'] to obtain a selected number a';
d3) operating on said selected number a' with said hashing function H to obtain a key Kj;
d4) decrypting said encrypted message Kj[M1] with said key Kj to obtain said message M1 equal to Kj[Kj[M1]].
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US07/628,247 US5073935A (en) | 1990-12-17 | 1990-12-17 | Method for secure communication |
US628,247 | 1990-12-17 |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2056886A1 CA2056886A1 (en) | 1992-06-18 |
CA2056886C true CA2056886C (en) | 1996-06-04 |
Family
ID=24518100
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002056886A Expired - Fee Related CA2056886C (en) | 1990-12-17 | 1991-12-04 | Method for secure communication |
Country Status (2)
Country | Link |
---|---|
US (1) | US5073935A (en) |
CA (1) | CA2056886C (en) |
Families Citing this family (43)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5142577A (en) * | 1990-12-17 | 1992-08-25 | Jose Pastor | Method and apparatus for authenticating messages |
US5199070A (en) * | 1990-12-18 | 1993-03-30 | Matsushita Electric Industrial Co., Ltd. | Method for generating a public key |
US5297206A (en) * | 1992-03-19 | 1994-03-22 | Orton Glenn A | Cryptographic method for communication and electronic signatures |
US5517614A (en) * | 1992-05-29 | 1996-05-14 | Kabushiki Kaisha Toshiba | Data compression/encryption processing apparatus |
US5237611A (en) * | 1992-07-23 | 1993-08-17 | Crest Industries, Inc. | Encryption/decryption apparatus with non-accessible table of keys |
US5301247A (en) * | 1992-07-23 | 1994-04-05 | Crest Industries, Inc. | Method for ensuring secure communications |
US5222136A (en) * | 1992-07-23 | 1993-06-22 | Crest Industries, Inc. | Encrypted communication system |
CA2128115C (en) * | 1993-07-20 | 1999-08-10 | Keiichi Iwamura | Encryption apparatus, communication system using the same and method therefor |
IL110891A (en) * | 1993-09-14 | 1999-03-12 | Spyrus | System and method for data access control |
US5448641A (en) * | 1993-10-08 | 1995-09-05 | Pitney Bowes Inc. | Postal rating system with verifiable integrity |
US5343527A (en) * | 1993-10-27 | 1994-08-30 | International Business Machines Corporation | Hybrid encryption method and system for protecting reusable software components |
US5455862A (en) * | 1993-12-02 | 1995-10-03 | Crest Industries, Inc. | Apparatus and method for encrypting communications without exchanging an encryption key |
US5539826A (en) * | 1993-12-29 | 1996-07-23 | International Business Machines Corporation | Method for message authentication from non-malleable crypto systems |
US6079327A (en) * | 1994-06-20 | 2000-06-27 | Pitney Bowes Inc. | Dual color non-impact printing for postage meters |
US5586036A (en) * | 1994-07-05 | 1996-12-17 | Pitney Bowes Inc. | Postage payment system with security for sensitive mailer data and enhanced carrier data functionality |
US5838792A (en) * | 1994-07-18 | 1998-11-17 | Bell Atlantic Network Services, Inc. | Computer system for centralized session key distribution, privacy enhanced messaging and information distribution using a split private key public cryptosystem |
CA2158290A1 (en) * | 1994-09-29 | 1996-03-30 | Leon A. Pintsov | Postage evidencing system with secure summary reports |
US5696823A (en) * | 1995-03-31 | 1997-12-09 | Lucent Technologies Inc. | High-bandwidth encryption system with low-bandwidth cryptographic modules |
US6937729B2 (en) * | 1995-04-03 | 2005-08-30 | Scientific-Atlanta, Inc. | Representing entitlements to service in a conditional access system |
US20040136532A1 (en) * | 1995-04-03 | 2004-07-15 | Pinder Howard G. | Partial dual-encrypted stream utilizing program map tables |
US7224798B2 (en) * | 1995-04-03 | 2007-05-29 | Scientific-Atlanta, Inc. | Methods and apparatus for providing a partial dual-encrypted stream in a conditional access overlay system |
US6246767B1 (en) * | 1995-04-03 | 2001-06-12 | Scientific-Atlanta, Inc. | Source authentication of download information in a conditional access system |
US8548166B2 (en) | 1995-04-03 | 2013-10-01 | Anthony J. Wasilewski | Method for partially encrypting program data |
US6252964B1 (en) | 1995-04-03 | 2001-06-26 | Scientific-Atlanta, Inc. | Authorization of services in a conditional access system |
US5812669A (en) * | 1995-07-19 | 1998-09-22 | Jenkins; Lew | Method and system for providing secure EDI over an open network |
CN1155192C (en) * | 1995-07-27 | 2004-06-23 | 通用仪器公司 | Cryptographic system with concealed work factor |
FR2742285B1 (en) * | 1995-12-11 | 1998-01-16 | France Telecom | METHOD OF PERFORMING AN ELECTRONIC TRANSACTION |
US5932119A (en) * | 1996-01-05 | 1999-08-03 | Lazare Kaplan International, Inc. | Laser marking system |
JPH1020778A (en) * | 1996-07-08 | 1998-01-23 | Harumi Takeda | Encoding device, decoding device and ic card |
US5850444A (en) * | 1996-09-09 | 1998-12-15 | Telefonaktienbolaget L/M Ericsson (Publ) | Method and apparatus for encrypting radio traffic in a telecommunications network |
EP0849713A1 (en) * | 1996-12-17 | 1998-06-24 | TELEFONAKTIEBOLAGET L M ERICSSON (publ) | A method and a system for the encryption of codes |
JP3988172B2 (en) * | 1997-04-23 | 2007-10-10 | ソニー株式会社 | Information processing apparatus and method, and recording medium |
US7515712B2 (en) | 1997-08-01 | 2009-04-07 | Cisco Technology, Inc. | Mechanism and apparatus for encapsulation of entitlement authorization in conditional access system |
US7581110B1 (en) * | 1999-08-25 | 2009-08-25 | Nokia Corporation | Key distribution for encrypted broadcast data using minimal system bandwidth |
US6983365B1 (en) * | 2000-05-05 | 2006-01-03 | Microsoft Corporation | Encryption systems and methods for identifying and coalescing identical objects encrypted with different keys |
US7162035B1 (en) | 2000-05-24 | 2007-01-09 | Tracer Detection Technology Corp. | Authentication method and system |
US7152047B1 (en) | 2000-05-24 | 2006-12-19 | Esecure.Biz, Inc. | System and method for production and authentication of original documents |
US7089420B1 (en) | 2000-05-24 | 2006-08-08 | Tracer Detection Technology Corp. | Authentication method and system |
CA2329590C (en) | 2000-12-27 | 2012-06-26 | Certicom Corp. | Method of public key generation |
US8171567B1 (en) | 2002-09-04 | 2012-05-01 | Tracer Detection Technology Corp. | Authentication method and system |
US8396216B2 (en) * | 2003-11-21 | 2013-03-12 | Howard G. Pinder | Partial dual-encryption using program map tables |
KR20060134992A (en) * | 2004-03-31 | 2006-12-28 | 마츠시타 덴끼 산교 가부시키가이샤 | Computer system, computer program, and addition method |
US7995196B1 (en) | 2008-04-23 | 2011-08-09 | Tracer Detection Technology Corp. | Authentication method and system |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4386416A (en) * | 1980-06-02 | 1983-05-31 | Mostek Corporation | Data compression, encryption, and in-line transmission system |
-
1990
- 1990-12-17 US US07/628,247 patent/US5073935A/en not_active Expired - Lifetime
-
1991
- 1991-12-04 CA CA002056886A patent/CA2056886C/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
US5073935A (en) | 1991-12-17 |
CA2056886A1 (en) | 1992-06-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2056886C (en) | Method for secure communication | |
US5602917A (en) | Method for secure session key generation | |
US4503287A (en) | Two-tiered communication security employing asymmetric session keys | |
CA2056935C (en) | Method and apparatus for the reliable authentication of communication | |
CA2213096C (en) | Key management system for mixed-trust environments | |
US5384848A (en) | Encrypted virtual terminal equipment having initialization device for preventing reply attack | |
CA1292790C (en) | Controlled use of cryptographic keys via generating station establishedcontrol values | |
US5313521A (en) | Key distribution protocol for file transfer in the local area network | |
CA2197915C (en) | Cryptographic key recovery system | |
US5519778A (en) | Method for enabling users of a cryptosystem to generate and use a private pair key for enciphering communications between the users | |
US5517567A (en) | Key distribution system | |
US5745576A (en) | Method and apparatus for initialization of cryptographic terminal | |
US6021203A (en) | Coercion resistant one-time-pad cryptosystem that facilitates transmission of messages having different levels of security | |
US7949128B2 (en) | Method and device for the encryption and decryption of data | |
US5444781A (en) | Method and apparatus for decryption using cache storage | |
US20020146118A1 (en) | Method and system for selecting encryption keys from a plurality of encryption keys | |
JPS6127751B2 (en) | ||
WO1990009009A1 (en) | Data carrier and data communication apparatus using the same | |
US20030217263A1 (en) | System and method for secure real-time digital transmission | |
US5351298A (en) | Cryptographic communication method and apparatus | |
US6075864A (en) | Method of establishing secure, digitally signed communications using an encryption key based on a blocking set cryptosystem | |
US5016275A (en) | Buffered encryption/decryption | |
US5949883A (en) | Encryption system for mixed-trust environments | |
KR100388059B1 (en) | Data encryption system and its method using asymmetric key encryption algorithm | |
EP0892519A2 (en) | System and method for secure data transmission |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKLA | Lapsed |