WO1999029064A1 - Secured communications scheme using random numbers - Google Patents

Secured communications scheme using random numbers Download PDF

Info

Publication number
WO1999029064A1
WO1999029064A1 PCT/US1998/024881 US9824881W WO9929064A1 WO 1999029064 A1 WO1999029064 A1 WO 1999029064A1 US 9824881 W US9824881 W US 9824881W WO 9929064 A1 WO9929064 A1 WO 9929064A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
message
encrypted
party
sequence
Prior art date
Application number
PCT/US1998/024881
Other languages
French (fr)
Inventor
Hong J. Kim
Original Assignee
Kim Hong J
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kim Hong J filed Critical Kim Hong J
Priority to AU23056/99A priority Critical patent/AU2305699A/en
Publication of WO1999029064A1 publication Critical patent/WO1999029064A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • H04L9/0662Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Definitions

  • the invention relates to encrypting and decrypting data in order to provide a highly secured method of communications .
  • the field of cryptography has advanced from the field of military intelligence into everyday commercial interactions. There is a need for secure transmission of electronic transactions, such as credit card purchases, and for a method of securely transmitting information over publicly accessible electronic channels.
  • the Vernam cipher was developed by Gilbert S. Vernam of American Telephone and Telephone Company and Major Joseph O. Mauborgne of the U.S. Army Signal Corps.
  • the Vernam encryption scheme (also known as the "one-time pad" scheme) requires a key that is at least as long as the message and which is never used to send another message .
  • the Vernam cipher relies on a sequence of random numbers of length at least as large as the length of the message to be sent.
  • the sequence of random numbers which can be a random sequence of "0"s and "l"s to be used with a message coded similarly, is subtracted from or added to the message before it is sent .
  • the receiver decodes the message by adding or subtracting the same random sequence.
  • Vernam cipher Variations of the Vernam cipher have reused long keys or have used systems where the sender and receiver have identical pseudo-random number generators.
  • a pseudo-random number generator generates a series of numbers which statistically appear random but which are actually completely deterministic. Both the receiver and the sender can generate the same key by starting the pseudo-random number generator using the same "seed" value. None of these schemes, however, are completely secure because the keys can be predicted by an eavesdropper.
  • a more prevalent system of exchanging secured information is with the use of public-key cryptosystems .
  • An advantage of public-key encryption systems is that they allow two parties who have not previously communicated to send secured messages.
  • the receiver, A chooses randomly a pair of mutually inverse transformations to be used for encryption and decryption of the message.
  • A then publishes instructions for encryption but does not publish the transformation used for decryption.
  • the transformations are chosen so that it is at least extremely difficult to deduce the transformation used for decryption from that used for encryption.
  • a sender, B would then be able to send a secured message to A by encrypting the message as per the publicly known algorithm and sending it to A. A would then use the unpublished decryption algorithm to retrieve the message .
  • public-key encryption may be applicable for certain uses, especially when the parties have not foreseen a need to communicate, these system have not been shown to be secure .
  • a method of encryption which expands on the Vernam cipher system but which dispenses with the need for the parties to continuously communicate a key by alternative channels.
  • one of the users generates a key, preferably including a series of random numbers, the random numbers preferably being generated using a quantum random number generator as described in Applicant's previous application (serial number 08/876,994), hereby incorporated by reference in its entirety.
  • the key is communicated to all of the other users.
  • the communication channels used to distribute the key may include personal communication, postal mail, or electronic means. Personal communication is the most secure method of communicating the key while electronic transmissions suffer a high degree of risk because the key may be intercepted.
  • a message may be sent between the parties using the sequence of random numbers as an encryption key.
  • a new key is generated.
  • the new key is encrypted using the previous key, or alternatively the previously sent message or a preset encryption sequence, and is communicated to the users .
  • the new encrypted key may be sent along the same transmission channel as was the encrypted message.
  • Each of the users then decrypts the new key using the previous key and stores the new key in place of the previous key so that the new key is used for the next communication. Therefore, any given key is used in sending and/or receiving only one message and is abandoned in favor of a new key without any further need of communication between the parties through alternative channels.
  • users who have not previously interacted to initialize an encryption key may send and receive secured messages through a mediator with whom each of the parties have initialized a communication channel.
  • the invention is applicable to use with the Internet, the world wide web, credit card or debit card transactions, or Pay TV systems, among other uses .
  • the encryption key may be used to encode a passkey.
  • the message itself is a random sequence which, when decrypted by the receiver, is used to access coded information such as debit card balances.
  • the passkey may also allow physical access, i.e. unlocking or opening a door.
  • the key may be used to certify the source of the message.
  • the sender transmits the key to the receiver and the receiver compares the key with a stored key to certify the sender's identity. After the sender is certified by the receiver, further communications without encryption may be undertaken. Additional communications may include passkeys or, alternatively, the certified key may itself act as a passkey, allowing access to information or to allow physical access such as opening doors.
  • An additional feature of the invention is that, because the encryption key is updated after every communication, if a user's key has been intercepted and used by an eavesdropper (such as would be the case with fraudulent credit card transactions) then that user will no longer have access to the system and can promptly notify the mediator or other users of a breach in security.
  • Figure 1 shows schematically communication between several parties.
  • Figure 2 shows schematically communication between several parties using a mediator as a central communications node.
  • Figure 3 shows an apparatus for communicating between two parties.
  • Figure 4A shows a smart card used as a communicator .
  • Figure 4B shows a memory card/magnetic strip card used as a communicator.
  • Figure 1 shows schematically communication between several parties using a distributed network system. Although only parties A, B, C and D are shown, any number of parties greater than two may be linked in accordance with the technique shown in Figure 1.
  • a message sender may selectively choose to whom a particular message is to be sent.
  • Figure 1 also shows a possible eavesdropper E.
  • the message may be represented as a numerical sequence (M lf . . ., M ir . . . M L ) where M A is a number which represents the ith character of the message and L is the length of the message.
  • a particularly useful form for computerized communication is the binary form, a series of "0"s and "l”s.
  • Some applications which use the binary format include the Internet, the world wide web, credit card purchases, debit card purchases, and pay TV, although other applications may use it as well.
  • a message may also include verification or routing information.
  • the verification information may be used to verify the identity of the sender to the receiver. Routing information may be used to determine who the sender chooses to receive the message .
  • the communications channels are initialized by first generating and distributing to all of the parties an encryption key.
  • Figure 1 shows the scenario where party C has the capability of generating a key G while parties A, B and D do not. Therefore, Party C would generate the key and distribute the key to parties A, B and D. Any of the parties, or all of the parties, may have the capability of generating a key G, but at least one of them must have the capability of generating a key G.
  • the communication channel is initialized by any party generating and distributing the key to all of the other parties.
  • Each party stores the encryption key for future use .
  • the key includes a sequence of random numbers, (R l f . . . R N ) .
  • the key may also include further information such as, for example, a choice of encryption/decryption methods.
  • the key generator G is preferably a random number generator.
  • the random number generator may be one of any of the well known types, the preferred random number generator used with this invention is a true random number generator such as the quantum mechanical random number generator of Applicant's previous application (Ser. No. 08/876,994) .
  • the preferred random number generator employs the laws of quantum mechanics in order to generate a true random number sequence which does not repeat . These generators are fast enough to produce a sequence of random numbers of adequate length in an amount of time consistent with the needs of this communication scheme and are relatively independent of external influences.
  • random number generators employ arithmetic methods for generating random numbers which inherently are deterministic and which may, with enough persistence, be shown not to be truly random. At some point in the sequence generated they repeat, thereby compromising the desired nonpredictability of the key sequence .
  • the length of the sequence, N is arbitrary but it is preferred that the length N be chosen to be equal to or greater than the length of the numerical sequence representing the message, L.
  • a sequence length N that is less than the length of the message L will result in a less secure transmission because it is necessary that part of the key be repeated in the encryption process. The part of the encryption key which is repeated potentially compromises the portions of the message encrypted with the repeated key.
  • the sequence of random numbers is also preferably a sequence of "0"s and "l”s.
  • the initial encryption key is preferably communicated to each of the other parties in person.
  • Alternative forms of communicating the initial encryption key include mail or by electronic transmission. In-person communication of the initial key has the advantage of more securely ensuring that the parties receive the key and that potential eavesdroppers do not gain access to the key. Other forms of communication increase the risk that the initial key is intercepted by a potential eavesdropper.
  • any of them may send a secured message to any or all of the others.
  • the message after translation into its corresponding numerical sequence, may be encrypted using the key in a number of ways, but whichever way is chosen must be agreed upon by the parties in advance.
  • the method of encryption may also be communicated between the parties along with the key itself where a code in the key signals a selection from a predetermined set of encryption/decryption methods.
  • One common method of encryption is to add or subtract the random number sequence of the key to the message. This is the well known Vernam cipher.
  • Any operation which convolutes the message with the key can be used to encrypt the message so long as all parties know and agree upon the operation so that the decryption of the message can be accomplished by deconvoluting the message from the key.
  • Possible convolution operations include any mathematical function of the message sequence and the encryption sequence, or any shifting and rearranging of sequence strings in the message and the key such that the resulting encrypted message is a single sequence.
  • the message and the key are both in binary form and the convolution of the message with the key results in an encrypted sequence having the same length as the message.
  • the encrypted message may be of any length sufficient to contain the entire message.
  • the sender of the message encrypts the message and transmits the encrypted message to each of the receiving parties. Not all of the parties may receive the message.
  • one of the parties who is capable of generating a key (C in Figure 1) generates a new key.
  • that party encrypts the new key using the old key and transmits the encrypted new key to all of the parties, the old key being the key previously used to send the message.
  • the new key may be encrypted using the previously transmitted message or a preset encryption sequence previously shared by the parties.
  • Each of the parties then, decrypts the new key using the old key and stores the new key in place of the old key.
  • the new key is then used in future communications and the old key can be abandoned. Alternatively, the old key can be stored as proof of the message.
  • Both the message and the new key are securely transmitted between the parties even though transmission of the encrypted new key requires a repeated use of the old key.
  • an outside party Eavesdropper E in Figure 1
  • Eavesdropper E would not be able to break the code based on the encrypted new key because the new key itself is a sequence of random numbers.
  • Eavesdropper E could break the code, however, if the old key was reused to send a new message or repeated in the transmission of the old message.
  • a new party may be included in the communication scheme of Figure 1 by sharing the current encryption key to the new party and by connecting the new party to the other parties so that the new party can send and receive encrypted messages.
  • Figure 2 shows schematically a communication technique between several parties (A, B, C, and D) where each of the parties has previously initialized a communication channel with a mediator.
  • the parties do not necessarily have an initialized communication channel with each other.
  • the parties may not have previously contemplated the need for communications between them.
  • each party (A, B, C, or D) individually initializes a communication channel with a mediator.
  • the mediator may initialize communications channels with any number of separate parties.
  • the mediator has the capability of generating a key G and communicates a separate key to each of the parties.
  • the mediator does not have the capability of generating a key, each of the parties should have that capability G and then each party communicates a key to the mediator. The latter scenario may be useful if the mediator is a shared member of separate communications networks which utilize this methodology.
  • the mediator If the mediator is not capable of generating a key and not all of the parties have the capability of generating a key G, then the mediator must receive keys from a capable party to distribute to those not capable of generating a key.
  • the mediator stores the encryption key for each party individually in such a way that the key associated with an individual party is easily identifiable to the mediator.
  • the key preferably includes a random number sequence generated from a random number generator.
  • Party A encrypts the message using the key and an encryption method that is shared between party A and the mediator.
  • Party A transmits the encrypted message to the mediator.
  • the mediator decrypts the message and determines from routing information that is transmitted as part of the message which party or parties are to receive the message .
  • the mediator then encrypts the message using the key which is shared with the receiving party, B in this example, and transmits the message to the receiving party.
  • the receiving party retrieves the message by decrypting the message using the key that the receiving party shares with the mediator.
  • the key which is shared with the sending party, A, and the keys that are shared with the receiving parties, B, are then replaced.
  • a new key is generated.
  • the new key is encrypted using the key that is shared between that party and the mediator M.
  • the new key could be encrypted using the message which was previously sent between the party and the mediator.
  • the new key could be encrypted using a preset encryption sequence previously shared between the party and the mediator.
  • the encrypted new key is then transmitted so that both the party and the mediator M share the new key.
  • the encrypted new key is then decrypted and is used to replace the previous key.
  • different parties such as A and B, may securely communicate through a mediator while never themselves sharing a common key.
  • the configuration of Figure 2 is employable to send messages between parties, such as Party A and Party B, even if the parties are members of a network such as Figure 1 if the communications link between them is faulty or non existent.
  • parties A and B in Figure 1 may communicate using party C or D as a mediator.
  • parties A, B, C and D in Figure 1 may themselves each be networks as shown in Figure 1, each of these networks having the mediator as a member.
  • the configuration illustrated in Figure 2 may be particularly employable for secured credit card or debit card purchases over the Internet, world wide web or via telephone lines where the purchaser and vendor have not previously interacted but both use a central credit card service such as mastercard or visa.
  • a transfer of funds from user A to user B may result from A transmitting a different message to the mediator than the mediator finally sends to B.
  • A' s message may include a passkey and account information.
  • the mediator records A' s message, and after approval of the transfer of funds, sends B a confirmation that funds have been credited to B's account from A' s account .
  • the mediator may hold the account information or, alternatively, another user may hold the account information and the mediator must communicate with the third user for approval before sending a confirmation to B.
  • the mediator may communicate with the third party user using the techniques of this invention.
  • Another useful application of the invention is to obtain access to information or initiate an action from another communicating party.
  • the message includes a passkey which may be randomly generated.
  • Other non-encrypted messages may be sent between the sender and receiver in addition to the message which includes the passkey.
  • the use of the system to send passkeys may be particularly useful for debit card account access or simply to unlock or operate doors (e.g., garage doors).
  • the party seeking access encrypts the message including the passkey using the key and transmits the encrypted passkey to the party responsible for granting access.
  • the key is replaced after each use.
  • the granting party decrypts the encrypted passkey and, by comparing the passkey with a stored passkey, either grants or disallows access to the party seeking access.
  • the granting party may grant access to information (such as in a debit card transaction) , transfer funds in response to the remainder of the messages (such as in a credit card transaction or debit card transaction) , or open a door (such as in a garage door opener) .
  • the key may be used to certify the validity of a communication. In the certification embodiment, the key is sent to the receiver and replaced after every transmission.
  • the receiver compares the key with a stored key to certify that communication with that sender is valid.
  • the key itself may act as a passkey such as discussed above or is used to certify that a message originates from a particular sender.
  • a message which may or may not be encrypted, may be sent in the communication.
  • One method of sending the message with the key is to appending the message sequence onto the end of the random number sequence of the key.
  • the message may be sent in a transmission separate from the transmission which includes the key. In either case, the key is used to certify that the message originates from a particular sender .
  • FIG. 3 An apparatus for use with either of the communication configurations shown in Figures 1 and 2 is shown in Figure 3.
  • the apparatus includes at least two communicators and at least one key generator, a communicator being a device for communications.
  • Figure 3 shows Communicator A 100, Communicator B 200 and Key Generator 300.
  • Communicator A 100 includes Data I/O port 110, processor 120, encryption key storage memory 130, message storage memory 140, and system memory 150.
  • Communicator B 200 includes data I/O port 210, processor 220, encryption key storage memory 230, message storage memory 140 and system memory 250.
  • Communicator B 200 also communicates with key generator 300 so that Communicator B 200 has the capability of generating a key (G on Figures 1 and 2) .
  • Each communicator must at least have the ability to store the key, encrypt and decrypt messages, and communicate with other communication devices.
  • Communicator A 100 has a processor 120 which receives and sends messages through data I/O port 110.
  • Data I/O port 110 may include a modem to facilitate communications with other communicators.
  • Processor 120 stores the message in message storage memory 140, reads the key from encryption key storage memory 130, and encrypts or decrypts the message in response to programming instructions stored in the system memory 150.
  • Communicator B 200 reads and writes encryption keys to encryption key storage memory 230, receives and sends messages through data I/O port 210, and reads and writes messages from message storage memory 240 in response to programming instructions stored in system memory 240.
  • Data I/O port 110 and data I/O port 210 must be compatible so that communicator A 100 and communicator B 200 can exchange data through transmission path 400.
  • Transmission path 400 may be telephone lines, Ethernet lines, or other communications path by which different communicators may communicate.
  • Communicator B 200 receives new keys from key generator 300.
  • Key generator 300 generates a key and could be one of the random number generators previously discussed, preferably the quantum mechanical random number generator.
  • Figure 3 shows only two communicators, but the apparatus for carrying out this invention could include any number of separate communicators configured as in Figure 1 or Figure 2.
  • the communicators communicate with all other communicators and in Figure 2 each communicator communicates with a mediator.
  • a communicator which is functioning as a mediator in Figure 2 must additionally be capable of storing a separate key in relation to each of the users of the mediator configuration.
  • a network of communicators as in Figures 1 or 2 may include any number of different communications devices, each device having the capability of storing a key, encrypting and decrypting data, and of communicating with the other communicators or with the mediator through transmission paths 400.
  • the preferred apparatus for use with this invention includes at least one smart card, a communicator acting as a mediator, and a key generator communicating with the mediator.
  • Figure 4A shows a smart card for use with this invention.
  • the smart card 500 is physically convenient to transport, i.e. about credit card size.
  • the smart card 500 includes a processor 520, a data I/O port 510, an encryption key storage memory 530, a system storage memory 550, and a message storage memory 540.
  • Processor 520 is capable of encrypting and decrypting messages, of reading and writing to the encryption key storage memory 530 and the message storage memory 540, and of communicating through data I/O port 510 with another communicator, such as a mediator.
  • the smart card 500 communicates through data I/O port 510 to an intermediate I/O device 560 which communicates with the other communicators of network 700, although smart card 500 may itself be capable of communicating with network 700.
  • smart card 500 also stores account information and account balances. This information is useful if the smart card is used as a debit card.
  • smart card 500 or intermediate I/O device 560 may have external displays and controls so that an outside user may query smart card 500 regarding account information and balances.
  • the intermediate I/O device 560 need have no further features except to facilitate communications with other communicators in network 700.
  • an intermediate I/O device 560 may connect smart card 500 to a phone modem wherein the intermediate I/O device 560 communicates with the smart card 500 through the data I/O port 510 and transmitting to network 700 through a phone modem.
  • Other intermediate I/O devices include computer systems capable of networking with other communicators .
  • At least one communicator in network 700 with smart card 500 must be capable of generating encryption keys .
  • the key generator used in the preferred embodiment is the quantum mechanical random number generator.
  • FIG. 4B shows a storage card communicator 600 having a storage card 630 in communication with card reader 660.
  • Storage card 630 may be a memory card, a card with a magnetic strip, or any other device capable of storing data.
  • Card reader 660 includes a processor 620, a system memory 650, a message memory 640 and a data I/O port 610.
  • the processor 620 read the encryption key from the memory card 630 and encrypts or decrypts messages in response to program instructions stored in the system memory 650.
  • the data I/O port 610 is capable of communicating with other communicators on network 700.
  • Storage card 630 may also store account information and account balances. This information is useful if the storage card is used as a debit card.
  • card reader 660 may have external displays and controls so that an outside user may query account balances stored in the card.
  • Yet another embodiment of the communicator includes a computer, the computer being capable of communicating with all of the other communicators in the network or with a mediator computer. Each computer must be able to store the encryption key and encrypt and decrypt data which it receives. This communicator is useful for Internet communications or for networking communications.
  • each of the computers may be capable of communicating with a device external to the computer, the device being one which stores the key and possibly is also one which encrypts and decrypts the data (such as a smart card or a storage card) .
  • the external device could make the key and possibly the encryption/decryption algorithms inaccessible to the computer.

Abstract

A first communication device (100) is made up of an encryption key storage memory (130), a message storage memory (140), a system memory for the storage of programs (150), a processor (120), and a data input/output device (110). The first communication device communicates with a second communication device (200) through a transmission path (400). The second communication device is made up of an encryption key storage memory (230), a message storage memory (240), a system memory for program storage (250), a processor (220), and a data input/output device (210). The processor (220) in second communication device (200) receives a key from a key generator (300) outside of the second communication device (200).

Description

Secured Communications Scheme Using Random Numbers
Background of the Invention
1. Field of the Invention
The invention relates to encrypting and decrypting data in order to provide a highly secured method of communications .
2. Description of the Related Art
The secure exchange of information using cryptography has been of ongoing and increasing importance . Cryptography has played an important role in history and, more recently, in commercial transactions. Several important historical events have been precipitated by the breaking of secret codes. The United States was propelled into World War I, for example, when the Zimmerman Note was broken and it was learned that Mexico was promised territories within the United States if they entered Germany's war effort. ( See Charles H. Bennett, et . al . , Quantum Cryptograph, Scientific American, Oct. 1992, p. 50).
The field of cryptography has advanced from the field of military intelligence into everyday commercial interactions. There is a need for secure transmission of electronic transactions, such as credit card purchases, and for a method of securely transmitting information over publicly accessible electronic channels.
Several schemes have been developed to address the problem of securing exchanges of information. The first mathematically unbreakable encryption scheme, the Vernam cipher, was developed by Gilbert S. Vernam of American Telephone and Telegraph Company and Major Joseph O. Mauborgne of the U.S. Army Signal Corps. The Vernam encryption scheme (also known as the "one-time pad" scheme) requires a key that is at least as long as the message and which is never used to send another message .
The Vernam cipher relies on a sequence of random numbers of length at least as large as the length of the message to be sent. The sequence of random numbers, which can be a random sequence of "0"s and "l"s to be used with a message coded similarly, is subtracted from or added to the message before it is sent . The receiver decodes the message by adding or subtracting the same random sequence.
In the Vernam scheme, all concerned must have identical copies of the key. The deficiency in the Vernam scheme, therefore, is in the distribution of the keys to each of the parties. These keys are used only once and are typically distributed on pads, hence the origin of the name "one-time pad" scheme. A mistake, such as losing or reusing the pad, breaches the security of the message. This was learned all too well by Soviet intelligence shortly after World War II when some one-time pads were inadvertently used twice, causing American code-breakers to expose several spies.
Variations of the Vernam cipher have reused long keys or have used systems where the sender and receiver have identical pseudo-random number generators. A pseudo-random number generator generates a series of numbers which statistically appear random but which are actually completely deterministic. Both the receiver and the sender can generate the same key by starting the pseudo-random number generator using the same "seed" value. None of these schemes, however, are completely secure because the keys can be predicted by an eavesdropper.
As a result of the necessity of communicating the key for each message and the difficulties in securing the keys, the Vernam system is rarely used. A more prevalent system of exchanging secured information is with the use of public-key cryptosystems . An advantage of public-key encryption systems is that they allow two parties who have not previously communicated to send secured messages. In the public-key system, the receiver, A, chooses randomly a pair of mutually inverse transformations to be used for encryption and decryption of the message. A then publishes instructions for encryption but does not publish the transformation used for decryption. The transformations are chosen so that it is at least extremely difficult to deduce the transformation used for decryption from that used for encryption. A sender, B, would then be able to send a secured message to A by encrypting the message as per the publicly known algorithm and sending it to A. A would then use the unpublished decryption algorithm to retrieve the message .
Although public-key encryption may be applicable for certain uses, especially when the parties have not foreseen a need to communicate, these system have not been shown to be secure .
Summary of the Invention
In accordance with this invention, a method of encryption is provided which expands on the Vernam cipher system but which dispenses with the need for the parties to continuously communicate a key by alternative channels.
In one embodiment of this invention, one of the users generates a key, preferably including a series of random numbers, the random numbers preferably being generated using a quantum random number generator as described in Applicant's previous application (serial number 08/876,994), hereby incorporated by reference in its entirety. The key is communicated to all of the other users. The communication channels used to distribute the key may include personal communication, postal mail, or electronic means. Personal communication is the most secure method of communicating the key while electronic transmissions suffer a high degree of risk because the key may be intercepted.
A message may be sent between the parties using the sequence of random numbers as an encryption key. In addition, each time that the parties communicate, a new key is generated. The new key is encrypted using the previous key, or alternatively the previously sent message or a preset encryption sequence, and is communicated to the users . The new encrypted key may be sent along the same transmission channel as was the encrypted message. Each of the users then decrypts the new key using the previous key and stores the new key in place of the previous key so that the new key is used for the next communication. Therefore, any given key is used in sending and/or receiving only one message and is abandoned in favor of a new key without any further need of communication between the parties through alternative channels.
In addition, only one of the parties needs to have the capability of generating the key. The other parties need only have means of storing the keys and decrypting the messages. Devices for storing keys and decrypting messages include smart cards, computer systems, or even magnetic tape storage devices (such as credit cards) combined with use of a processor system. The invention is inherently applicable to computer based communications.
As is further described below, users who have not previously interacted to initialize an encryption key may send and receive secured messages through a mediator with whom each of the parties have initialized a communication channel. The invention is applicable to use with the Internet, the world wide web, credit card or debit card transactions, or Pay TV systems, among other uses . In yet another embodiment, the encryption key may be used to encode a passkey. In this system, the message itself is a random sequence which, when decrypted by the receiver, is used to access coded information such as debit card balances. The passkey may also allow physical access, i.e. unlocking or opening a door.
In another embodiment of the invention, the key may be used to certify the source of the message. In this embodiment, the sender transmits the key to the receiver and the receiver compares the key with a stored key to certify the sender's identity. After the sender is certified by the receiver, further communications without encryption may be undertaken. Additional communications may include passkeys or, alternatively, the certified key may itself act as a passkey, allowing access to information or to allow physical access such as opening doors.
An additional feature of the invention is that, because the encryption key is updated after every communication, if a user's key has been intercepted and used by an eavesdropper (such as would be the case with fraudulent credit card transactions) then that user will no longer have access to the system and can promptly notify the mediator or other users of a breach in security.
Description of the Figures
Figure 1 shows schematically communication between several parties.
Figure 2 shows schematically communication between several parties using a mediator as a central communications node. Figure 3 shows an apparatus for communicating between two parties.
Figure 4A shows a smart card used as a communicator .
Figure 4B shows a memory card/magnetic strip card used as a communicator.
Description of the Invention
Figure 1 shows schematically communication between several parties using a distributed network system. Although only parties A, B, C and D are shown, any number of parties greater than two may be linked in accordance with the technique shown in Figure 1. In addition, a message sender may selectively choose to whom a particular message is to be sent. Figure 1 also shows a possible eavesdropper E. The message may be represented as a numerical sequence (Mlf . . ., Mir . . . ML) where MA is a number which represents the ith character of the message and L is the length of the message. Although many different schemes may be devised for translating a message into numerical format, a particularly useful form for computerized communication is the binary form, a series of "0"s and "l"s. Some applications which use the binary format include the Internet, the world wide web, credit card purchases, debit card purchases, and pay TV, although other applications may use it as well.
A message may also include verification or routing information. The verification information may be used to verify the identity of the sender to the receiver. Routing information may be used to determine who the sender chooses to receive the message .
The communications channels are initialized by first generating and distributing to all of the parties an encryption key. Figure 1 shows the scenario where party C has the capability of generating a key G while parties A, B and D do not. Therefore, Party C would generate the key and distribute the key to parties A, B and D. Any of the parties, or all of the parties, may have the capability of generating a key G, but at least one of them must have the capability of generating a key G. The communication channel is initialized by any party generating and distributing the key to all of the other parties. Each party stores the encryption key for future use . Preferably, the key includes a sequence of random numbers, (Rl f . . . RN) . The key, however, may also include further information such as, for example, a choice of encryption/decryption methods. The key generator G is preferably a random number generator. Although the random number generator may be one of any of the well known types, the preferred random number generator used with this invention is a true random number generator such as the quantum mechanical random number generator of Applicant's previous application (Ser. No. 08/876,994) . The preferred random number generator employs the laws of quantum mechanics in order to generate a true random number sequence which does not repeat . These generators are fast enough to produce a sequence of random numbers of adequate length in an amount of time consistent with the needs of this communication scheme and are relatively independent of external influences.
Most random number generators employ arithmetic methods for generating random numbers which inherently are deterministic and which may, with enough persistence, be shown not to be truly random. At some point in the sequence generated they repeat, thereby compromising the desired nonpredictability of the key sequence .
These "pseudo-random" number generators calculate a series of numbers from a user inputted "seed" number where the series of numbers is statistically random. The series of numbers, however, is completely deterministic in that the same series is always generated from a particular "seed" value. Another method of generating random numbers is by use of statistical process such as the electronic noise created by the random movement of electrons in electronic circuitry. (See Robert Matthews, "It's a Lottery", New Scientist, 22 July 1995, p. 38, 39). Although this method is preferred over an arithmetic method, these devices are slow and may lose their true randomness based on external influences. Yet another statistical process random number generator uses radioactive decay to generate random numbers. The length of the sequence, N, is arbitrary but it is preferred that the length N be chosen to be equal to or greater than the length of the numerical sequence representing the message, L. A sequence length N that is less than the length of the message L will result in a less secure transmission because it is necessary that part of the key be repeated in the encryption process. The part of the encryption key which is repeated potentially compromises the portions of the message encrypted with the repeated key. If the message is to be sent in bit format, i.e. as a sequence of "0"s and "l"s, then the sequence of random numbers is also preferably a sequence of "0"s and "l"s.
The initial encryption key is preferably communicated to each of the other parties in person. Alternative forms of communicating the initial encryption key include mail or by electronic transmission. In-person communication of the initial key has the advantage of more securely ensuring that the parties receive the key and that potential eavesdroppers do not gain access to the key. Other forms of communication increase the risk that the initial key is intercepted by a potential eavesdropper.
After the parties are all in possession of the encryption key, any of them may send a secured message to any or all of the others. The message, after translation into its corresponding numerical sequence, may be encrypted using the key in a number of ways, but whichever way is chosen must be agreed upon by the parties in advance. The method of encryption may also be communicated between the parties along with the key itself where a code in the key signals a selection from a predetermined set of encryption/decryption methods.
One common method of encryption, the preferred method, is to add or subtract the random number sequence of the key to the message. This is the well known Vernam cipher. The resulting encrypted message is therefore (M ± Rl t . . . , ML ± Rj) . If L=N, then j=N whereas if L<N, j=L. If L>N, then j is the end of whatever partial sequence of the random number sequence in the key that was used to fill the end of the key. Any operation which convolutes the message with the key can be used to encrypt the message so long as all parties know and agree upon the operation so that the decryption of the message can be accomplished by deconvoluting the message from the key. Possible convolution operations include any mathematical function of the message sequence and the encryption sequence, or any shifting and rearranging of sequence strings in the message and the key such that the resulting encrypted message is a single sequence.
In the preferred method, the message and the key are both in binary form and the convolution of the message with the key results in an encrypted sequence having the same length as the message. However, in general the encrypted message may be of any length sufficient to contain the entire message. The sender of the message encrypts the message and transmits the encrypted message to each of the receiving parties. Not all of the parties may receive the message.
At the end of the transmission of the message, one of the parties who is capable of generating a key (C in Figure 1) generates a new key. Preferably, that party encrypts the new key using the old key and transmits the encrypted new key to all of the parties, the old key being the key previously used to send the message. Alternatively, but with less security, the new key may be encrypted using the previously transmitted message or a preset encryption sequence previously shared by the parties.
Each of the parties, then, decrypts the new key using the old key and stores the new key in place of the old key. The new key is then used in future communications and the old key can be abandoned. Alternatively, the old key can be stored as proof of the message.
Both the message and the new key are securely transmitted between the parties even though transmission of the encrypted new key requires a repeated use of the old key. If the new key is encrypted using the old key, an outside party, Eavesdropper E in Figure 1, would not be able to break the code based on the encrypted new key because the new key itself is a sequence of random numbers. Eavesdropper E could break the code, however, if the old key was reused to send a new message or repeated in the transmission of the old message. A new party may be included in the communication scheme of Figure 1 by sharing the current encryption key to the new party and by connecting the new party to the other parties so that the new party can send and receive encrypted messages. Figure 2 shows schematically a communication technique between several parties (A, B, C, and D) where each of the parties has previously initialized a communication channel with a mediator. The parties do not necessarily have an initialized communication channel with each other. In addition, the parties may not have previously contemplated the need for communications between them.
In Figure 2, each party (A, B, C, or D) individually initializes a communication channel with a mediator. Although Figure 2 shows only parties A, B, C and D, the mediator may initialize communications channels with any number of separate parties. Preferably, the mediator has the capability of generating a key G and communicates a separate key to each of the parties. Alternatively, if the mediator does not have the capability of generating a key, each of the parties should have that capability G and then each party communicates a key to the mediator. The latter scenario may be useful if the mediator is a shared member of separate communications networks which utilize this methodology. If the mediator is not capable of generating a key and not all of the parties have the capability of generating a key G, then the mediator must receive keys from a capable party to distribute to those not capable of generating a key. The mediator stores the encryption key for each party individually in such a way that the key associated with an individual party is easily identifiable to the mediator.
As was discussed above, the key preferably includes a random number sequence generated from a random number generator. After initializing the communication channels, an initial key is shared between the mediator and each of the parties . Each channel may be opened separately; therefore each of the parties in the configuration of Figure 2 may share a different key with the mediator. A new member is added to this scheme by initializing a separate communication channel with the mediator.
Any one member, for example A, may now send a secured message to any other party, for example B. Party A encrypts the message using the key and an encryption method that is shared between party A and the mediator. Party A transmits the encrypted message to the mediator. The mediator decrypts the message and determines from routing information that is transmitted as part of the message which party or parties are to receive the message . The mediator then encrypts the message using the key which is shared with the receiving party, B in this example, and transmits the message to the receiving party. The receiving party retrieves the message by decrypting the message using the key that the receiving party shares with the mediator.
The key which is shared with the sending party, A, and the keys that are shared with the receiving parties, B, are then replaced. For each party, a new key is generated. Preferably, the new key is encrypted using the key that is shared between that party and the mediator M. Alternatively, the new key could be encrypted using the message which was previously sent between the party and the mediator. In addition, the new key could be encrypted using a preset encryption sequence previously shared between the party and the mediator.
The encrypted new key is then transmitted so that both the party and the mediator M share the new key.
The encrypted new key is then decrypted and is used to replace the previous key. In this way, different parties, such as A and B, may securely communicate through a mediator while never themselves sharing a common key.
The configuration of Figure 2 is employable to send messages between parties, such as Party A and Party B, even if the parties are members of a network such as Figure 1 if the communications link between them is faulty or non existent. The parties A and B in Figure 1 may communicate using party C or D as a mediator. In addition, the parties A, B, C and D in Figure 1 may themselves each be networks as shown in Figure 1, each of these networks having the mediator as a member.
The configuration illustrated in Figure 2 may be particularly employable for secured credit card or debit card purchases over the Internet, world wide web or via telephone lines where the purchaser and vendor have not previously interacted but both use a central credit card service such as mastercard or visa. In a credit card application, a transfer of funds from user A to user B may result from A transmitting a different message to the mediator than the mediator finally sends to B. For example, if A is transferring funds to B then A' s message may include a passkey and account information. The mediator records A' s message, and after approval of the transfer of funds, sends B a confirmation that funds have been credited to B's account from A' s account . The mediator may hold the account information or, alternatively, another user may hold the account information and the mediator must communicate with the third user for approval before sending a confirmation to B. The mediator may communicate with the third party user using the techniques of this invention.
Another useful application of the invention, either in the configuration of Figure 1 or the configuration of Figure 2, is to obtain access to information or initiate an action from another communicating party. In this embodiment, the message includes a passkey which may be randomly generated. Other non-encrypted messages may be sent between the sender and receiver in addition to the message which includes the passkey. The use of the system to send passkeys may be particularly useful for debit card account access or simply to unlock or operate doors (e.g., garage doors).
In this embodiment the party seeking access encrypts the message including the passkey using the key and transmits the encrypted passkey to the party responsible for granting access. The key is replaced after each use. The granting party decrypts the encrypted passkey and, by comparing the passkey with a stored passkey, either grants or disallows access to the party seeking access. The granting party may grant access to information (such as in a debit card transaction) , transfer funds in response to the remainder of the messages (such as in a credit card transaction or debit card transaction) , or open a door (such as in a garage door opener) . In yet another embodiment, the key may be used to certify the validity of a communication. In the certification embodiment, the key is sent to the receiver and replaced after every transmission. The receiver compares the key with a stored key to certify that communication with that sender is valid. In this embodiment, the key itself may act as a passkey such as discussed above or is used to certify that a message originates from a particular sender. A message, which may or may not be encrypted, may be sent in the communication. One method of sending the message with the key is to appending the message sequence onto the end of the random number sequence of the key. Alternatively, the message may be sent in a transmission separate from the transmission which includes the key. In either case, the key is used to certify that the message originates from a particular sender .
The systems described in Figures 1 and 2 and in the embodiments of the invention are secure once the initial key is successfully communicated. However, if security is breached there is an additional security feature. If a user's key is used by an eavesdropper to send or receive data, then that user's key will not be updated (the eavesdropper's stolen key will be updated instead) . The user will find the communications system inaccessible and can alert the other parties and/or the mediator to the breach in security.
In addition, if a record is made of the previously used keys, the current key in the possession of the user will evidence the last transaction made by the user. Subsequent transactions with the user's keys, therefore, are made by the eavesdropper.
An apparatus for use with either of the communication configurations shown in Figures 1 and 2 is shown in Figure 3. The apparatus includes at least two communicators and at least one key generator, a communicator being a device for communications. Figure 3 shows Communicator A 100, Communicator B 200 and Key Generator 300. Communicator A 100 includes Data I/O port 110, processor 120, encryption key storage memory 130, message storage memory 140, and system memory 150. Communicator B 200 includes data I/O port 210, processor 220, encryption key storage memory 230, message storage memory 140 and system memory 250. Communicator B 200 also communicates with key generator 300 so that Communicator B 200 has the capability of generating a key (G on Figures 1 and 2) .
Each communicator must at least have the ability to store the key, encrypt and decrypt messages, and communicate with other communication devices.
Communicator A 100 has a processor 120 which receives and sends messages through data I/O port 110. Data I/O port 110 may include a modem to facilitate communications with other communicators. Processor 120 stores the message in message storage memory 140, reads the key from encryption key storage memory 130, and encrypts or decrypts the message in response to programming instructions stored in the system memory 150. Communicator B 200 reads and writes encryption keys to encryption key storage memory 230, receives and sends messages through data I/O port 210, and reads and writes messages from message storage memory 240 in response to programming instructions stored in system memory 240. Data I/O port 110 and data I/O port 210 must be compatible so that communicator A 100 and communicator B 200 can exchange data through transmission path 400. Transmission path 400 may be telephone lines, Ethernet lines, or other communications path by which different communicators may communicate. In addition, Communicator B 200 receives new keys from key generator 300. Key generator 300 generates a key and could be one of the random number generators previously discussed, preferably the quantum mechanical random number generator. Figure 3 shows only two communicators, but the apparatus for carrying out this invention could include any number of separate communicators configured as in Figure 1 or Figure 2. In the configuration of Figure 1, the communicators communicate with all other communicators and in Figure 2 each communicator communicates with a mediator. A communicator which is functioning as a mediator in Figure 2 must additionally be capable of storing a separate key in relation to each of the users of the mediator configuration. A network of communicators as in Figures 1 or 2 may include any number of different communications devices, each device having the capability of storing a key, encrypting and decrypting data, and of communicating with the other communicators or with the mediator through transmission paths 400. The preferred apparatus for use with this invention includes at least one smart card, a communicator acting as a mediator, and a key generator communicating with the mediator. Figure 4A shows a smart card for use with this invention. Preferable, the smart card 500 is physically convenient to transport, i.e. about credit card size. The smart card 500 includes a processor 520, a data I/O port 510, an encryption key storage memory 530, a system storage memory 550, and a message storage memory 540. Processor 520 is capable of encrypting and decrypting messages, of reading and writing to the encryption key storage memory 530 and the message storage memory 540, and of communicating through data I/O port 510 with another communicator, such as a mediator. In Figure 4A, the smart card 500 communicates through data I/O port 510 to an intermediate I/O device 560 which communicates with the other communicators of network 700, although smart card 500 may itself be capable of communicating with network 700. In one embodiment, smart card 500 also stores account information and account balances. This information is useful if the smart card is used as a debit card. In addition, smart card 500 or intermediate I/O device 560 may have external displays and controls so that an outside user may query smart card 500 regarding account information and balances. If interaction with the smart card is possible, the encryption key and the program instructions containing the encryption method should remain inaccessible. The intermediate I/O device 560 need have no further features except to facilitate communications with other communicators in network 700. For example, an intermediate I/O device 560 may connect smart card 500 to a phone modem wherein the intermediate I/O device 560 communicates with the smart card 500 through the data I/O port 510 and transmitting to network 700 through a phone modem. Other intermediate I/O devices include computer systems capable of networking with other communicators . At least one communicator in network 700 with smart card 500 must be capable of generating encryption keys . The key generator used in the preferred embodiment is the quantum mechanical random number generator. Although the smart card is the preferred device for use with this method, any device which has the capability of storing a key, reading the key, encrypting information and decrypting information may be used. A standard card type memory storage device, such as a standard credit card with a magnetic strip or a memory card having a memory chip, used with a card reader capable of sending and receiving messages to the central computer, reading the memory storage device, and writing to the memory storage device will suffice. Figure 4B shows a storage card communicator 600 having a storage card 630 in communication with card reader 660. Storage card 630 may be a memory card, a card with a magnetic strip, or any other device capable of storing data. Card reader 660 includes a processor 620, a system memory 650, a message memory 640 and a data I/O port 610. The processor 620 read the encryption key from the memory card 630 and encrypts or decrypts messages in response to program instructions stored in the system memory 650. The data I/O port 610 is capable of communicating with other communicators on network 700.
Storage card 630 may also store account information and account balances. This information is useful if the storage card is used as a debit card. In addition, card reader 660 may have external displays and controls so that an outside user may query account balances stored in the card.
Yet another embodiment of the communicator includes a computer, the computer being capable of communicating with all of the other communicators in the network or with a mediator computer. Each computer must be able to store the encryption key and encrypt and decrypt data which it receives. This communicator is useful for Internet communications or for networking communications. In addition, and for added security, each of the computers may be capable of communicating with a device external to the computer, the device being one which stores the key and possibly is also one which encrypts and decrypts the data (such as a smart card or a storage card) . The external device could make the key and possibly the encryption/decryption algorithms inaccessible to the computer.
The examples illustrated here are representative examples and in no way limit the scope of this application. Other obvious embodiments of the invention will be apparent to one skilled in the art and are included within the scope of this application.

Claims

ClaimsI claim:
1. A method of certifying a communication between a sending party and at least one receiving party, the sending party and the at least one receiving party being members of a group of communicating parties, comprising: transmitting a first key from the sending party to the at least one receiving party; certifying the communication at the at least one receiving party, the communication being certified if the first key matches a stored key, the stored key being shared by each of the group of communicating parties; replacing the first key if the communication is certified.
2. The method of Claim 1, wherein replacing the first key comprises : generating a new key; communicating the new key to the group of communicating parties; replacing the stored key with the new key at each of the group of communicating parties.
3. The method of Claim 2, further comprising transmitting a message from the sending party to the at least one receiving party, the message being transmitted with the first key by appending the message to the first key.
4. The method of Claim 2, further comprising transmitting a message from the sending party to the at least one receiving party, the message being transmitted separately from the first key.
5. The method of Claim 2, wherein generating a new key comprises generating a sequence of random numbers with a random number generator.
6. The method of Claim 5, wherein the random number generator comprises a pseudo-random number generator.
7. The method of Claim 5 , wherein the random number generator comprises a quantum mechanical random number generator .
8. The method of Claim 2, wherein communicating the new key to the group of communicating parties comprises: encrypting the new key using the first key; transmitting the encrypted new key to each of the group of communicating parties; decrypting the encrypted key at each of the group of communicating parties using the stored key; replacing the stored key with the new key at each of the group of communicating parties.
9. A method for securely transmitting a message between at least two parties, comprising: creating an encrypted message at a sending party by encrypting the message using a first key, the sending party being one of the at least two parties; transmitting the encrypted message to at least one receiving party, the at least one receiving party being one of the at least two parties; decrypting the encrypted message at the at least one receiving party to retrieve the message; generating a new key; encrypting the new key to create an encrypted key; transmitting the encrypted key so that all of the at least two parties have the encrypted key; decrypting the encrypted key at each of the at least two parties to retrieve the new key; and replacing the key with the new key at each of the at least two parties.
10. The method of Claim 9, further comprising initializing a communications channel, said initializing comprising: generating the first key at a generating party; communicating the first key to each of the at least two parties; and storing the first key at each of the at least two parties.
11. The method of Claim 9, wherein generating a new key comprises generating a sequence of random numbers of length N with a random number generator.
12. The method of Claim 11, wherein the random number generator comprises a pseudo-random number generator.
13. The method of Claim 11, wherein the random number generator comprises a quantum mechanical random number generator.
14. The method of Claim 11, wherein the random number generator comprises a statistical process random number generator.
15. The method of Claim 11, wherein: creating an encrypted message comprises: translating the message into a series of numbers of length L called a message sequence, and convoluting the first key with the message sequence using a predetermined convolution function; and decrypting the encrypted message to retrieve the message comprises: deconvoluting the first key from the encrypted message using a deconvolution function, the deconvolution function being inverse to the predetermined convolution function, thereby restoring the message sequence, and translating the message sequence back into the message .
16. The method of Claim 15, wherein: encrypting the new key to form the encrypted key comprises convoluting the new key with the first key using a second predetermined convolution function; and decrypting the encrypted key to retrieve the new key comprises deconvoluting the first key from the encrypted key using a second deconvolution function, the second deconvolution function being inverse to the second predetermined convolution function.
17. The method of Claim 16, wherein the predetermined convolution function and the second predetermined convolution function are identical.
18. The method of Claim 15, wherein: encrypting the new key to form the encrypted key comprises convoluting the new key with the message using a second predetermined convolution function; and decrypting the encrypted key to retrieve the new key comprises deconvoluting the message from the encrypted key using a second deconvolution function, the second deconvolution function being inverse to the second predetermined convolution function.
19. The method of Claim 15, wherein: encrypting the new key to form the encrypted key comprises convoluting the new key with a preset encryption sequence using a second predetermined convolution function; and decrypting the encrypted key to retrieve the new key comprises deconvoluting the preset encryption sequence from the encrypted key using a second deconvolution function, the preset encryption sequence being shared between the at least two parties, the second deconvolution function being inverse to the second predetermined convolution function.
20. The method of Claim 17, wherein: the predetermined convolution function comprises adding the sequence of numbers of the first key to the message sequence; and the deconvolution function comprises subtracting the sequence of numbers of the first key from the encrypted message .
21. The method of Claim 17, wherein: the predetermined convolution function comprises subtracting the sequence of numbers comprising the first key from the message sequence; and the deconvolution function comprises adding the first key to the encrypted message.
22. The method of Claim 15, wherein: convoluting the first key with the message comprises appending the first key to the message; and deconvoluting the first key from the encrypted message comprises reading a received key after the message; and further comprising: certifying the message by the receiving party comparing the first key with the received key to verify the validity of the message.
23. The method of Claim 15, wherein: encrypting the new key to form the encrypted key comprises convoluting the new key with the first key using a second predetermined convolution function; and decrypting the encrypted key to retrieve the new key comprises deconvoluting the first key from the encrypted key using a second deconvolution function, the second deconvolution function being inverse to the second predetermined convolution function.
24. The method of Claim 17, wherein: the random number sequence of the first key is in binary form; and the message sequence is in binary form.
25. The method of Claim 15, wherein N is greater than or equal to L.
26. The method of Claim 15, wherein the message includes a sender verification sequence whereby the at least one receiving party can verify the identity of the sender.
27. The method of Claim 15, wherein the message comprises a passkey.
28. The method of Claim 15, wherein the key includes a convolution function selector whereby the predetermined convolution function and the corresponding deconvolution function may be chosen from a set of predetermined convolution functions.
29. A method for securely transmitting messages between at least two parties using a mediator, comprising: encrypting a first message at a sending party by using a first key to create a first encrypted message, the first key being shared between the sending party and the mediator, the sending party being one of the at least two parties; transmitting the first encrypted message from the sending party to the mediator; decrypting the first encrypted message at the mediator using the first key; reading from the first message at least one receiving party, the at least one receiving party being designated to receive the message; replacing the first key; transmitting a second message from the mediator to each of the at least one receiving party, by deriving the second message from the first message, encrypting the second message using a second key to create a second encrypted message, the second key being shared between the mediator and the at least one receiving party, transmitting the second encrypted message to the at least one receiving party, and decrypting the second encrypted message at the at least one receiving party by using the second key to retrieve the second message; and replacing the second key.
30. The method of Claim 29, wherein replacing a key, the key being the first key or the second key, comprises: generating a new key at a generating party, the generating party being either the mediator or a replacing party, the replacing party being the sending party or one of the at least one receiving party; encrypting the new key at the generating party to create an encrypted new key; transmitting the encrypted new key to a key receiving party, the key receiving party being the replacing party if the mediator is the generating party and the mediator if the replacing party is the generating party; decrypting the encrypted new key at the key receiving party to retrieve the new key; and replacing the key with the new key at each of the mediator and the updating party.
31. The method of Claim 30, wherein: encrypting the new key to create the encrypted new key comprises convoluting the new key with the key using a predetermined key convolution function; and decrypting the encrypted new key to retrieve the new key comprises deconvoluting the key from the encrypted new key using a predetermined key deconvolution function.
32. The method of Claim 30, wherein: encrypting the new key to create the encrypted new key comprises convoluting the new key with the message using a predetermined key convolution function; and decrypting the encrypted new key to retrieve the new key comprises deconvoluting the message from the encrypted new key using a predetermined key deconvolution function.
33. The method of Claim 30, wherein: encrypting the new key to create the encrypted new key comprises convoluting the new key with a preset encryption sequence using a predetermined key convolution function; and decrypting the encrypted new key to retrieve the new key comprises deconvoluting the preset encryption sequence from the encrypted new key using a predetermined key deconvolution function, the present encryption sequence being shared between the replacing party and the mediator.
34. The method of Claim 30, further comprising initializing a communication channel between each of the at least two parties and the mediator, the initializing comprising: generating a key; communicating the key so that one of the at least two parties and the mediator share the key; storing the key at each of the mediator and the one of the at least two parties for future use .
35. The method of Claim 34, wherein the generating party is the mediator.
36. The method of Claim 34, wherein deriving the second message from the first message comprises: setting the second message equal to the first message.
37. The method of Claim 34, wherein deriving the second message from the first message comprises: encrypting the first message using a third key to create a third encrypted message, the third key being shared between the mediator and a third party; transmitting the third encrypted message to the third party; receiving a fourth encrypted message from the third party; decrypting the fourth encrypted message using the third key to retrieve the second message; replacing the third key.
38. The method of Claim 34, wherein the key and the new key each include a sequence of random numbers of length N, the sequence of random numbers being generated by a random number generator.
39. The method of Claim 38, wherein the random number generator comprises a pseudo-random number generator.
40. The method of Claim 38, wherein the random number generator comprises a quantum mechanical random number generator .
41. The method of Claim 38, wherein the random number generator comprises an electronic noise based random number generator.
42. The method of Claim 38, wherein: encrypting a message using a key to form an encrypted message comprises: translating the message into a series of numbers of length L called a message sequence , and convoluting the key with the message sequence using a predetermined convolution function; and decrypting the encrypted message to retrieve the message comprises: deconvoluting the key from the encrypted message using a deconvolution function, the deconvolution function being inverse to the predetermined convolution function, and translating the message sequence into the message.
43. The method of Claim 42, wherein: the predetermined convolution function comprises adding the sequence of numbers comprising the key to the message sequence; and the deconvolution function comprises subtracting the random sequence of numbers comprising the key from the encrypted message.
44. The method of Claim 42, wherein: the predetermined convolution function comprises subtracting the sequence of numbers comprising the key from the message sequence; and the deconvolution function comprises adding the key to the encrypted message .
45. The method of Claim 42, wherein: the random number sequence included in the key is in binary form; and the random number sequence included in the message sequence is in binary form.
46. The method of Claim 42, wherein the message includes a sender verification sequence whereby the at least one receiving party can verify the identity of the sending party.
47. The method of Claim 42, wherein the message includes a passkey.
48. The method of Claim 42, wherein the key includes a convolution function selector whereby the predetermined convolution function and the deconvolution function are chosen from a set of predetermined convolution functions.
49. An apparatus for securely transmitting messages between at least two parties comprising: at least two communicators, each of the at least two parties having at least one of the at least two communicators, each of the at least two communicators comprising a data I/O port for sending and receiving data, the communicators capable of communicating with each of the other communicators through the data I/O port, a key storage memory for storing an encryption key, a message storage memory for storing data, a system memory for storing a program, the program having program instructions, and a processor capable of sending and receiving data through the data I/O port, of reading and writing the encryption key to the key storage memory, of reading and writing data to the message storage area, and of encrypting and decrypting data, the processor acting in response to the program instructions in the program; and at least one means for generating the encryption key.
50. The apparatus of Claim 49, wherein the communicators of each of the parties are connected through the data I/O ports to the communicators of all remaining of the at least two parties.
51. The apparatus of Claim 49, wherein one of the communicators is a mediator system, the mediator system comprising: at least one data I/O port for sending and receiving data from the communicators; at least one key storage memories for storing an encryption key for each of the communicators; a message storage memory for storing data; a system memory for storing a mediator program, the mediator program having mediator instructions; and a processor capable of sending and receiving data through the data I/O port, of reading and writing encryption keys to the key storage memory, of reading and writing data to the message storage area, and of encrypting and decrypting messages in response to the mediator instructions of the mediator program.
52. The apparatus of Claim 49, wherein the at least two communicators are each either computer systems, smart card systems or storage card systems .
53. The apparatus of Claim 52, wherein the computer systems provide the processor and where the key storage memory is located on an external storage device, the external storage device being external to the computer system and communicating with the computer system so that the computer system can read and write to the external storage device.
54. The apparatus of Claim 53, wherein the external storage device is a storage card.
55. The apparatus of Claim 54, wherein the storage card also includes the message storage memory.
56. The apparatus of Claim 55, wherein the storage card also stores the program.
57. The apparatus of Claim 54, wherein the storage card also stores the program.
58. The apparatus of Claim 53, wherein the external storage device is a smart card.
59. The apparatus of Claim 58, wherein the smart card stores the encryption key, encrypts the data and decrypts the data.
60. The apparatus of Claim 49, wherein the at least one means for generating the encryption key comprises at least one random number generator.
61. The apparatus of Claim 60, wherein the at least one random number generator includes a pseudo-random number generator.
62. The apparatus of Claim 60, wherein the at least one random number generator comprises a quantum mechanical random number generator.
63. The apparatus of Claim 60, wherein the at least one random number generator comprises a statistical process random number generator.
PCT/US1998/024881 1997-12-01 1998-11-20 Secured communications scheme using random numbers WO1999029064A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU23056/99A AU2305699A (en) 1997-12-01 1998-11-20 Secured communications scheme using random numbers

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US98057397A 1997-12-01 1997-12-01
US08/980,573 1997-12-01

Publications (1)

Publication Number Publication Date
WO1999029064A1 true WO1999029064A1 (en) 1999-06-10

Family

ID=25527675

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1998/024881 WO1999029064A1 (en) 1997-12-01 1998-11-20 Secured communications scheme using random numbers

Country Status (2)

Country Link
AU (1) AU2305699A (en)
WO (1) WO1999029064A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1152567A2 (en) * 2000-05-05 2001-11-07 Kryptografics GmbH Method for securing privacy and avoiding eavesdropping during communication between computer networks

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4182933A (en) * 1969-02-14 1980-01-08 The United States Of America As Represented By The Secretary Of The Army Secure communication system with remote key setting
US4897875A (en) * 1986-09-04 1990-01-30 The Manitoba Telephone System Key management system for open communication environments
US5010572A (en) * 1990-04-27 1991-04-23 Hughes Aircraft Company Distributed information system having automatic invocation of key management negotiations protocol and method
US5185795A (en) * 1991-02-27 1993-02-09 Motorola, Inc. Authentication of rekey messages in a communication system
US5220603A (en) * 1991-03-08 1993-06-15 International Computers Limited Access control in a distributed computer system
US5404404A (en) * 1993-07-01 1995-04-04 Motorola, Inc. Method for updating encryption key information in communication units

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4182933A (en) * 1969-02-14 1980-01-08 The United States Of America As Represented By The Secretary Of The Army Secure communication system with remote key setting
US4897875A (en) * 1986-09-04 1990-01-30 The Manitoba Telephone System Key management system for open communication environments
US5010572A (en) * 1990-04-27 1991-04-23 Hughes Aircraft Company Distributed information system having automatic invocation of key management negotiations protocol and method
US5185795A (en) * 1991-02-27 1993-02-09 Motorola, Inc. Authentication of rekey messages in a communication system
US5220603A (en) * 1991-03-08 1993-06-15 International Computers Limited Access control in a distributed computer system
US5404404A (en) * 1993-07-01 1995-04-04 Motorola, Inc. Method for updating encryption key information in communication units

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1152567A2 (en) * 2000-05-05 2001-11-07 Kryptografics GmbH Method for securing privacy and avoiding eavesdropping during communication between computer networks
EP1152567A3 (en) * 2000-05-05 2002-10-02 Kryptografics GmbH Method for securing privacy and avoiding eavesdropping during communication between computer networks

Also Published As

Publication number Publication date
AU2305699A (en) 1999-06-16

Similar Documents

Publication Publication Date Title
US4912762A (en) Management of cryptographic keys
EP0002390B1 (en) Method for cryptographic file security in multiple domain data processing systems
US6058189A (en) Method and system for performing secure electronic monetary transactions
US4193131A (en) Cryptographic verification of operational keys used in communication networks
US4386234A (en) Cryptographic communication and file security using terminals
EP0292790B1 (en) Controlling the use of cryptographic keys via generating station established control values
EP0002389B1 (en) Multiple domain data communication
US4238853A (en) Cryptographic communication security for single domain networks
US4720859A (en) Method and system for the mutual encyphered indentification between data communicating stations and stations for use with such method and system
US5315658A (en) Fair cryptosystems and methods of use
EP0354774B1 (en) Data cryptography using control vectors
US5745576A (en) Method and apparatus for initialization of cryptographic terminal
US4238854A (en) Cryptographic file security for single domain networks
US5602917A (en) Method for secure session key generation
US7564977B2 (en) System, method and program product for anonymous transfer of messages
USRE36918E (en) Fair cryptosystems and methods of use
WO1997031450A1 (en) Key replacement in a public key cryptosystem
US20010014156A1 (en) Common key generating method, common key generator, cryptographic communication method and cryptographic communication system
GB2124808A (en) Security system
WO1999029064A1 (en) Secured communications scheme using random numbers
EP0892519A2 (en) System and method for secure data transmission
JPH07336328A (en) Cipher device
WO2004054208A1 (en) Transferring secret information
CA1322418C (en) Data cryptography operations using control vectors
Denning Cryptographic Techniques

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: KR

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

NENP Non-entry into the national phase

Ref country code: CA

122 Ep: pct application non-entry in european phase