US20160119135A1 - System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths - Google Patents
System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths Download PDFInfo
- Publication number
- US20160119135A1 US20160119135A1 US14/274,090 US201414274090A US2016119135A1 US 20160119135 A1 US20160119135 A1 US 20160119135A1 US 201414274090 A US201414274090 A US 201414274090A US 2016119135 A1 US2016119135 A1 US 2016119135A1
- Authority
- US
- United States
- Prior art keywords
- pattern
- key
- data
- data segments
- segment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 title claims abstract description 123
- 241001441724 Tetraodontidae Species 0.000 claims description 7
- 241000270295 Serpentes Species 0.000 claims description 4
- 238000004891 communication Methods 0.000 claims description 3
- 235000002595 Solanum tuberosum Nutrition 0.000 description 16
- 244000061456 Solanum tuberosum Species 0.000 description 16
- 235000013351 cheese Nutrition 0.000 description 16
- 235000012015 potatoes Nutrition 0.000 description 16
- 235000015278 beef Nutrition 0.000 description 12
- 235000013575 mashed potatoes Nutrition 0.000 description 12
- 230000005540 biological transmission Effects 0.000 description 5
- 235000014121 butter Nutrition 0.000 description 4
- 235000021449 cheeseburger Nutrition 0.000 description 4
- 235000019197 fats Nutrition 0.000 description 4
- 235000013336 milk Nutrition 0.000 description 4
- 239000008267 milk Substances 0.000 description 4
- 210000004080 milk Anatomy 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 241001522296 Erithacus rubecula Species 0.000 description 3
- 238000013478 data encryption standard Methods 0.000 description 3
- 238000013500 data storage Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 239000004615 ingredient Substances 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 239000000463 material Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
- H04L9/0662—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/24—Key scheduling, i.e. generating round keys or sub-keys for block encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/234—Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs
Definitions
- This disclosure relates to information security, and more specifically to applied cryptography.
- Cryptography is the art and science of preparing, transmitting and reading messages in a form intended to prevent the message from being read by those not privy to secrets associated with the form.
- Cryptography is practiced in and widely appreciated for a wide array of applications, including gaming, computer security, healthcare information security, banking information security, military communications, mathematics, intellectual property protection and many others.
- Public key digital signature schemes include methods for signing and verifying digital signatures.
- the signing method creates a data string called a “signature” that is associated with a digital message to bind the message to the signing entity's private key.
- the private key is associated with a corresponding public key, which the recipient of the message uses with a verification method to verify that the received message was, in fact, signed using the associated private key.
- a public key encryption scheme includes methods for encrypting and decrypting plaintext into messages, in which a message encrypted with a party's public key can only be decrypted using the associated private key.
- the disclosure is directed towards information security and establishing data integrity and non-repudiation. More particularly, the disclosure is directed towards securing data that is accomplished using multiple and variable data segment sizes or lengths. Still further, the disclosure is directed to securing data through the use of multiple pattern keys, each key having a different key strength and each key applied to one or more, but not all of the multiple data segments. The sequence for applying various pattern keys to the multiple data segments is identified by a key pattern. This results in a multi-standard, multi-segment paradigm.
- the length of the data segment is determined based upon the PKI pattern key that is used.
- various pattern key strengths are used (i.e., length of the pattern key) and the data segment length is determined in accordance with the PKI paradigm.
- a key pattern identifies the sequence that each pattern key is applied to each data segment.
- the length of the data segment is determined by a random number generated by a Random Number Generator, or other known means. The number indicates the length of the data segment. Thereafter, the pattern key is used to encrypt each data segment. Each such pattern key can have a different key strength from any other pattern key and each data segment length can vary independent of the pattern key lengths.
- a key pattern identifies the sequence that each pattern key is applied to each data segment.
- any cryptographic paradigm may be used in this embodiment.
- a combination of the PKI paradigm determined data segment lengths and the random number data segment lengths may be used together in the cryptographic process.
- a key pattern identifies the sequence that each pattern key is applied to each data segment.
- one or more cryptographic paradigms may be used herein.
- all the plaintext data is first encrypted using an agreed upon password and cryptographic paradigm.
- a plurality of cryptographic paradigms is used in combination so that pattern keys of different cryptographic paradigms can be applied to data segments of differing lengths.
- another embodiment is directed to a system for securing data.
- the system includes a processor, a memory and a Random Number Generator (RNG).
- RNG Random Number Generator
- multiple pattern keys are applied to multiple data segments, in accordance with a key pattern, the key pattern identifies the sequence in which the keys are applied to encrypt the data segments.
- Both the pattern keys and the data segments are of varying lengths.
- the length of the data segment is defined either by the PKI pattern key itself or using a random number generated by the RNG for non-PKI pattern keys.
- the system generates a secure, encrypted message from the plaintext data as a result of the application of the multi-standard, multi-segment process.
- Another embodiment is directed to a system for decrypting the encrypted data to return the original plaintext data.
- the system includes a processor, a memory and a Random Number Generator (RNG).
- RNG Random Number Generator
- multiple pattern keys are applied to multiple data segments, in accordance with a key pattern. Both the pattern keys and the data segments are of variable lengths. The length of the data segment is defined either by the PKI pattern key itself or using the random number generated by the RNG during the encryption process.
- the pattern keys can be used to decrypt the message back into the plaintext form.
- a method for decrypting the encrypted data is disclosed.
- Multiple pattern keys are applied to multiple data segments, in accordance with a key pattern. Both the pattern keys and the data segments are of variable lengths. The length of the data segment is defined either by the PKI pattern key itself or using the random number generated by the RNG during the encryption process. As a result of applying the proper pattern keys to the corresponding data segments, the pattern keys can be used to decrypt the message back into the plaintext form.
- the password is then applied to finally return the data to its original plaintext form.
- system and method need not be limited to any particular environment, system or cryptographic techniques. Any system and method capable of processing the data integrity and non-repudiation routines on any data, software or information may be used. Furthermore, the system and methods may transmit the authenticated data, information and/or software to any type of device, e.g., computers, networks, mobile devices, laptops, tablets and the like.
- FIG. 1 is a general block diagram of an encryption/decryption system that may be used in association with a method of establishing data integrity and non-repudiation;
- FIG. 2 is a logic flow diagram of a method of establishing data integrity and non-repudiation using an encryption process
- FIG. 3 is a logic flow diagram of a method of establishing data integrity and non-repudiation using a decryption process.
- this disclosure is directed towards information security and establishing data integrity and non-repudiation. More particularly, the disclosure is directed towards securing data that is accomplished by using multiple and variable data segment lengths. Still further, the disclosure is directed to securing data through the use of multiple pattern keys, each key having a different key strength and each key applied to one or more, but not all of the varying length data segments.
- a key pattern is used to define and/or identify the sequence that each pattern key is applied to each data segment. It will be appreciated that in other embodiments the key pattern can be any form of indicia so long as the parties and the cryptographic system and method disclosed herein can use such indicia to determine the sequence of pattern key application to each data segment.
- plaintext refers generally to all information, data and any other content in its unencrypted form.
- messages is the encrypted form of the plaintext.
- Data is apportioned into segments of varying lengths. For example, 40 bits, 168 bits, 296 bits, 1960 bits, 16,296 bits, and the like. It should be appreciated that any length data segment may be used and the determination of data segment length may be done in a predetermined manner (PKI) or chosen randomly (RNG). Each data segment may be a different length or, alternatively, some, but not all data segments may be the same length as other data segments.
- PKI predetermined manner
- RNG random
- pattern key 1 may be applied to data segment 1, pattern key 2 to data segment 2, pattern key 3 to data segment 3, and . . . pattern key n to data segment n.
- pattern key 1 may be applied to data segment 1, pattern key 2 to data segment 2, pattern key 3 to data segment 3, and . . . pattern key n to data segment n.
- one or more pattern keys, 1- n may be applied to one or more data segments, 1- n .
- each pattern key, 1- n will have its own key length or strength.
- pattern key 1 may be 128 bits
- pattern key 2 may be 256 bits
- pattern key 3 may be 2048 bits, and the like.
- any key strength number of bits
- pattern keys of different strength can encode approximately 600 bytes of data. If the same key strength is used again and again, then the same segment length or size (e.g., 600 bytes) of the data is used again and again. This presents a detectable pattern of data segment length. However, when various lengths of data segments are used along with various key strength (number of bits) there is no discernible pattern. Therefore, it becomes impossible to know (1) what data segment length was used, (2) what key length or strength was used and (3) which pattern key has been applied to which data segment. This sequence of how each pattern key is applied to each data segment (key pattern) acts as an additional security feature of the disclosed embodiments.
- the key strength is limited to 128 bits, 256 bits, 1024 bits and 2048 bits. This is done to enhance processing times when generating the encrypted output.
- any key strength may be used without departing from the scope and spirit of this disclosure.
- one pattern key may use a Public Key Infrastructure (PKI)
- another pattern key may be Blowfish, Elliptical Curve Cryptography (ECC), Pintsov-Vanstone Signature Scheme with Partial Message Recovery (PVSSR), Advance Encryption Standard (AES), Gamal, Data Encryption standard (DES), TripleDES, Rijndael, XMX, Serpent, Blowfish, Twofish, any combination of these standards, or the like.
- PKI Public Key Infrastructure
- another pattern key may be Blowfish, Elliptical Curve Cryptography (ECC), Pintsov-Vanstone Signature Scheme with Partial Message Recovery (PVSSR), Advance Encryption Standard (AES), Gamal, Data Encryption standard (DES), TripleDES, Rijndael, XMX, Serpent, Blowfish, Twofish, any combination of these standards, or the like.
- EPC Elliptical Curve Cryptography
- PVSSR Pintsov-Vanstone Signature
- the system 10 includes a processor 11 for operating on the data (e.g., encryption/decryption using various algorithms), a Random Number Generator (RNG) 12 for generating a random number (if applicable) for determining the length of a data segment, and a memory 13 for storing a pattern key algorithm table 14 , the key pattern 17 , and the data segment and its length 18 , if necessary.
- the memory 13 includes a table of pattern key algorithms 14 to be applied to the various data segments.
- This pattern key algorithm table 14 is determined and configured in advance by the parties before the cryptographic technology disclosed herein is first used.
- the table 14 includes the particular algorithms for each configuration of the system 10 . That is, the pattern key algorithm table 14 includes the specific algorithm protocols and where in the algorithm table such algorithm(s) are located and called.
- the processor 10 is configured to communicate with the memory 13 to access the one or more pattern key algorithms stored in the pattern key algorithm table 14 .
- the processor 10 then applies each of the pattern keys to each of the various data segments to encrypt the data segments with the appropriate algorithm protocol associated with the pattern key.
- the system 10 also may use the processor 11 to determine the length of the data segments 18 .
- the processor first determines whether a PKI pattern key or non-PKI pattern key is active. If a non-PKI pattern key is active, then the processor 11 accesses the RNG 12 to generate a random number. This random number is used to set the length of the active data segment 18 . This data segment length 18 is then stored in memory 13 so that it may be accessed later during the decryption process. If a PKI pattern key is active, then the length of the data segment 18 is predetermined by the PKI paradigm and need not be stored in the memory 13 .
- plaintext 15 is input into the system 10 .
- Plaintext 15 may be input into the system 10 through any well-known mechanism or process.
- the processor 11 accesses the plaintext 15 and applies the cryptographic technique disclosed above to generate an encrypted version of the plaintext, i.e., a message 16 .
- the message 16 may then be sent to one or more authorized recipients.
- the recipient upon receipt of the encrypted message 16 , can properly decrypt the message (as discussed in detail below) to return to the usable plaintext 15 form using the recipient's system 10 .
- Table 1 illustrates one example of a pattern key algorithm table 14 .
- the pattern keys can be either a PKI pattern key or a non-PKI pattern key (i.e., using a non-PKI cryptographic paradigm).
- a Public Key Infrastructure (PKI) paradigm is used by the system, the key strength (length or size of the key) of the PKI pattern key determines the size of the data segment to which the PKI pattern key is applied. This is a specific requirement of the PKI paradigm.
- the data segment length is determined by dividing the key length (listed in bits) by 8 and then subtracting 11. This provides the length of the data segment in bytes. The PKI pattern key is then applied to this data segment, as discussed in more detail below.
- the length of the data segments 18 are not limited or controlled by the pattern keys.
- the length of the data segment 18 can be randomly chosen using a Random Number Generator (RNG) 12 .
- the processor 11 takes a randomly generated number and creates a data segment 18 having a length corresponding to the random number.
- RNG Random Number Generator
- the processor 11 takes a randomly generated number and creates a data segment 18 having a length corresponding to the random number.
- the length of the data segment 18 using the RNG 12 will be in the range of 96-512 bytes.
- any length data segment may be used herein.
- other methods may be used to determine the length of the data segment, in addition to or in lieu of the RNG 12 generating a random number.
- data segment lengths may be entered manually by a party, tied to another random process, agreed to in advance by the parties when the system is configured, or through use of another set pattern, or the like. All that is necessary is that the length of such data segment 18 is stored in memory 13 along with the data segment so that it may later be retrieved for proper decryption to occur. Once the data segment length 18 is determined in this embodiment, the pattern key algorithm is applied to the data segment to encrypt the data segment.
- each pattern key may use any of the PKI, PVSSR, ECC, AES, DES, TripleDES, Gamal, Rijndael, Twofish, Blowfish, XMX, Serpent, any combination thereof, or the like.
- the disclosed cryptographic technique is not limited to application of any one specific encryption paradigm or protocol.
- all the Plaintext data is first encrypted using a single password, or other cryptographic paradigm. Thereafter, the process continues and applies the multiple pattern keys to the multiple data segments, as previously discussed.
- This One Time Pad (“OTP”) is performed to ensure that “holes” cannot be derived in any of the data in the event a given data segment is decrypted or broken by an unauthorized attack.
- OTP One Time Pad
- pattern keys are applied to which data segments is determined by the key pattern.
- This key pattern is agreed to amongst the parties using the cryptographic process in advance of using the cryptographic process.
- the key pattern defines which algorithm in the pattern key algorithm table is applied to each data segment.
- the key pattern is used to inform the recipient of the encrypted message whether the entire Plaintext data has first been encrypted, and if so, which algorithm was used to create the password.
- the “2” indicates that algorithm 2 (e.g., the second algorithm in the pattern key algorithm table and called from that location) is used to encrypt the next data segment. This continues until all the designated algorithms have been applied to the multiple data segments.
- algorithm 2 e.g., the second algorithm in the pattern key algorithm table and called from that location
- the cycle repeats by returning to the beginning digit following the “.” of the key pattern until all data segments have been processed.
- at least five pattern keys are used; however, one of ordinary skill in the art will appreciate that any number of keys 2- n may be used herein.
- FIG. 2 there is shown one embodiment of the encryption process.
- the parties to the cryptographic transaction configure the system 10 .
- the parties store in the memory 13 (referring to FIG. 1 ), and more particularly in the pattern key algorithm table 14 , the appropriate keys (and their associated cryptographic paradigms) that will be used in the encryption process.
- the key pattern is input to the system 10 .
- the plaintext is input to the system 10 .
- the pattern key algorithms, the plaintext, and the key pattern can be input to the system 10 through any known input device, including but not limited to a keyboard that is in communication with the system 10 , any method of data transmission, e.g., network, wireless, or optical, use of a data file with an input port, any portable data storage device, or the like.
- any known input device including but not limited to a keyboard that is in communication with the system 10 , any method of data transmission, e.g., network, wireless, or optical, use of a data file with an input port, any portable data storage device, or the like.
- the processor 11 After all the pattern keys, key pattern and plaintext are input into the system 10 , the processor 11 operates upon the plaintext data to encrypt the plaintext into an encrypted message.
- Step 207 the process determines whether all the data segments have been encrypted. If true is returned, the process continues at Step 208 and the encrypted data is stored in the memory 13 and/or output as a message. The message may then be transmitted to appropriate recipients of the message for subsequent decryption of the message and use of the resultant plaintext.
- Step 209 the process determines if “n” is greater than the length of the key pattern. If n is greater than the length of the key pattern, then “n” is reset to zero, Step 210 . This Step 210 is performed to enable the key pattern to be repeated as many times as is necessary to encrypt all the data. If n is not greater than the length of the key pattern, then at Step 211 , the process acquires the appropriate pattern key from the list of pattern keys corresponding to the active key pattern number.
- Step 212 the process continues to Step 212 to obtain the appropriate data segment length corresponding to the selected key criteria.
- the key length of the PKI pattern key determines the length of the data segment.
- the length of the data segment is determined by a random number generated by an RNG 12 .
- Step 213 shift the data index by the length of the current data segment. This Step 213 captures the next appropriate data segment (of a specified length) for encryption with the active pattern key. Then, at Step 214 , the data segment is encrypted using the active pattern key.
- Step 215 the process determines whether the pattern key is a length determined key.
- This Step 215 is performed when the RNG has generated the random number that determines the length of the data segment.
- the random length of the data segment must be included in the data stream or else the recipient cannot properly decrypt the message. The recipient would not be able to determine the length of the data segment and this would destroy the continuity of the data set. Therefore, if Step 215 returns true, then the process continues to Step 216 and the length of the encrypted data segment is stored in the data stream and the memory 13 . Along with this data segment length, the encrypted data segment is then stored in memory, Step 217 . If Step 215 returns false, i.e., the key is not a length derived key, then only the encrypted data segment is stored in memory, Step 217 . This is because the PKI pattern key determines the length of the data segment, as previously discussed.
- n is incremented so that the next pattern key in the key pattern can be obtained, Step 218 .
- the cryptographic process continues to cycle until all the data has been encrypted by returning to Step 207 .
- the message must be decrypted to return the data to its original plaintext form.
- the recipient uses a system 10 , such as that described in FIG. 1 above, to perform the decryption process.
- system 10 may be used by each of the parties herein to encrypt and/or decrypt the information and, accordingly, none of the parties are required to use the same system as any other party.
- each data segment of the message is input to system 10 and stored in the memory 13 .
- the processor 11 accesses each data segment of the message from the memory 13 to decrypt the message by applying the appropriate pattern key, as defined by the key pattern 17 .
- each data segment has a segment length 18 that may vary one from the other.
- the processor 11 accesses the pattern key for each data segment to determine the length of each data segment. If a PKI pattern key was used during encryption, the processor 11 knows the length of the data segment.
- the processor 11 In the event the data segment was encrypted with a non-PKI pattern key, the processor 11 must then access the memory 13 to acquire the determined length of this particular data segment. Recall that during encryption of the data segment, when a non-PKI pattern key was used, an RNG 12 generated a random number and this random number was used to determine the length of the data segment 18 . Once the processor 11 has this information, the processor proceeds to decrypt the data segment using the proper data segment length 18 and proper pattern key. Continuing, the processor 11 accesses the next data segment and applies the next appropriate pattern key (in accordance with the key pattern 17 ). The system 10 continues this process until all the data segments have been properly decrypted using the pattern keys.
- the processor 11 will access the key pattern from memory 13 to determine the proper password or cryptographic paradigm to apply to the data segments to complete the decryption process. At this point, the system 10 will have decrypted the message 16 to return to the original plaintext 15 .
- Step 301 the process first obtains the encrypted message.
- This message 16 is input into the system 10 (referring to FIG. 1 ) using any well-known technique, including, but not limited to network transmissions, email, wireless transmission, portable data storage, and the like.
- the processor 11 operates on the message to apply the proper key pattern and associated decryption paradigms (pattern keys) to the message.
- pattern keys and the sequence of their application to the data segments, i.e., the key pattern are acquired at Steps 302 and 303 , respectively.
- Step 304 the process can begin with the first digit of the key pattern.
- Step 305 determines if all the data has been decrypted. If Step 305 returns true, then, at Step 306 , if the original plaintext data has been first encrypted as a whole (Step 205 in FIG. 2 ) then the appropriate decryption process is applied to return the message to its original plaintext form. The recipient may then use the plaintext according to his/her needs after any required clean-up of the data, Step 307 . If the optional OTP was not performed (again Step 205 in FIG. 2 ), then Step 306 is omitted. If Step 305 returns false, then the process continues to Step 308 to determine whether or not the end of the key pattern has been reached. If n is greater than the length of the key pattern, then n is reset to zero to enable the key pattern to repeat from the beginning of the key pattern, step 309 . If n is less than the length of the key pattern, then the process continues at Step 310 .
- the process acquires the appropriate pattern key from the list of pattern keys corresponding to the active pattern key digit. Again, these pattern keys are stored in the pattern key algorithm memory 14 of the memory 13 .
- the process at Step 311 determines if this is a PKI pattern key or a non-PKI pattern key. If a non-PKI pattern key is active, then the process must first obtain the length of the data segment that was determined by the RNG during the encryption process. As such, the process continues to Step 312 to retrieve the length of the encrypted data segment. If, however, in Step 311 the pattern key is not a length derived key using the RNG, then the appropriate length of the data segment for use with the active PKI pattern key is already known based upon the PKI paradigm.
- Step 313 the appropriate length of the encrypted data segment is acquired, whether it is determined by the RNG or the PKI paradigm.
- the data index is then shifted by the appropriate data segment length in Step 314 .
- the appropriate key is applied to the corresponding encrypted data segment to decrypt the data segment, Step 315 .
- Step 316 the decrypted data segment is stored in memory.
- Step 317 n is incremented to the next digit of the key pattern for selecting the next appropriate pattern key. Consequently, the decryption process continues to cycle in a round robin fashion (i.e., back to Step 305 ) until all the data has been decrypted and returned to the original plaintext form.
- Alice has a secret family recipe (plaintext) that she wishes to send to Bob.
- Alice encrypts the recipe (creating a message).
- Alice and Bob In order for this to process to operate properly, Alice and Bob must each have access to the same set of pattern keys, and the sequence the pattern keys are used, key pattern.
- Segment size out: 128 Segment data (encrypted): [[[ 241173c75d38181309a6ac6e6cecd709355a3e70e7ff23fd8efd0ef2cdc94aec5b40e56e576f1ca2c66f30a1 0fec63f3cd7fd4c66118593f5209eefc6e5feda3b103b856d51cfbcb44871fc747cca3c15558bfd5a21c9e9ae f7a122bcf5df3efee22b89b72af1e740c944673d70d91196ba7365455ea68b31eed9e250019c70af ]]]]]]]]]]]]]]]]]]]]]]]]]]] ------ Standard for this segment:
- Segment size out: 64 Segment data (encrypted): [[[ 062d1cd5147173ad87492cbc55ba1b7501fae200806e69516b91b4f0c9db034b9b5e387d119d541819177 f82e1204671f7361aeae2a1da7c22336f551fb5a09e ]]]]] ------ Standard for this segment: TripleDES at index 555 ------ Segment size in (based on random number): 71 Segment data (plain text): [[[[[ potatoes golden brown.
- Segment size out: 104 Segment data (encrypted): [[[ eaf81122033041007684dbe206b209548db9a93d4ba3e7a4558da4ff8bdc25d4cf30421f23fe0795d8ed50 2675dfea6d697d034f9501124ccb53f5f96c8617c301b3b85fb4479002e93b1902ace9e60d274b1eab7816 5321666dfaf43368da507304231c3104de26 ]]]] ------ Standard for this segment: PKI at index 626 ------ Segment size (based on remaining data): 4 Segment data (plain text): [[[[[ .
- Segment data [[[ 062d1cd5147173ad87492cbc55ba1b7501fae200806e69516b91b4f0c9db034b9b5e387d119d541819177 f82e11204671f7361aeae2a1da7c22336f551fb5a09e ]]] Segment data (plain text): [[[[ ° F.
- Segment data [[[ 2f76cc7b219f3b71681b4c1ec50827721d1c2a859dd3a5c4cbf1dfc3688b181e9cac2006d889c8f57f32204c 83bfa61603e138935d7c4d613304c0240beca3941d3288930f7e6efdd1d21545cf7c517c747311be9763fe 169ef269706757717fd3169d4ea05470f5178bf8010ccee3364ab8ac7416df10f3147d41649ada6113 ]]] Segment data (plain text): [[[[[ .
- Embodiments described herein involve combinations of method steps and system elements. These steps and elements may be combined in a plurality of ways to accomplish the same goals.
- One of ordinary skill in the art will appreciate that not all embodiments have all these components and each may have other components in addition to, or in lieu of, those components mentioned herein.
- these components are viewed and described separately, various components may be integrated into a single unit in some embodiments.
Abstract
Description
- This application is a continuation of U.S. patent application Ser. No. 13/489,388, filed Jun. 5, 2012, which is herein incorporated by reference in its entirety.
- A portion of the disclosure of this patent document contains material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all copyright rights whatsoever.
- This disclosure relates to information security, and more specifically to applied cryptography.
- The use of electronic data and other information has become an integral part of daily life. Each day, more and more emails, electronic documents, personal information and other forms of electronic data are transmitted throughout the world by businesses and individuals alike. Accordingly, the need to secure such data from unauthorized use and viewing has also increased
- Cryptography is the art and science of preparing, transmitting and reading messages in a form intended to prevent the message from being read by those not privy to secrets associated with the form. Cryptography is practiced in and widely appreciated for a wide array of applications, including gaming, computer security, healthcare information security, banking information security, military communications, mathematics, intellectual property protection and many others.
- Public key cryptography provides the benefit of using a pair of related keys, including a private key that is typically a closely held secret, and a corresponding public key which may be widely revealed.
- Public key digital signature schemes include methods for signing and verifying digital signatures. The signing method creates a data string called a “signature” that is associated with a digital message to bind the message to the signing entity's private key. The private key is associated with a corresponding public key, which the recipient of the message uses with a verification method to verify that the received message was, in fact, signed using the associated private key.
- A public key encryption scheme includes methods for encrypting and decrypting plaintext into messages, in which a message encrypted with a party's public key can only be decrypted using the associated private key.
- In the past, such prior art cryptography techniques encrypted data to make the data difficult, if not impossible, to decrypt. Such techniques were designed to prevent unauthorized review and/or use of the data by third parties. While such prior art cryptography techniques can, in fact, be very difficult to attack and bypass, such techniques remain vulnerable to attacks for several reasons.
- Many prior art cryptography techniques use only a single data block or segment length when encrypting the data. Accordingly, a discernible pattern can be detected and such patterns aid in attacking and bypassing the benefits associated with using such cryptographic techniques. Still further, many prior art cryptography techniques use only a single key to encode all of the data. Accordingly, the use of a single key applied to all blocks or segments of data similarly provides the basis for finding a pattern that can be used to attack such cryptographic techniques.
- Accordingly, there has been a long felt need for a new, improved and more robust cryptographic technique that can defeat well-known attacks on cryptographic methodologies. The currently disclosed technology readily satisfies this and other needs.
- Briefly, and in general terms, the disclosure is directed towards information security and establishing data integrity and non-repudiation. More particularly, the disclosure is directed towards securing data that is accomplished using multiple and variable data segment sizes or lengths. Still further, the disclosure is directed to securing data through the use of multiple pattern keys, each key having a different key strength and each key applied to one or more, but not all of the multiple data segments. The sequence for applying various pattern keys to the multiple data segments is identified by a key pattern. This results in a multi-standard, multi-segment paradigm.
- In another embodiment, when a Public Key Infrastructure (PKI) paradigm is employed, the length of the data segment is determined based upon the PKI pattern key that is used. In this embodiment, various pattern key strengths are used (i.e., length of the pattern key) and the data segment length is determined in accordance with the PKI paradigm. A key pattern identifies the sequence that each pattern key is applied to each data segment.
- In another embodiment, when a non-PKI pattern key is used, the length of the data segment is determined by a random number generated by a Random Number Generator, or other known means. The number indicates the length of the data segment. Thereafter, the pattern key is used to encrypt each data segment. Each such pattern key can have a different key strength from any other pattern key and each data segment length can vary independent of the pattern key lengths. A key pattern identifies the sequence that each pattern key is applied to each data segment. In addition, any cryptographic paradigm may be used in this embodiment.
- In still another embodiment, a combination of the PKI paradigm determined data segment lengths and the random number data segment lengths may be used together in the cryptographic process. A key pattern identifies the sequence that each pattern key is applied to each data segment. Again, one or more cryptographic paradigms may be used herein.
- In another embodiment, before the pattern keys are applied to the multiple data segments, all the plaintext data is first encrypted using an agreed upon password and cryptographic paradigm.
- In still another embodiment, a plurality of cryptographic paradigms is used in combination so that pattern keys of different cryptographic paradigms can be applied to data segments of differing lengths.
- Still further, another embodiment is directed to a system for securing data. The system includes a processor, a memory and a Random Number Generator (RNG). Using the processor, multiple pattern keys are applied to multiple data segments, in accordance with a key pattern, the key pattern identifies the sequence in which the keys are applied to encrypt the data segments. Both the pattern keys and the data segments are of varying lengths. The length of the data segment is defined either by the PKI pattern key itself or using a random number generated by the RNG for non-PKI pattern keys. As a result, the system generates a secure, encrypted message from the plaintext data as a result of the application of the multi-standard, multi-segment process.
- Another embodiment is directed to a system for decrypting the encrypted data to return the original plaintext data. The system includes a processor, a memory and a Random Number Generator (RNG). Using the processor, multiple pattern keys are applied to multiple data segments, in accordance with a key pattern. Both the pattern keys and the data segments are of variable lengths. The length of the data segment is defined either by the PKI pattern key itself or using the random number generated by the RNG during the encryption process. As a result of applying the proper pattern keys to the corresponding data segments, the pattern keys can be used to decrypt the message back into the plaintext form.
- And in yet another embodiment, a method for decrypting the encrypted data is disclosed. Multiple pattern keys are applied to multiple data segments, in accordance with a key pattern. Both the pattern keys and the data segments are of variable lengths. The length of the data segment is defined either by the PKI pattern key itself or using the random number generated by the RNG during the encryption process. As a result of applying the proper pattern keys to the corresponding data segments, the pattern keys can be used to decrypt the message back into the plaintext form.
- For each of the decryption system and method embodiments, in the event the original plaintext message was first encrypted by a password before the pattern key encryption process began, (performed to create a one time pad of the data for enhanced security) once decryption of the data segments is complete, the password is then applied to finally return the data to its original plaintext form.
- Of course, one of ordinary skill in the art will appreciate that the above system and method need not be limited to any particular environment, system or cryptographic techniques. Any system and method capable of processing the data integrity and non-repudiation routines on any data, software or information may be used. Furthermore, the system and methods may transmit the authenticated data, information and/or software to any type of device, e.g., computers, networks, mobile devices, laptops, tablets and the like.
- Other features will become apparent from the following detailed description, taken in conjunction with the accompanying drawings, which illustrate by way of example, the features of the various embodiments.
-
FIG. 1 is a general block diagram of an encryption/decryption system that may be used in association with a method of establishing data integrity and non-repudiation; -
FIG. 2 is a logic flow diagram of a method of establishing data integrity and non-repudiation using an encryption process; and -
FIG. 3 is a logic flow diagram of a method of establishing data integrity and non-repudiation using a decryption process. - Protecting information security is critical in today's information intensive society. Verifying the accuracy of information to provide trustworthiness is essential. In many different environments, sensitive data and information is transmitted from one location to another. The receiving party must be able to verify the authenticity of the information and the sender must be able to rely upon the information being transmitted securely.
- Accordingly, this disclosure is directed towards information security and establishing data integrity and non-repudiation. More particularly, the disclosure is directed towards securing data that is accomplished by using multiple and variable data segment lengths. Still further, the disclosure is directed to securing data through the use of multiple pattern keys, each key having a different key strength and each key applied to one or more, but not all of the varying length data segments. A key pattern is used to define and/or identify the sequence that each pattern key is applied to each data segment. It will be appreciated that in other embodiments the key pattern can be any form of indicia so long as the parties and the cryptographic system and method disclosed herein can use such indicia to determine the sequence of pattern key application to each data segment.
- One of ordinary skill in the art will appreciate that the methods, functionality and features described herein may be embodied in whole or in part in software which operates on a standalone, server, or a distributed system and may be in the form of firmware, an application program, an applet, a plug-in, a COM object, a dynamic linked library, a script, one or more subroutines, or an operating system component or service.
- Still further, one of ordinary skill in the art will appreciate that the disclosed cryptographic process may be used in the same manner as any other known cryptographic technique and applied accordingly. As used herein, “plaintext” refers generally to all information, data and any other content in its unencrypted form. As used herein, “message” is the encrypted form of the plaintext.
- In general, by way of example only and not by way of limitation, the disclosed cryptographic process will now be discussed in more detail.
- Data is apportioned into segments of varying lengths. For example, 40 bits, 168 bits, 296 bits, 1960 bits, 16,296 bits, and the like. It should be appreciated that any length data segment may be used and the determination of data segment length may be done in a predetermined manner (PKI) or chosen randomly (RNG). Each data segment may be a different length or, alternatively, some, but not all data segments may be the same length as other data segments.
- In accordance with a key pattern, which defines a sequence, two or more pattern keys are applied to the data segments. More particularly, pattern key 1 may be applied to data segment 1, pattern key 2 to data segment 2, pattern key 3 to data segment 3, and . . . pattern key n to data segment n. It will be appreciated that one or more pattern keys, 1-n, may be applied to one or more data segments, 1-n. In general, each pattern key, 1-n, will have its own key length or strength. For example, pattern key 1 may be 128 bits, pattern key 2 may be 256 bits, pattern key 3 may be 2048 bits, and the like. However, one of ordinary skill in the art will appreciate that any key strength (number of bits) may be used for each pattern key and, further, that one or more pattern keys may each have the same key strength.
- The reason for using pattern keys of different strength is to avoid patterns in the encrypted data. For example, a key strength of 2048 bit can encode approximately 600 bytes of data. If the same key strength is used again and again, then the same segment length or size (e.g., 600 bytes) of the data is used again and again. This presents a detectable pattern of data segment length. However, when various lengths of data segments are used along with various key strength (number of bits) there is no discernible pattern. Therefore, it becomes impossible to know (1) what data segment length was used, (2) what key length or strength was used and (3) which pattern key has been applied to which data segment. This sequence of how each pattern key is applied to each data segment (key pattern) acts as an additional security feature of the disclosed embodiments.
- In short, by using different key strengths on different data segment lengths, there is nothing in the data to delineate each segment (e.g., segment 1 from segment 2) or the sequence in which each pattern key was applied to each data segment. Consequently, even if a third party acquires the pattern keys used in the cryptographic process, unless the sequence of how each pattern key is applied to each data segment is known, it is not possible to determine such sequence to decrypt the information.
- In a preferred embodiment, the key strength is limited to 128 bits, 256 bits, 1024 bits and 2048 bits. This is done to enhance processing times when generating the encrypted output. However, it is to be understood that any key strength may be used without departing from the scope and spirit of this disclosure.
- Still further, in another embodiment, different cryptographic paradigms may be used in addition to the various data segment lengths and/or pattern key strengths. By way of example only and not by way of limitation, one pattern key may use a Public Key Infrastructure (PKI), whereas another pattern key may be Blowfish, Elliptical Curve Cryptography (ECC), Pintsov-Vanstone Signature Scheme with Partial Message Recovery (PVSSR), Advance Encryption Standard (AES), Gamal, Data Encryption standard (DES), TripleDES, Rijndael, XMX, Serpent, Blowfish, Twofish, any combination of these standards, or the like. In other words, the disclosed cryptographic technique is not limited to the use of any one specific encryption paradigm. This provides enhanced flexibility and security capabilities.
- Referring now to the drawings, wherein like reference numerals denote like or corresponding parts throughout the drawings, and more particularly to
FIG. 1 , there is shown ageneral system 10 configured for use in performing the disclosed cryptographic process. Thesystem 10 includes aprocessor 11 for operating on the data (e.g., encryption/decryption using various algorithms), a Random Number Generator (RNG) 12 for generating a random number (if applicable) for determining the length of a data segment, and amemory 13 for storing a pattern key algorithm table 14, thekey pattern 17, and the data segment and itslength 18, if necessary. Specifically, thememory 13 includes a table of patternkey algorithms 14 to be applied to the various data segments. This pattern key algorithm table 14 is determined and configured in advance by the parties before the cryptographic technology disclosed herein is first used. The table 14 includes the particular algorithms for each configuration of thesystem 10. That is, the pattern key algorithm table 14 includes the specific algorithm protocols and where in the algorithm table such algorithm(s) are located and called. Using the sequence defined by thekey pattern 17, theprocessor 10 is configured to communicate with thememory 13 to access the one or more pattern key algorithms stored in the pattern key algorithm table 14. Theprocessor 10 then applies each of the pattern keys to each of the various data segments to encrypt the data segments with the appropriate algorithm protocol associated with the pattern key. - As is discussed in greater detail below, the
system 10 also may use theprocessor 11 to determine the length of thedata segments 18. When a pattern key is applied, the processor first determines whether a PKI pattern key or non-PKI pattern key is active. If a non-PKI pattern key is active, then theprocessor 11 accesses theRNG 12 to generate a random number. This random number is used to set the length of theactive data segment 18. Thisdata segment length 18 is then stored inmemory 13 so that it may be accessed later during the decryption process. If a PKI pattern key is active, then the length of thedata segment 18 is predetermined by the PKI paradigm and need not be stored in thememory 13. - In summary, therefore,
plaintext 15 is input into thesystem 10.Plaintext 15 may be input into thesystem 10 through any well-known mechanism or process. Theprocessor 11 accesses theplaintext 15 and applies the cryptographic technique disclosed above to generate an encrypted version of the plaintext, i.e., amessage 16. Themessage 16 may then be sent to one or more authorized recipients. The recipient, upon receipt of theencrypted message 16, can properly decrypt the message (as discussed in detail below) to return to theusable plaintext 15 form using the recipient'ssystem 10. - One of ordinary skill in the art will appreciate that not all systems have all these components and may have other components in addition to, or in lieu of, those components mentioned here. Furthermore, while these components are viewed and described separately, various components may be integrated into a single unit in some embodiments.
- By way of example and not by way of limitation, Table 1 illustrates one example of a pattern key algorithm table 14.
-
TABLE 1 Pattern Key Algorithms Key Length Password Index Standard Bits Byte Length 1 PKI 384 2 PKI 512 3 TripleDES 225 4 PKI 1024 5 AES 98 6 PKI 2048 7 Rijndael 90 8 PKI 4096 9 PKI 8192 - As illustrated in Table 1, the pattern keys can be either a PKI pattern key or a non-PKI pattern key (i.e., using a non-PKI cryptographic paradigm). When a Public Key Infrastructure (PKI) paradigm is used by the system, the key strength (length or size of the key) of the PKI pattern key determines the size of the data segment to which the PKI pattern key is applied. This is a specific requirement of the PKI paradigm. Generally, as shown in Table 2, the data segment length is determined by dividing the key length (listed in bits) by 8 and then subtracting 11. This provides the length of the data segment in bytes. The PKI pattern key is then applied to this data segment, as discussed in more detail below.
-
TABLE 2 Given a PKI pattern key, the following Table displays relevant data segment lengths: Key Length Segment Length Segment Lengths (in bits) (Key length/8) − 11 (in bits) 128 5 40 256 21 168 384 37 296 512 53 424 1024 117 936 2048 245 1960 4096 501 4008 8192 1013 5104 16384 2037 16296 - When other algorithms (non-PKI cryptographic paradigms) are used, the length of the
data segments 18 are not limited or controlled by the pattern keys. In this embodiment, the length of thedata segment 18 can be randomly chosen using a Random Number Generator (RNG) 12. Theprocessor 11 takes a randomly generated number and creates adata segment 18 having a length corresponding to the random number. Generally, the length of thedata segment 18 using theRNG 12 will be in the range of 96-512 bytes. However, it will be appreciated that any length data segment may be used herein. Furthermore, it will be appreciated that other methods may be used to determine the length of the data segment, in addition to or in lieu of theRNG 12 generating a random number. By way of example only, data segment lengths may be entered manually by a party, tied to another random process, agreed to in advance by the parties when the system is configured, or through use of another set pattern, or the like. All that is necessary is that the length ofsuch data segment 18 is stored inmemory 13 along with the data segment so that it may later be retrieved for proper decryption to occur. Once thedata segment length 18 is determined in this embodiment, the pattern key algorithm is applied to the data segment to encrypt the data segment. - Accordingly, multiple data segments of different lengths are used with pattern keys of different strength (bit lengths). In addition, this technique enables the use of more than one cryptographic paradigm to be applied to one or more of the data segments and such application may be performed in any sequence. By way of example and not by way of limitation, each pattern key may use any of the PKI, PVSSR, ECC, AES, DES, TripleDES, Gamal, Rijndael, Twofish, Blowfish, XMX, Serpent, any combination thereof, or the like. In other words, the disclosed cryptographic technique is not limited to application of any one specific encryption paradigm or protocol.
- In an alternative embodiment, all the Plaintext data is first encrypted using a single password, or other cryptographic paradigm. Thereafter, the process continues and applies the multiple pattern keys to the multiple data segments, as previously discussed. In this way, the system provides a One Time Pad to the encryption process. This One Time Pad (“OTP”) is performed to ensure that “holes” cannot be derived in any of the data in the event a given data segment is decrypted or broken by an unauthorized attack. By first encrypting all the data, if a hole is subsequently discovered by an attacker, it will not be possible for the attacker to determine the existence of such a hole. Without this step, if a hole is found in a broken data segment, the attacker may merely move through the data byte by byte until a subsequent hole in the data is located. Although a painstaking process, moving through the data in this manner may aid the attacker in his illicit attempt to decrypt the data. By first encrypting the data before applying the cryptographic techniques of the current disclosure, the attacker will not know that a hole has been located in the first instance.
- As discussed above, which pattern keys are applied to which data segments is determined by the key pattern. This key pattern is agreed to amongst the parties using the cryptographic process in advance of using the cryptographic process. Using pattern keys, the key pattern defines which algorithm in the pattern key algorithm table is applied to each data segment. In addition, the key pattern is used to inform the recipient of the encrypted message whether the entire Plaintext data has first been encrypted, and if so, which algorithm was used to create the password.
- By way of example, and not by way of limitation, a sample key pattern is 3.1254. This number represents the sequence of how each pattern key (and its associated cryptographic algorithm) is applied to each data segment during the encryption process. The first number (or any other symbol, indicia or phrase) located in front of the “.” indicates that the entire plaintext data is first encrypted. In this example, the “3” digit indicates that the plaintext is first encrypted using algorithm 3 from the pattern key algorithm table to create a password. Thereafter, the “1” following the “.” indicates that algorithm 1 (e.g., the first algorithm stored in the table and called from that location) is used to encrypt the first data segment. Next, the “2” indicates that algorithm 2 (e.g., the second algorithm in the pattern key algorithm table and called from that location) is used to encrypt the next data segment. This continues until all the designated algorithms have been applied to the multiple data segments. At the end of the key pattern, e.g., digit “4” in the above example, the cycle repeats by returning to the beginning digit following the “.” of the key pattern until all data segments have been processed. In a preferred embodiment, at least five pattern keys are used; however, one of ordinary skill in the art will appreciate that any number of keys 2-n may be used herein.
- Once all the plaintext has been encrypted, the encrypted plaintext (message) is sent to an authorized recipient using any well-known technique, including, but not limited to email, network transmission, wireless transmission, portable data storage, or the like. Since the pattern key algorithm table and the key pattern was previously configured by the parties before the application of the cryptographic process, the receiving party simply uses the key pattern to apply the decryption protocol for each pattern key algorithm as it has been applied to each data segment during encryption. It is noted that in some embodiments, the key pattern also may be sent to the recipient, but generally this is not done to best preserve the sequence of the encryption process. Finally, if the plaintext data was initially encrypted with a password before the pattern key cryptography began, the first number located before the “.” will so indicate to the receiving party so that a final decryption process may be completed to retrieve the original, unencrypted plaintext.
- Referring again to the drawings, and more particularly to
FIG. 2 , there is shown one embodiment of the encryption process. - Beginning at
Step 201, the parties to the cryptographic transaction configure thesystem 10. AtStep 202, the parties store in the memory 13 (referring toFIG. 1 ), and more particularly in the pattern key algorithm table 14, the appropriate keys (and their associated cryptographic paradigms) that will be used in the encryption process. Next, atStep 203, the key pattern is input to thesystem 10. At Step 204, the plaintext is input to thesystem 10. It will be appreciated that the pattern key algorithms, the plaintext, and the key pattern can be input to thesystem 10 through any known input device, including but not limited to a keyboard that is in communication with thesystem 10, any method of data transmission, e.g., network, wireless, or optical, use of a data file with an input port, any portable data storage device, or the like. - After all the pattern keys, key pattern and plaintext are input into the
system 10, theprocessor 11 operates upon the plaintext data to encrypt the plaintext into an encrypted message. - Optionally, at
Step 205, all the plaintext may first be encrypted with a password. The password is determined by the parties during the configuration phase of thesystem 10. As discussed above, thisStep 205 is used to prevent an attacker from discovering any useful information should a broken segment be discovered by the attacker. Thereafter, the process continues to Step 206 where thesystem 10 is initialized. The variable “n” is reset to zero. The variable, n, corresponds to digit placement within the key pattern. By resetting n to zero, the encryption process begins at the start of the key pattern, i.e., the first digit of the key pattern. - At
Step 207, the process determines whether all the data segments have been encrypted. If true is returned, the process continues atStep 208 and the encrypted data is stored in thememory 13 and/or output as a message. The message may then be transmitted to appropriate recipients of the message for subsequent decryption of the message and use of the resultant plaintext. - If some data remains to be encrypted, then the process continues and cycles through the data segments in a round robin fashion. At
Step 209, the process determines if “n” is greater than the length of the key pattern. If n is greater than the length of the key pattern, then “n” is reset to zero,Step 210. ThisStep 210 is performed to enable the key pattern to be repeated as many times as is necessary to encrypt all the data. If n is not greater than the length of the key pattern, then atStep 211, the process acquires the appropriate pattern key from the list of pattern keys corresponding to the active key pattern number. - Once the selected pattern key is acquired, the process continues to Step 212 to obtain the appropriate data segment length corresponding to the selected key criteria. Recall, when using PKI, the key length of the PKI pattern key determines the length of the data segment. However, if the PKI paradigm is not being used with the active pattern key, then the length of the data segment is determined by a random number generated by an
RNG 12. - Following
Step 212, the process continues atStep 213 to shift the data index by the length of the current data segment. ThisStep 213 captures the next appropriate data segment (of a specified length) for encryption with the active pattern key. Then, atStep 214, the data segment is encrypted using the active pattern key. - Thereafter, the process continues at
Step 215 where the process determines whether the pattern key is a length determined key. ThisStep 215 is performed when the RNG has generated the random number that determines the length of the data segment. The random length of the data segment must be included in the data stream or else the recipient cannot properly decrypt the message. The recipient would not be able to determine the length of the data segment and this would destroy the continuity of the data set. Therefore, ifStep 215 returns true, then the process continues to Step 216 and the length of the encrypted data segment is stored in the data stream and thememory 13. Along with this data segment length, the encrypted data segment is then stored in memory,Step 217. IfStep 215 returns false, i.e., the key is not a length derived key, then only the encrypted data segment is stored in memory,Step 217. This is because the PKI pattern key determines the length of the data segment, as previously discussed. - After storing the encrypted data segment, n is incremented so that the next pattern key in the key pattern can be obtained,
Step 218. The cryptographic process continues to cycle until all the data has been encrypted by returning toStep 207. - Once an authorized recipient receives the encrypted message, the message must be decrypted to return the data to its original plaintext form. The recipient uses a
system 10, such as that described inFIG. 1 above, to perform the decryption process. However, one of ordinary skill in the art will appreciate that variations of thesystem 10 may be used by each of the parties herein to encrypt and/or decrypt the information and, accordingly, none of the parties are required to use the same system as any other party. - By way of example only, and referring back to
FIG. 1 , there is shown one embodiment of thesystem 10 used to decrypt themessage 16. Themessage 16 is input tosystem 10 and stored in thememory 13. Thereafter, theprocessor 11 accesses each data segment of the message from thememory 13 to decrypt the message by applying the appropriate pattern key, as defined by thekey pattern 17. Recall, each data segment has asegment length 18 that may vary one from the other. Theprocessor 11 accesses the pattern key for each data segment to determine the length of each data segment. If a PKI pattern key was used during encryption, theprocessor 11 knows the length of the data segment. In the event the data segment was encrypted with a non-PKI pattern key, theprocessor 11 must then access thememory 13 to acquire the determined length of this particular data segment. Recall that during encryption of the data segment, when a non-PKI pattern key was used, anRNG 12 generated a random number and this random number was used to determine the length of thedata segment 18. Once theprocessor 11 has this information, the processor proceeds to decrypt the data segment using the properdata segment length 18 and proper pattern key. Continuing, theprocessor 11 accesses the next data segment and applies the next appropriate pattern key (in accordance with the key pattern 17). Thesystem 10 continues this process until all the data segments have been properly decrypted using the pattern keys. - If the event the plaintext data was first encrypted by a password before the pattern key encryption process began, the
processor 11 will access the key pattern frommemory 13 to determine the proper password or cryptographic paradigm to apply to the data segments to complete the decryption process. At this point, thesystem 10 will have decrypted themessage 16 to return to theoriginal plaintext 15. - More particularly, and referring now to
FIG. 3 , there is shown another embodiment of a decryption process. Beginning atStep 301, the process first obtains the encrypted message. Thismessage 16 is input into the system 10 (referring toFIG. 1 ) using any well-known technique, including, but not limited to network transmissions, email, wireless transmission, portable data storage, and the like. Thereafter, theprocessor 11 operates on the message to apply the proper key pattern and associated decryption paradigms (pattern keys) to the message. The pattern keys and the sequence of their application to the data segments, i.e., the key pattern, are acquired atSteps system 10 was initially configured for use with the disclosed cryptographic technique. The process continues by initializing thesystem 10 and setting n to zero,Step 304. By setting n to zero, the process can begin with the first digit of the key pattern. - The process continues at
Step 305 to determine if all the data has been decrypted. IfStep 305 returns true, then, atStep 306, if the original plaintext data has been first encrypted as a whole (Step 205 inFIG. 2 ) then the appropriate decryption process is applied to return the message to its original plaintext form. The recipient may then use the plaintext according to his/her needs after any required clean-up of the data,Step 307. If the optional OTP was not performed (again Step 205 inFIG. 2 ), then Step 306 is omitted. IfStep 305 returns false, then the process continues to Step 308 to determine whether or not the end of the key pattern has been reached. If n is greater than the length of the key pattern, then n is reset to zero to enable the key pattern to repeat from the beginning of the key pattern,step 309. If n is less than the length of the key pattern, then the process continues atStep 310. - At
Step 310, the process acquires the appropriate pattern key from the list of pattern keys corresponding to the active pattern key digit. Again, these pattern keys are stored in the patternkey algorithm memory 14 of thememory 13. Next, the process atStep 311 determines if this is a PKI pattern key or a non-PKI pattern key. If a non-PKI pattern key is active, then the process must first obtain the length of the data segment that was determined by the RNG during the encryption process. As such, the process continues to Step 312 to retrieve the length of the encrypted data segment. If, however, inStep 311 the pattern key is not a length derived key using the RNG, then the appropriate length of the data segment for use with the active PKI pattern key is already known based upon the PKI paradigm. - At
Step 313, the appropriate length of the encrypted data segment is acquired, whether it is determined by the RNG or the PKI paradigm. The data index is then shifted by the appropriate data segment length inStep 314. Thereafter, the appropriate key is applied to the corresponding encrypted data segment to decrypt the data segment,Step 315. - The process then continues at
Step 316 so that the decrypted data segment is stored in memory. AtStep 317, n is incremented to the next digit of the key pattern for selecting the next appropriate pattern key. Consequently, the decryption process continues to cycle in a round robin fashion (i.e., back to Step 305) until all the data has been decrypted and returned to the original plaintext form. - Continuing, by way of example only, and not by way of limitation, the following is one implementation of the disclosed cryptographic process, as applied to the following plaintext:
- Alice has a secret family recipe (plaintext) that she wishes to send to Bob. Using the disclosed cryptographic process, Alice encrypts the recipe (creating a message). In order for this to process to operate properly, Alice and Bob must each have access to the same set of pattern keys, and the sequence the pattern keys are used, key pattern.
- For the purposes of this example only, and not by way of limitation, the following pattern keys are used:
- 1 384 bit PKI
- 2 512 bit PKI
- 3 TripleDES based password from 64 to 256 characters long
- 4 1024 bit PKI
- 5 AES based password from 96 to 128 characters long
- 6 2048 bit PKI
- 7 Rijndael based password from 64 to 256 characters long
- 8 4096 bit PKI
- 9 8192 bit PKI
- Alice and Bob have agreed to initially obfuscate the data with a One Time Pad (OTP) based on the phrase ‘testphrase’. They have also agreed to use a key pattern of 12345 (any pattern here would work as long as it is based on the agreed upon key set). The following pattern is thus used to encrypt/decrypt the data segments:
-
- 1 For encryption, (since they agree to an initial pass) the entire data stream is encrypted with an OTP based on their agreed phrase.
- 2 The first data segment uses the 384 bit PKI to encrypt a data segment that is 37 bytes long (the length of the data segment being determined by the PKI key requirements, as discussed above).
- 3 The second data segment uses the 384 bit PKI to encrypt the next data segment that is also 37 bytes long (again, as determined by the PKI key requirements).
- 4 The third data segment uses the password data that is n bytes long (as determined by the random number generator, as discussed above)
- 5 The fourth data segment uses the 1024 bit PKI to encrypt the data segment that is 37 bytes long (as determined by the PKI key requirements)
- 6 The fifth data segment uses the password data n bytes long (as determined by the random number generator)
- 7 At this point in the process, the pattern key is exhausted and the process returns to the first key and in a round robin fashion the process cycles again until all the data is encrypted or decrypted.
- 8 For decryption, (since Alice and Bob agree to an initial OTP pass through the plaintext) the entire data stream is decrypted with the OTP based on Alice and Bob's agreed to phrase and the associated cryptographic paradigm.
- Applying the above to the recipe (plaintext), the following resultant encrypted message is created, as illustrated in Table 3:
-
TABLE 3 --------------------------- Encryption --------------------------- --------------------------- Step 0 - Initial data Cheeseburger Mashed Potato Pie Ingredients Slow: 4 large skinned and boiled potatoes Fast: 1 (4⅞ ounce) packet mashed potatoes ¼-½ cup butter Both ½ lb. ground beef, 2 cups shredded/sliced cheese Directions 1 Fry the beef in a nonstick pan, and when finished, drain off the fat and set it aside. 2 Prepare mashed potatoes, add milk and whip until creamy. 3 In medium baking dish, layer potatoes, beef, ½ of cheese, potatoes, rest of cheese on top. 4 Place in 350° F. oven, bake until cheese is melted and part of the potatoes golden brown. 5 Let it set for five minutes and then serve. --------------------------- --------------------------- Segment processing --------------------------- ------ Standard for this segment: PKI at index 0 ------ Segment size in (predetermined due to key strength): 37 Segment data (plain text): [[[ Cheeseburger Mashed Potato Pie Ing ]]] Segment size out: 48 Segment data (encrypted): [[[ 196f989dbbbda49be77d3e7ee2f9e1b28878b10809796ee9ae2bba9fada0368e566efef827216c4b094b8b 2ebdbb42e5 ]]] ------ Standard for this segment: PKI at index 37 ------ Segment size in (predetermined due to key strength): 53 Segment data (plain text): [[[ Ingredients Slow: 4 large skinned and boiled potatoes ]]] Segment size out: 64 Segment data (encrypted): [[[ 38ce64492935fff489c286a43de9ebfd274ee3883ff6e3df299a6fa3f3bb1563e6c3ec2a698bd2ef3bf34d946 1987bad725574f132200e38ff81c04400f11c4b ]]] ------ Standard for this segment: TripleDES at index 90 ------ Segment size in (based on random number): 78 Segment data (plain text): [[[ Fast: 1 (4⅞ ounce) packet mashed potatoes ¼-½ cup butter Both ]]] Segment size out: 112 Segment data (encrypted): [[[ 445fa247af13a53590767babef49c02d23cafeb364da2289b61a2f6884b546dca5ac38f779f52ae6eb9ddf60 a2dd4ea16aefab4747dcff40172c2dc1e48fc97b09f3205f6011c8d28b0b9f44649913143acf7680f9ef6055f 3eb419886bad1ffe6358d0e420272b89a44f9d7a5005d9e ]]] ------ Standard for this segment: PKI at index 168 ------ Segment size in (predetermined due to key strength): 117 Segment data (plain text): [[[ ½ lb. ground beef, 2 cups shredded/sliced cheese Directions 1 Fry the beef in a nonstick pan, and when finished ]]] Segment size out: 128 Segment data (encrypted): [[[ 241173c75d38181309a6ac6e6cecd709355a3e70e7ff23fd8efd0ef2cdc94aec5b40e56e576f1ca2c66f30a1 0fec63f3cd7fd4c66118593f5209eefc6e5feda3b103b856d51cfbcb44871fc747cca3c15558bfd5a21c9e9ae f7a122bcf5df3efee22b89b72af1e740c944673d70d91196ba7365455ea68b31eed9e250019c70af ]]] ------ Standard for this segment: AES at index 285 ------ Segment size in (based on random number): 180 Segment data (plain text): [[[ , drain off the fat and set it aside. 2 Prepare mashed potatoes, add milk and whip until creamy. 3 In medium baking dish, layer potatoes, beef, ½ of cheese, potatoes, res ]]] Segment size out: 240 Segment data (encrypted): [[[ ce50dc5abebbde9f4563f611a22afac7a7e5182ca11644f01eb5cf0a0f75dc72ad0496ad923d9641197f58fc ed8d0bac9175b4b77029731468ac3a6ea198053dc1a154b0fb18a9828fea1968c38749de5a96be515f437f fe4c77a42b96f95aa85ce68db22ec2b50951f227619e310aee8b41cd8b4bf4133c2bf8c9cbecd9710ed9ae24 f87c112c59639cbbb58beecac10da47a3004d9ba505ae7b4dff225de731c9cfbfd12f24bf6c091ef3fe77b276 1098914fbbe5f4cde2b61b770a42bdff1a626ac43ec44b4c1a2749944e8fe87ec2c0b4a16e7dbc12a100a7c 27d647add5995196da3cdb5573590a09936d615e38a0 ]]] ------ Standard for this segment: PKI at index 465 ------ Segment size in (predetermined due to key strength): 37 Segment data (plain text): [[[ t of cheese on top. 4 Place in 350 ]]] Segment size out: 48 Segment data (encrypted): [[[ 445bbb586c3c6bb5f31142d90875eb8bcd9d84cdf8438f499b3bc49cc7a86379ac5dc6507a5e2ecb001271 d1d992cec5f ]]] ------ Standard for this segment: PKI at index 502 ------ Segment size in (predetermined due to key strength): 53 Segment data (plain text): [[[ ° F. oven, bake until cheese is melted and part of the ]]] Segment size out: 64 Segment data (encrypted): [[[ 062d1cd5147173ad87492cbc55ba1b7501fae200806e69516b91b4f0c9db034b9b5e387d119d541819177 f82e1204671f7361aeae2a1da7c22336f551fb5a09e ]]] ------ Standard for this segment: TripleDES at index 555 ------ Segment size in (based on random number): 71 Segment data (plain text): [[[ potatoes golden brown. 5 Let it set for five minutes and then serve ]]] Segment size out: 104 Segment data (encrypted): [[[ eaf81122033041007684dbe206b209548db9a93d4ba3e7a4558da4ff8bdc25d4cf30421f23fe0795d8ed50 2675dfea6d697d034f9501124ccb53f5f96c8617c301b3b85fb4479002e93b1902ace9e60d274b1eab7816 5321666dfaf43368da507304231c3104de26 ]]] ------ Standard for this segment: PKI at index 626 ------ Segment size (based on remaining data): 4 Segment data (plain text): [[[ . ]]] Segment size out: 128 Segment data (encrypted): [[[ 2f76cc7b219f3b71681b4c1ec50827721d1c2a859dd3a5c4cbf1dfc3688b181e9cac2006d889c8f57f32204c 83bfa61603e138935d7c4d613304c0240beca3941d3288930f7e6efdd1d21545cf7c517c747311be9763fe 169ef269706757717fd3169d4ea05470f5178bf8010ccee3364ab8ac7416df10f3147d41649ada6113 ]]] --------------------------- Step n - Final view --------------------------- 196f989dbbbda49be77d3e7ee2f9e1b28878b10809796ee9ae2bba9fada0368e566efef827216c4b094b8b 2ebdbb42e538ce64492935fff489c286a43de9ebfd274ee3883ff6e3df299a6fa3f3bb1563e6c3ec2a698bd2 ef3bf34d9461987bad725574f132200e38ff81c04400f11c4b70000000445fa247af13a53590767babef49c0 2d23cafeb364da2289b61a2f6884b546dca5ac38f779f52ae6eb9ddf60a2dd4ea16aefab4747dcff40172c2d c1e48fc97b09f3205f6011c8d28b0b9f44649913143acf7680f9ef6055f3eb419886bad1ffe6358d0e420272 b89a44f9d7a5005d9e241173c75d38181309a6ac6e6cecd709355a3e70e7ff23fd8efd0ef2cdc94aec5b40e 56e576f1ca2c66f30a10fec63f3cd7fd4c66118593f5209eefc6e5feda3b103b856d51cfbcb44871fc747cca3 c15558bfd5a21c9e9aef7a12bcf5df3efee22b89b72af1e740c944673d70d91196ba7365455ea68b31eed9e 250019c70aff0000000ce50dc5abebbde9f4563f611a22afac7a7e5182ca11644f01eb5cf0a0f75dc72ad049 6ad923d9641197f58fced8d0bac9175b4b77029731468ac3a6ea198053dc1a154b0fb18a9828fea1968c38 749de5a96be515f437ffe4c7a42b96f95aa85ce68db22ec2b50951f227619e310aee8b41cd8b4bf4133c2bf 8c9cbecd9710ed9ae24f87c12c59639cbbb58beecac10da47a3004d9ba505ae7b4dff225de731c9cfbfd12f 24bf6c091ef3fe77b2761098914fbbe5f4cde2b61b770a42bdff1a626ac43ec44b4c1a2749944e8fe87ec2c0 b4a16e7dbc12a100a7c27d647add5995196da3cdb5573590a09936d615e38a0445bbb586c3c6bb5f31142 d90875eb8bcd9d84cdf8438f499b3bc49cc7a86379ac5dc6507a5e2ecb001271d1d92cec5f062d1cd51471 73ad87492cbc55ba1b7501fae200806e69516b91b4f0c9db034b9b5e387d119d541819177f82e1204671f 7361aeae2a1da7c22336f551fb5a09e68000000eaf81122033041007684dbe206b209548db9a93d4ba3e7 a4558da4ff8bdc25d4cf30421f23fe0795d8ed502675dfea6d697d034f9501124ccb53f5f96c8617c301b3b8 5fb4479002e93b1902ace9e60d274b1eab78165321666dfaf43368da507304231c3104de262f76cc7b219f 3b71681b4c1ec50827721d1c2a859dd3a5c4cbf1dfc3688b181e9cac2006d889c8f57f32204c83bfa61603e 138935d7c4d613304c0240beca3941d3288930f7e6efdd1d21545cf7c517c747311be9763fel69ef269706 757717fd3169d4ea05470f5178bf8010ccee3364ab8ac7416df10f3147d41649ada6113 --------------------------- Similarly, Bob upon receipt of the encrypted message can decrypt the message into its original plaintext form, using the information from above. By doing so, the following output is created: --------------------------- Decryption --------------------------- --------------------------- Step 0 - Initial data --------------------------- 196f989dbbbda49be77d3e7ee2f9e1b28878b10809796ee9ae2bba9fada0368e566efef827216c4b094b8b 2ebdbb42e538ce64492935fff489c286a43de9ebfd274ee3883ff6e3df299a6fa3f3bb1563e6c3ec2a698bd2 ef3bf34d9461987bad725574f132200e38ff81c04400f11c4b70000000445fa247af13a53590767babef49c0 2d23cafeb364da2289b61a2f6884b546dca5ac38f779f52ae6eb9ddf60a2dd4ea16aefab4747dcff40172c2d c1e48fc97b09f3205f6011c8d28b0b9f44649913143acf7680f9ef6055f3eb419886bad1ffe6358d0e420272 b89a44f9d7a5005d9e241173c75d38181309a6ac6e6cecd709355a3e70e7ff23fd8efd0ef2cdc94aec5b40e 56e576f1ca2c66f30a10fec63f3cd7fd4c66118593f5209eefc6e5feda3b103b856d51cfbcb44871fc747cca3 c15558bfd5a21c9e9aef7a12bcf5df3efee22b89b72af1e740c944673d70d91196ba7365455ea68b31eed9e 250019c70aff0000000ce50dc5abebbde9f4563f611a22afac7a7e5182ca11644f01eb5cf0a0f75dc72ad049 6ad923d9641197f58fced8d0bac9175b4b77029731468ac3a6ea198053dc1a154b0fb18a9828fea1968c38 749de5a96be515f437ffe4c7a42b96f95aa85ce68db22ec2b50951f227619e310aee8b41cd8b4bf4133c2bf 8c9cbecd9710ed9ae24f87c12c59639cbbb58beecac10da47a3004d9ba505ae7b4dff225de731c9cfbfd12f 24bf6c091ef3fe77b2761098914fbbe5f4cde2b61b770a42bdff1a626ac43ec44b4c1a2749944e8fe87ec2c0 b4a16e7dbc12a100a7c27d647add5995196da3cdb5573590a09936d615e38a0445bbb586c3c6bb5f31142 d90875eb8bcd9d84cdf8438f499b3bc49cc7a86379ac5dc6507a5e2ecb001271d1d92cec5f062d1cd51471 73ad87492cbc55ba1b7501fae200806e69516b91b4f0c9db034b9b5e387d119d541819177f82e1204671f 7361aeae2a1da7c22336f551fb5a09e68000000eaf81122033041007684dbe206b209548db9a93d4ba3e7 a4558da4ff8bdc25d4cf30421f23fe0795d8ed502675dfea6d697d034f9501124ccb53f5f96c8617c301b3b8 5fb4479002e93b1902ace9e60d274b1eab78165321666dfaf43368da507304231c3104de262f76cc7b219f 3b71681b4c1ec50827721d1c2a859dd3a5c4cbf1dfc3688b181e9cac2006d889c8f57f32204c83bfa61603e 138935d7c4d613304c0240beca3941d3288930f7e6efdd1d21545cf7c517c747311be9763fe169ef269706 757717fd3169d4ea05470f5178bf8010ccee3364ab8ac7416df10f3147d41649ada6113 --------------------------- --------------------------- Segment processing --------------------------- ------ Standard for this segment: PKI at index 0 ------ Segment size (based on key strength): 48 Segment data (encrypted): [[[ 196f989dbbbda49be77d3e7ee2f9e1b28878b10809796ee9ae2bba9fada0368e566efef827216c4b094b8b 2ebdbb42e5 ]]] Segment data (plain text): [[[ Cheeseburger Mashed Potato Pie Ing ]]] ------ Standard for this segment: PKI at index 48 ------ Segment size (based on key strength): 64 Segment data (encrypted): [[[ 38ce64492935fff489c286a43de9ebfd274ee3883ff6e3df299a6fa3f3bb1563e6c3ec2a698bd2ef3bf34d946 1987bad725574f132200e38ff81c04400f11c4b ]]] Segment data (plain text): [[[ redients Slow: 4 large skinned and boiled potatoes ]]] ------ Standard for this segment: TripleDES at index 112 ------ Segment size in (based on embedded length: 112 Segment data (encrypted): [[[ 445fa247af13a53590767babef49c02d23cafeb364da2289b61a2f6884b546dca5ac38f779f52ae6eb9ddf60 a2dd4ea16aefab4747dcff40172c2dc1e48fc97b09f3205f6011c8d28b0b9f44649913143acf7680f9ef6055f 3eb419886bad1ffe6358d0e420272b89a44f9d7a5005d9e ]]] Segment size out (based on embedded length: 78 Segment data (plain text): [[[ Fast: 1 (4⅞ ounce) packet mashed potatoes ¼-½ cup butter Both ]]] ------ Standard for this segment: PKI at index 228 ------ Segment size (based on key strength): 128 Segment data (encrypted): [[[ 241173c75d38181309a6ac6e6cecd709355a3e70e7ff23fd8efd0ef2cdc94aec5b40e56e576f1ca2c66f30a1 0fec663f3cd7fd4c66118593f5209eefc6e5feda3b103b856d51cfbcb44871fc747cca3c15558bfd5a21c9e9ae f7a122bcf5df3efee22b89b72af1e740c944673d70d91196ba7365455ea68b31eed9e250019c70af ]]] Segment data (plain text): [[[ ½ lb. ground beef, 2 cups shredded/sliced cheese Directions 1 Fry the beef in a nonstick pan, and when finished ]]] ------ Standard for this segment: AES at index 356 ------ Segment size in (based on embedded length: 240 Segment data (encrypted): [[[ ce50dc5abebbde9f4563f611a22afac7a7e5182ca11644f01eb5cf0a0f75dc72ad0496ad923d9641197f58fc ed8dd0bac9175b4b77029731468ac3a6ea198053dc1al54b0fb18a9828feal968c38749de5a96be515f437f fe4c77a42b96f95aa85ce68db22ec2b50951f227619e310aee8b41cd8b4bf4133c2bf8c9cbecd9710ed9ae24 f87c112c59639cbbb58beecac10da47a3004d9ba505ae7b4dff225de731c9cfbfd12f24bf6c091ef3fe77b276 10988914fbbe5f4cde2b61b770a42bdff1a626ac43ec44b4c1a2749944e8fe87ec2c0b4a16e7dbc12a100a7c 27d647add5995196da3cdb5573590a09936d615e38a0 ]]] Segment size out (based on embedded length: 180 Segment data (plain text): [[[ , drain off the fat and set it aside. 2 Prepare mashed potatoes, add milk and whip until creamy. 3 In medium baking dish, layer potatoes, beef, ½ of cheese, potatoes, res ]]] ------ Standard for this segment: PKI at index 600 ------ Segment size (based on key strength): 48 Segment data (encrypted): [[[ 445bbb586c3c6bb5f31142d90875eb8bcd9d84cdf8438f499b3bc49cc7a86379ac5dc6507a5e2ecb001271 d1d992cec5f ]]] Segment data (plain text): [[[ t of cheese on top. 4 Place in 350 ]]] ------ Standard for this segment: PKI at index 648 ------ Segment size (based on key strength): 64 Segment data (encrypted): [[[ 062d1cd5147173ad87492cbc55ba1b7501fae200806e69516b91b4f0c9db034b9b5e387d119d541819177 f82e11204671f7361aeae2a1da7c22336f551fb5a09e ]]] Segment data (plain text): [[[ ° F. oven, bake until cheese is melted and part of the ]]] ------ Standard for this segment: TripleDES at index 712 ------ Segment size in (based on embedded length: 104 Segment data (encrypted): [[[ eaf81122033041007684dbe206b209548db9a93d4ba3e7a4558da4ff8bdc25d4cf30421f23fe0795d8ed50 2675dfea6d697d034f9501124ccb53f5f96c8617c301b3b85fb4479002e93bl902ace9e60d274b1eab7816 5321666dfaf43368da507304231c3104de26 ]]] Segment size out (based on embedded length: 71 Segment data (plain text): [[[ potatoes golden brown. 5 Let it set for five minutes and then serve ]]] ------ Standard for this segment: PKI at index 820 ------ Segment size (based on key strength): 128 Segment data (encrypted): [[[ 2f76cc7b219f3b71681b4c1ec50827721d1c2a859dd3a5c4cbf1dfc3688b181e9cac2006d889c8f57f32204c 83bfa61603e138935d7c4d613304c0240beca3941d3288930f7e6efdd1d21545cf7c517c747311be9763fe 169ef269706757717fd3169d4ea05470f5178bf8010ccee3364ab8ac7416df10f3147d41649ada6113 ]]] Segment data (plain text): [[[ . ]]] --------------------------- Decrypted view --------------------------- Cheeseburger Mashed Potato Pie Ingredients Slow: 4 large skinned and boiled potatoes Fast: 1 (4⅞ ounce) packet mashed potatoes ¼-½ cup butter Both ½ lb. ground beef, 2 cups shredded/sliced cheese Directions 1 Fry the beef in a nonstick pan, and when finished, drain off the fat and set it aside. 2 Prepare mashed potatoes, add milk and whip until creamy. 3 In medium baking dish, layer potatoes, beef, ½ of cheese, potatoes, rest of cheese on top. 4 Place in 350° F. oven, bake until cheese is melted and part of the potatoes golden brown. 5 Let it set for five minutes and then serve. --------------------------- - Embodiments described herein involve combinations of method steps and system elements. These steps and elements may be combined in a plurality of ways to accomplish the same goals. One of ordinary skill in the art will appreciate that not all embodiments have all these components and each may have other components in addition to, or in lieu of, those components mentioned herein. Furthermore, while these components are viewed and described separately, various components may be integrated into a single unit in some embodiments.
- The various embodiments described above are provided by way of illustration only and should not be construed to limit the claimed invention. Those skilled in the art will readily recognize various modifications and changes that may be made to the claimed invention without following the example embodiments and applications illustrated and described herein, and without departing from the true spirit and scope of the claimed invention, which is set forth in the following claims.
Claims (18)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/274,090 US20160119135A1 (en) | 2012-06-05 | 2014-05-09 | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/489,388 US8744078B2 (en) | 2012-06-05 | 2012-06-05 | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths |
US14/274,090 US20160119135A1 (en) | 2012-06-05 | 2014-05-09 | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/489,388 Continuation US8744078B2 (en) | 2012-06-05 | 2012-06-05 | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths |
Publications (1)
Publication Number | Publication Date |
---|---|
US20160119135A1 true US20160119135A1 (en) | 2016-04-28 |
Family
ID=49670265
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/489,388 Active US8744078B2 (en) | 2012-06-05 | 2012-06-05 | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths |
US14/274,090 Abandoned US20160119135A1 (en) | 2012-06-05 | 2014-05-09 | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/489,388 Active US8744078B2 (en) | 2012-06-05 | 2012-06-05 | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths |
Country Status (1)
Country | Link |
---|---|
US (2) | US8744078B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP4199413A4 (en) * | 2020-08-14 | 2024-01-31 | Aisle Soft Corp | Terminal device, computer program, communication system, and communication method |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8744078B2 (en) * | 2012-06-05 | 2014-06-03 | Secure Channels Sa | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths |
US9189638B1 (en) * | 2013-08-25 | 2015-11-17 | Google Inc. | Systems and methods for multi-function and multi-purpose cryptography |
JP2016032247A (en) * | 2014-07-30 | 2016-03-07 | 富士通株式会社 | Authentication station apparatus, authentication station program and authentication station operation method |
US9692598B2 (en) | 2015-08-07 | 2017-06-27 | Terry L. Davis | Multi-use long string authentication keys |
US10419401B2 (en) * | 2016-01-08 | 2019-09-17 | Capital One Services, Llc | Methods and systems for securing data in the public cloud |
US10860745B2 (en) * | 2016-03-08 | 2020-12-08 | Hewlett-Packard Development Company, L.P. | Securing data |
US10482543B2 (en) * | 2016-05-12 | 2019-11-19 | Kurt B. Schuh | Apparatus and method for validating transactional data |
CN106712944A (en) * | 2017-01-23 | 2017-05-24 | 中国人民解放军65711部队 | Key system for high-speed secret asynchronous data communication |
GB2563294A (en) * | 2017-06-01 | 2018-12-12 | Zwipe As | Progressive key encryption Algorithm |
US10291594B2 (en) * | 2017-08-31 | 2019-05-14 | Fmr Llc | Systems and methods for data encryption and decryption |
US11804955B1 (en) | 2019-09-13 | 2023-10-31 | Chol, Inc. | Method and system for modulated waveform encryption |
CN113469683B (en) * | 2021-06-30 | 2022-09-27 | 建信金融科技有限责任公司 | Key storage method and device, electronic equipment and storage medium |
Citations (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020101996A1 (en) * | 1999-10-20 | 2002-08-01 | Fujitsu Limited | Variable-length key cryptosystem |
US20040091114A1 (en) * | 2002-08-23 | 2004-05-13 | Carter Ernst B. | Encrypting operating system |
US20050002525A1 (en) * | 2003-07-03 | 2005-01-06 | Microsoft Corporation | RTP payload format |
US20050084110A1 (en) * | 2003-10-21 | 2005-04-21 | Palmer Thomas E. | System and method for n-dimensional encryption |
US6891952B1 (en) * | 1998-12-07 | 2005-05-10 | International Business Machines Corporation | Dynamic key generation and confidential synchronization of encryption components |
US7177424B1 (en) * | 1999-06-22 | 2007-02-13 | Hitachi, Ltd. | Cryptographic apparatus and method |
US7212636B2 (en) * | 2001-02-26 | 2007-05-01 | Nagravision S.A. | Encryption of a compressed video stream |
US7242772B1 (en) * | 2000-09-07 | 2007-07-10 | Eastman Kodak Company | Encryption apparatus and method for synchronizing multiple encryption keys with a data stream |
US20080285747A1 (en) * | 2007-05-14 | 2008-11-20 | Samsung Electronics Co., Ltd. | Encryption-based security protection method for processor and apparatus thereof |
US20100020964A1 (en) * | 2007-02-20 | 2010-01-28 | Oki Electric Industry Co., Ltd. | Key generation method using quadratic-hyperbolic curve group |
US20100046750A1 (en) * | 2006-11-24 | 2010-02-25 | Bayer Innovation Gmbh | Coding method, decoding method, codec and data storage medium for holographic storage |
US20100138670A1 (en) * | 2008-11-28 | 2010-06-03 | Fujitsu Limited | Storage apparatus and data writing method |
US20110276545A1 (en) * | 2006-05-31 | 2011-11-10 | Chaim Koifman | Systems and methods for transformation of logical data objects for storage |
US20120027204A1 (en) * | 2008-12-29 | 2012-02-02 | Nortel Networks Limited | Bandwidth efficient method and system for obscuring the existence of encryption in a communications channel |
US20120033809A1 (en) * | 2010-08-04 | 2012-02-09 | Huang Lawrence P | System for scrambling and methods for use therewith |
US20120082343A1 (en) * | 2009-04-15 | 2012-04-05 | Fraunhofer-Gesellschaft Zur Foerderung Der Angewandten Forschung E.V. | Detecting a change between images or in a sequence of images |
US20120203990A1 (en) * | 2011-02-08 | 2012-08-09 | Fujitsu Technology Solutions Intellectual Property Gmbh | Method for storing and recovering data, utilization of the method in a storage cloud, storage server and computer program product |
US8345876B1 (en) * | 2012-03-06 | 2013-01-01 | Robert Samuel Sinn | Encryption/decryption system and method |
US20130013931A1 (en) * | 2011-03-07 | 2013-01-10 | Security First Corp. | Secure file sharing method and system |
US8640178B2 (en) * | 2003-08-07 | 2014-01-28 | Sony Corporation | Server, content providing apparatus, content receiving apparatus, content providing method, content receiving method, and program |
US8839000B2 (en) * | 2009-03-23 | 2014-09-16 | Hewlett-Packard Development Company, L.P. | System and method for securely storing data in an electronic device |
Family Cites Families (53)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5479513A (en) * | 1994-11-18 | 1995-12-26 | Martin Marietta Energy Systems, Inc. | Fast and secure encryption-decryption method based on chaotic dynamics |
US5922074A (en) | 1997-02-28 | 1999-07-13 | Xcert Software, Inc. | Method of and apparatus for providing secure distributed directory services and public key infrastructure |
US6324645B1 (en) | 1998-08-11 | 2001-11-27 | Verisign, Inc. | Risk management for public key management infrastructure using digital certificates |
US7080409B2 (en) | 1998-11-10 | 2006-07-18 | Dan Eigeles | Method for deployment of a workable public key infrastructure |
US6539093B1 (en) | 1998-12-31 | 2003-03-25 | International Business Machines Corporation | Key ring organizer for an electronic business using public key infrastructure |
US6711679B1 (en) | 1999-03-31 | 2004-03-23 | International Business Machines Corporation | Public key infrastructure delegation |
US7499551B1 (en) | 1999-05-14 | 2009-03-03 | Dell Products L.P. | Public key infrastructure utilizing master key encryption |
US7216110B1 (en) | 1999-10-18 | 2007-05-08 | Stamps.Com | Cryptographic module for secure processing of value-bearing items |
US6671804B1 (en) | 1999-12-01 | 2003-12-30 | Bbnt Solutions Llc | Method and apparatus for supporting authorities in a public key infrastructure |
US7340600B1 (en) | 2000-01-14 | 2008-03-04 | Hewlett-Packard Development Company, L.P. | Authorization infrastructure based on public key cryptography |
US7269726B1 (en) | 2000-01-14 | 2007-09-11 | Hewlett-Packard Development Company, L.P. | Lightweight public key infrastructure employing unsigned certificates |
US6763459B1 (en) | 2000-01-14 | 2004-07-13 | Hewlett-Packard Company, L.P. | Lightweight public key infrastructure employing disposable certificates |
AU2001229504A1 (en) | 2000-01-17 | 2001-07-31 | Certicom Corp. | Customizable public key infrastructure and developement tool for same |
US6895501B1 (en) | 2000-03-13 | 2005-05-17 | Wrq, Inc. | Method and apparatus for distributing, interpreting, and storing heterogeneous certificates in a homogenous public key infrastructure |
US6678821B1 (en) | 2000-03-23 | 2004-01-13 | E-Witness Inc. | Method and system for restricting access to the private key of a user in a public key infrastructure |
EP1302022A2 (en) * | 2000-03-31 | 2003-04-16 | VDG Inc. | Authentication method and schemes for data integrity protection |
US7493486B1 (en) | 2000-06-09 | 2009-02-17 | Verizon Laboratories, Inc. | Method and apparatus for supporting cryptographic-related activities in a public key infrastructure |
US6898710B1 (en) | 2000-06-09 | 2005-05-24 | Northop Grumman Corporation | System and method for secure legacy enclaves in a public key infrastructure |
US7069440B2 (en) | 2000-06-09 | 2006-06-27 | Northrop Grumman Corporation | Technique for obtaining a single sign-on certificate from a foreign PKI system using an existing strong authentication PKI system |
US7028181B1 (en) | 2000-06-09 | 2006-04-11 | Northrop Grumman Corporation | System and method for efficient and secure revocation of a signature certificate in a public key infrastructure |
US6934393B2 (en) | 2000-06-09 | 2005-08-23 | Northrop Grumman Corporation | System and method for third party recovery of encryption certificates in a public key infrastructure |
US6941455B2 (en) | 2000-06-09 | 2005-09-06 | Northrop Grumman Corporation | System and method for cross directory authentication in a public key infrastructure |
US7032110B1 (en) | 2000-06-30 | 2006-04-18 | Landesk Software Limited | PKI-based client/server authentication |
US7107248B1 (en) | 2000-09-11 | 2006-09-12 | Nokia Corporation | System and method of bootstrapping a temporary public-key infrastructure from a cellular telecommunication authentication and billing infrastructure |
US6940979B1 (en) | 2000-11-09 | 2005-09-06 | Nortel Networks Limited | Management of certificates for public key infrastructure |
NO313480B1 (en) | 2001-01-24 | 2002-10-07 | Telenor Asa | Procedure for opening all or part of a smart card |
CA2437611C (en) | 2001-02-06 | 2015-09-15 | Certicom Corp. | Mobile certificate distribution in a pki |
US7516325B2 (en) | 2001-04-06 | 2009-04-07 | Certicom Corp. | Device authentication in a PKI |
ATE424067T1 (en) | 2001-06-11 | 2009-03-15 | Daniel Buettiker | METHOD FOR SECURING DATA REGARDING USERS OF A PUBLIC KEY INFRASTRUCTURE |
US7328344B2 (en) | 2001-09-28 | 2008-02-05 | Imagitas, Inc. | Authority-neutral certification for multiple-authority PKI environments |
KR100529550B1 (en) | 2001-10-18 | 2005-11-22 | 한국전자통신연구원 | Method for modifying authority of a certificate of authentication using information of a biometrics in a pki infrastructure |
NO314379B1 (en) | 2001-11-28 | 2003-03-10 | Telenor Asa | Registration and activation of electronic certificates |
US7206936B2 (en) | 2001-12-19 | 2007-04-17 | Northrop Grumman Corporation | Revocation and updating of tokens in a public key infrastructure system |
US7475250B2 (en) | 2001-12-19 | 2009-01-06 | Northrop Grumman Corporation | Assignment of user certificates/private keys in token enabled public key infrastructure system |
KR100431210B1 (en) | 2002-08-08 | 2004-05-12 | 한국전자통신연구원 | Validation Method of Certificate Validation Server using Certificate Policy Table and Certificate Policy Mapping Table in PKI |
EP1540875A4 (en) | 2002-08-28 | 2011-01-26 | Ntt Docomo Inc | Certificate-based encryption and public key infrastructure |
US6931133B2 (en) | 2002-09-03 | 2005-08-16 | Verisign, Inc. | Method and system of securely escrowing private keys in a public key infrastructure |
US8019989B2 (en) | 2003-06-06 | 2011-09-13 | Hewlett-Packard Development Company, L.P. | Public-key infrastructure in network management |
JP3928589B2 (en) | 2003-06-12 | 2007-06-13 | コニカミノルタビジネステクノロジーズ株式会社 | Communication system and method |
US7437551B2 (en) | 2004-04-02 | 2008-10-14 | Microsoft Corporation | Public key infrastructure scalability certificate revocation status validation |
WO2006034428A2 (en) | 2004-09-20 | 2006-03-30 | Pgp Corporation | Apparatus and method for identity-based encryption within a conventional public-key infrastructure |
US8331559B2 (en) * | 2004-10-12 | 2012-12-11 | Chiou-Haun Lee | Diffused data encryption/decryption processing method |
US7647494B2 (en) | 2005-06-08 | 2010-01-12 | International Business Machines Corporation | Name transformation for a public key infrastructure (PKI) |
US7912906B2 (en) | 2005-07-19 | 2011-03-22 | The Go Daddy Group, Inc. | Generating PKI email accounts on a web-based email system |
US7809941B1 (en) | 2005-09-09 | 2010-10-05 | Rockwell Collins, Inc. | Certifier hierarchy for public key infrastructure in an ad-hoc network |
JP4961909B2 (en) * | 2006-09-01 | 2012-06-27 | ソニー株式会社 | Cryptographic processing apparatus, cryptographic processing method, and computer program |
US8082446B1 (en) | 2006-11-30 | 2011-12-20 | Media Sourcery, Inc. | System and method for non-repudiation within a public key infrastructure |
US7894420B2 (en) | 2007-07-12 | 2011-02-22 | Intel Corporation | Fast path packet destination mechanism for network mobility via secure PKI channel |
JP5022875B2 (en) * | 2007-11-27 | 2012-09-12 | キヤノン株式会社 | Information processing apparatus and control method thereof, information processing system and program |
US8090949B2 (en) | 2008-03-13 | 2012-01-03 | GM Global Technology Operations LLC | Certificate assignment strategies for efficient operation of the PKI-based security architecture in a vehicular network |
US8411852B2 (en) * | 2010-04-23 | 2013-04-02 | Chiou-Haun Lee | Diffusion oriented method and apparatus for stream cryptography |
US8379850B1 (en) * | 2010-10-08 | 2013-02-19 | Xilinx, Inc. | Method and integrated circuit for secure encryption and decryption |
US8744078B2 (en) * | 2012-06-05 | 2014-06-03 | Secure Channels Sa | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths |
-
2012
- 2012-06-05 US US13/489,388 patent/US8744078B2/en active Active
-
2014
- 2014-05-09 US US14/274,090 patent/US20160119135A1/en not_active Abandoned
Patent Citations (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6891952B1 (en) * | 1998-12-07 | 2005-05-10 | International Business Machines Corporation | Dynamic key generation and confidential synchronization of encryption components |
US7177424B1 (en) * | 1999-06-22 | 2007-02-13 | Hitachi, Ltd. | Cryptographic apparatus and method |
US20020101996A1 (en) * | 1999-10-20 | 2002-08-01 | Fujitsu Limited | Variable-length key cryptosystem |
US7242772B1 (en) * | 2000-09-07 | 2007-07-10 | Eastman Kodak Company | Encryption apparatus and method for synchronizing multiple encryption keys with a data stream |
US7212636B2 (en) * | 2001-02-26 | 2007-05-01 | Nagravision S.A. | Encryption of a compressed video stream |
US20040091114A1 (en) * | 2002-08-23 | 2004-05-13 | Carter Ernst B. | Encrypting operating system |
US20050002525A1 (en) * | 2003-07-03 | 2005-01-06 | Microsoft Corporation | RTP payload format |
US8640178B2 (en) * | 2003-08-07 | 2014-01-28 | Sony Corporation | Server, content providing apparatus, content receiving apparatus, content providing method, content receiving method, and program |
US20050084110A1 (en) * | 2003-10-21 | 2005-04-21 | Palmer Thomas E. | System and method for n-dimensional encryption |
US20110276545A1 (en) * | 2006-05-31 | 2011-11-10 | Chaim Koifman | Systems and methods for transformation of logical data objects for storage |
US20100046750A1 (en) * | 2006-11-24 | 2010-02-25 | Bayer Innovation Gmbh | Coding method, decoding method, codec and data storage medium for holographic storage |
US20100020964A1 (en) * | 2007-02-20 | 2010-01-28 | Oki Electric Industry Co., Ltd. | Key generation method using quadratic-hyperbolic curve group |
US20080285747A1 (en) * | 2007-05-14 | 2008-11-20 | Samsung Electronics Co., Ltd. | Encryption-based security protection method for processor and apparatus thereof |
US20100138670A1 (en) * | 2008-11-28 | 2010-06-03 | Fujitsu Limited | Storage apparatus and data writing method |
US20120027204A1 (en) * | 2008-12-29 | 2012-02-02 | Nortel Networks Limited | Bandwidth efficient method and system for obscuring the existence of encryption in a communications channel |
US8839000B2 (en) * | 2009-03-23 | 2014-09-16 | Hewlett-Packard Development Company, L.P. | System and method for securely storing data in an electronic device |
US20120082343A1 (en) * | 2009-04-15 | 2012-04-05 | Fraunhofer-Gesellschaft Zur Foerderung Der Angewandten Forschung E.V. | Detecting a change between images or in a sequence of images |
US20120033809A1 (en) * | 2010-08-04 | 2012-02-09 | Huang Lawrence P | System for scrambling and methods for use therewith |
US20120203990A1 (en) * | 2011-02-08 | 2012-08-09 | Fujitsu Technology Solutions Intellectual Property Gmbh | Method for storing and recovering data, utilization of the method in a storage cloud, storage server and computer program product |
US20130013931A1 (en) * | 2011-03-07 | 2013-01-10 | Security First Corp. | Secure file sharing method and system |
US8345876B1 (en) * | 2012-03-06 | 2013-01-01 | Robert Samuel Sinn | Encryption/decryption system and method |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP4199413A4 (en) * | 2020-08-14 | 2024-01-31 | Aisle Soft Corp | Terminal device, computer program, communication system, and communication method |
Also Published As
Publication number | Publication date |
---|---|
US8744078B2 (en) | 2014-06-03 |
US20130322618A1 (en) | 2013-12-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20160119135A1 (en) | System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths | |
CN106161034B (en) | RSA decryption using multiplicative secret sharing | |
US10187200B1 (en) | System and method for generating a multi-stage key for use in cryptographic operations | |
US8132020B2 (en) | System and method for user authentication with exposed and hidden keys | |
US20110145576A1 (en) | Secure method of data transmission and encryption and decryption system allowing such transmission | |
EP2304894B1 (en) | Multipad encryption | |
US8433066B2 (en) | Method for generating an encryption/decryption key | |
US20150244520A1 (en) | One-time-pad data encryption with media server | |
Debnath et al. | Brief review on journey of secured hash algorithms | |
CN103339958A (en) | Key transport protocol | |
US8462939B2 (en) | RNS-based cryptographic system and method | |
US20150229621A1 (en) | One-time-pad data encryption in communication channels | |
US11888832B2 (en) | System and method to improve user authentication for enhanced security of cryptographically protected communication sessions | |
US11438316B2 (en) | Sharing encrypted items with participants verification | |
JP2022521525A (en) | Cryptographic method for validating data | |
WO2020170225A2 (en) | System and method for securing data | |
Jain et al. | Diagonal queue medical image steganography with Rabin cryptosystem | |
Bangera et al. | Multilayer security using RSA cryptography and dual audio steganography | |
Kobeissi | An analysis of the protonmail cryptographic architecture | |
Ratshinanga et al. | A security mechanism for secure sms communication | |
Mutabaruka | Enhancing Data Security by Using Hybrid Encryption Technique (Advanced Encryption Standard and Rivest Shamir Adleman) | |
CN113411347B (en) | Transaction message processing method and processing device | |
BinduMadavi et al. | Tribrid Secure Encryption Technique to Protect the data in the Cloud | |
Alsmadi et al. | Encryption and Information Protection/Integrity and Concealment Methods: Lesson Plans | |
Grasso et al. | Definition of terms used by the Auto-ID Labs in the anti-counterfeiting white paper series |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: SECURE CHANNELS SA, SWITZERLAND Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:COLERIDGE, ROBERT;REEL/FRAME:038736/0429 Effective date: 20160328 |
|
AS | Assignment |
Owner name: SOFTWARE RESEARCH LABS LLC, NETHERLANDS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SECURE CHANNELS SA;REEL/FRAME:043392/0234 Effective date: 20160808 Owner name: COLERIDGE ENTERPRISES LLC, WASHINGTON Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SOFTWARE RESEARCH LABS LLC;REEL/FRAME:043392/0804 Effective date: 20170803 |
|
AS | Assignment |
Owner name: SECURE CHANNELS INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:COLERIDGE ENTERPRISES LLC;REEL/FRAME:043433/0521 Effective date: 20170803 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
AS | Assignment |
Owner name: PETNEDA HOLDINGS LIMITED, CANADA Free format text: SECURITY INTEREST;ASSIGNOR:SECURE CHANNELS INC.;REEL/FRAME:051965/0323 Effective date: 20190826 |
|
AS | Assignment |
Owner name: CHOL INC., CANADA Free format text: ASSIGNMENT AND ASSUMPTION OF CONTRACTS;ASSIGNOR:PETNEDA HOLDINGS LIMITED;REEL/FRAME:052208/0990 Effective date: 20200317 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |