CA2165874C - Method for secure session key generation - Google Patents
Method for secure session key generationInfo
- Publication number
- CA2165874C CA2165874C CA002165874A CA2165874A CA2165874C CA 2165874 C CA2165874 C CA 2165874C CA 002165874 A CA002165874 A CA 002165874A CA 2165874 A CA2165874 A CA 2165874A CA 2165874 C CA2165874 C CA 2165874C
- Authority
- CA
- Canada
- Prior art keywords
- signal
- random number
- key
- signals
- session key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
Abstract
A symmetric procedure avoids the problems with prior art systems using modifiers with master keys and generates a secure session key from a secret master key and an additional pair of randomly selected signals. The secret master key is known to both parties: one at station A and one at station B. One randomly selected signal of the pair is generated by the party at station A while the other signal in the pair is generated by the party at station B. In one embodiment, a random number signal sent by each one of the parties to the other is encrypted before transmission and decrypted upon reception.
Both encryption (at one station) and decryption (at the other station) employ symmetric key cryptographic systems which use the secret master key. The session key is then formed by a commutative combination of both random number signals.
Both encryption (at one station) and decryption (at the other station) employ symmetric key cryptographic systems which use the secret master key. The session key is then formed by a commutative combination of both random number signals.
Description
METHOD FOR SECURE SESSION KEY GENERATION
Technical Field This invention relates to a method for generating keys for encryption systems and, more particularly, for generating secure session keys for such systems.
5 l~l~round of the Invention ChAnging encryption keys after a certain usage time is an old concept. For example, in the initial key distribution process, an entire table of encryption keys is distributed. Thereafter, each key is used for a specific time only. Alternatively, a new key can be derived for each session by using mAth~mAtical one-way functions such as is 10 done in the Diffie-Hellman algorithm. Finally, with a distributed master key and a series of modifier elements such as a date or time stamp or a counter or the like, one can combine the master key with the modifier elements to generate session keys as needed.
Each of the aforementioned techniques for session key generation suffers from a variety of factors which detract from the appeal of the technique. The first technique 15 requires a fairly large prole~iled memory to store the table of keys. In addition, it requires a significant amount of physical security to keep it from being colllpl~lllised. The second technique using one-way functions requires powerful processors to compute functions such as discrete log~- ;Lh~ , It also requires a validation of each new key which is gelleldled for the particular session to defy the so-called "person in the middle" attack.
20 The third technique is the most advantageous of the three mentioned. However, if the re(~ en~lll of unique session keys is imposed, it then becomes n~cess~ry for themodifier elements to have a suffciently long length that mAintAin~ an acceptably low probability of repetition. Where data and/or time stamps are used, there are potential security and operational problems arising from clock Alignment problems or in allowing 25 collllllunication across dif~relll time zones.
7 ~
Summary of the Invention A symmetric procedure avoids the problems with prior art systems using modifiers with master keys and generates a secure session key from a secret master key and an additional pair of randomly selected signals. The secret master key is known to 5 both parties: one at station A and one at station B. One randomly selected signal of the pair is generated by the party at station A while the other signal in the pair is generated by the party at station B.
In one embodiment, a random number signal sent by each one of the parties to the other is encrypted before tr~n~mi~ion and decrypted upon reception. Both 10 encryption (at one station) and decryption (at the other station) employ symmetric key cryptographic systems which use the secret master key. The session key is then formed by a co~ lul~live combination of both random number signals.
In another embodiment, random number signals are sent by each party to the other. Both random number signals are individually decrypted at each station by using 15 symmetric key cryptosystems which employ the secret master key. The session key is then formed by a collllllul~ e combination of both decrypted random number signals.
These secure session key generation methods offer the distinct advantage that intercepted, encrypted messages based on the session key cannot be decrypted at a later time even if access to the actual encryption system is gained. Moreover, these methods 20 do not require high speed encryption procedures or special record keeping functions generally ~soci~tecl with other session key generation methods.
In accordance with one aspect of the present invention there is provided a method of genel~lhlg a cryptographic session key for a first symmetric key cryptosystem based on a known master key signal available to at least first and second 25 parties, the method comprising the steps of: forming a first random number signal by a first random number generation element; receiving into a decryption element an incoming signal from one of said parties; decrypting the incoming signal using a second symmetric key cryptosystem based on the master key signal to recover a second random number signal; and generating in a combining element said cryptographic session key 30 by co~ ely combining at least the first and second random number signals.
1~
2a In accordance with another aspect of the present invention there is provided a method of generating a cryptographic session key for a first symmetric key cryptosystem based on a known master key signal available to at least first and second parties, the method comprising the steps of: forming a first signal in a first decryption 5 element by decrypting a first random number signal produced by a first random number generator element using a second symmetric key cryptosystem based on the master key signal; receiving into a second decryption element a second random number signal from one of said parties; decrypting the second random number signal in said second decryption element using a third symmetric key cryptosystem based on the master key 10 signal; receivillg into a second decryption element a second random number signal from one of said parties; decrypting the second random number signal in said second decryption element using a third symmetric key cryptosystem based on the master key signal to form a second signal; and generating in a combining element said cryptographic session key by conllllu~lively combining at least the first and second 1 5 signals.
Brief Description of the Drawin~
A more complete underst~n-ling of the invention may be obtained by reading the following description of specific illustrative embo-liment~ of the invention in conjunction with the appended drawing in which:
Technical Field This invention relates to a method for generating keys for encryption systems and, more particularly, for generating secure session keys for such systems.
5 l~l~round of the Invention ChAnging encryption keys after a certain usage time is an old concept. For example, in the initial key distribution process, an entire table of encryption keys is distributed. Thereafter, each key is used for a specific time only. Alternatively, a new key can be derived for each session by using mAth~mAtical one-way functions such as is 10 done in the Diffie-Hellman algorithm. Finally, with a distributed master key and a series of modifier elements such as a date or time stamp or a counter or the like, one can combine the master key with the modifier elements to generate session keys as needed.
Each of the aforementioned techniques for session key generation suffers from a variety of factors which detract from the appeal of the technique. The first technique 15 requires a fairly large prole~iled memory to store the table of keys. In addition, it requires a significant amount of physical security to keep it from being colllpl~lllised. The second technique using one-way functions requires powerful processors to compute functions such as discrete log~- ;Lh~ , It also requires a validation of each new key which is gelleldled for the particular session to defy the so-called "person in the middle" attack.
20 The third technique is the most advantageous of the three mentioned. However, if the re(~ en~lll of unique session keys is imposed, it then becomes n~cess~ry for themodifier elements to have a suffciently long length that mAintAin~ an acceptably low probability of repetition. Where data and/or time stamps are used, there are potential security and operational problems arising from clock Alignment problems or in allowing 25 collllllunication across dif~relll time zones.
7 ~
Summary of the Invention A symmetric procedure avoids the problems with prior art systems using modifiers with master keys and generates a secure session key from a secret master key and an additional pair of randomly selected signals. The secret master key is known to 5 both parties: one at station A and one at station B. One randomly selected signal of the pair is generated by the party at station A while the other signal in the pair is generated by the party at station B.
In one embodiment, a random number signal sent by each one of the parties to the other is encrypted before tr~n~mi~ion and decrypted upon reception. Both 10 encryption (at one station) and decryption (at the other station) employ symmetric key cryptographic systems which use the secret master key. The session key is then formed by a co~ lul~live combination of both random number signals.
In another embodiment, random number signals are sent by each party to the other. Both random number signals are individually decrypted at each station by using 15 symmetric key cryptosystems which employ the secret master key. The session key is then formed by a collllllul~ e combination of both decrypted random number signals.
These secure session key generation methods offer the distinct advantage that intercepted, encrypted messages based on the session key cannot be decrypted at a later time even if access to the actual encryption system is gained. Moreover, these methods 20 do not require high speed encryption procedures or special record keeping functions generally ~soci~tecl with other session key generation methods.
In accordance with one aspect of the present invention there is provided a method of genel~lhlg a cryptographic session key for a first symmetric key cryptosystem based on a known master key signal available to at least first and second 25 parties, the method comprising the steps of: forming a first random number signal by a first random number generation element; receiving into a decryption element an incoming signal from one of said parties; decrypting the incoming signal using a second symmetric key cryptosystem based on the master key signal to recover a second random number signal; and generating in a combining element said cryptographic session key 30 by co~ ely combining at least the first and second random number signals.
1~
2a In accordance with another aspect of the present invention there is provided a method of generating a cryptographic session key for a first symmetric key cryptosystem based on a known master key signal available to at least first and second parties, the method comprising the steps of: forming a first signal in a first decryption 5 element by decrypting a first random number signal produced by a first random number generator element using a second symmetric key cryptosystem based on the master key signal; receiving into a second decryption element a second random number signal from one of said parties; decrypting the second random number signal in said second decryption element using a third symmetric key cryptosystem based on the master key 10 signal; receivillg into a second decryption element a second random number signal from one of said parties; decrypting the second random number signal in said second decryption element using a third symmetric key cryptosystem based on the master key signal to form a second signal; and generating in a combining element said cryptographic session key by conllllu~lively combining at least the first and second 1 5 signals.
Brief Description of the Drawin~
A more complete underst~n-ling of the invention may be obtained by reading the following description of specific illustrative embo-liment~ of the invention in conjunction with the appended drawing in which:
FIGs. 1 and 2 are illustrative embodiments of a secure session key generation system realized in accordance with the principles of the present invention.
Detailed D~ tion It is apl)ropl;ate to provide some cryptology nomenclature at this time. A puzzle 5 can be thought of as a locked box cont~ining a message where the box is secured by a combination lock. Only a bona fide user can probably solve the pll771e. A class of puzzles is known as a cryptographic system or cryptosystem. The process of making a puzzle is known as encryption and the process of solving the puzzle is known as decryption. The puzzle is called ciphertext and the message within the pllzzle is called 10 plaintext. The members of a particular cryptosystem are distinguished by a particular key or cryptographic key.
The key to making a specific puzzle (i.e., locking plaintext into ciphertext) isknown as the encryption key. Similarly, the key to solving a puzzle (i.e., recovering the plaintext from the ciphertext) is known as the decryption key. According to the scheme 15 of a particular cryptosystem, a key is used to lock plaintext into ciphertext and that same key can also be used to unlock the ciphertext to retrieve the pl~intext. When the encryption key and the decryption key are identical, the cryptosystem is known as a symmetric key cryptosystem.
The notation E(KM, RA) is the encryption of the signal RA via the symmetric key 20 cryptosystem using master key KM. Also, the notation D(KM, RA) is the decryption of the signal RA via the symmetric key cryptosystem using master key KM.
FIG. 1 shows a secure session key generation system realized in accordance with the principles of the present invention. A session key KS is generated mutually and simultaneously at each of two co~ nul~icating stations, namely station A and station B.
25 Both stations colll,llullicate with each other over an insecure communication channel shown by the dashed lines. Session key generation at station A is substantially identical to the session key geneldlion at station B.
The session key generation appa~lus at station A includes random number generation element 10, master key element 11, encryption element 12, decryption 5 element 13, combining element 14 and comparison element 16. Similarly, the session key generation app~us at station B includes random number generation element 20,master key element 21, encryption element 22, decryption element 23, combining element 24 and comparison element 26. Since each station's appald~us is symmetric with that of the other station only station A will be described in detail.
Random number generation element 10 generates a random or pseudo-random sequence of bits as a random number signal RA. Signal RA is supplied to encryption element 12 and combi~ing element 14.
Master key element 11 stores the master key KM negotiated at some earlier time between stations A and B or distributed to stations A and B by a key distribution 15 center. That is, both stations A and B have identical master keys. The master key KM
is expected to be used over a very long period of time in comp~ on with the time of use for a session key. Master keys span many sessions or transactions whereas a session key is generally used for a single session or transaction. Master keys can be distributed by couriers or tokens or they can be generated by Diffie-Hellman key20 exchange or the like.
Encryption element 12 performs the encryption E(KM,RA) using the master key KM and genelales a ciphertext of RA which is tr~n~mitte-l as an outgoing signal to the partner station B. Decryption element 13 leceives an incoming signal E(KM,RB) from station B. The incoming signal corresponds to the ciphertext of the random 25 number signal RB gel~laled by random number generation element 20 and encryption element 22. The latter ciphertext is represented as E(KM,RB). Decryption element 13 decrypts the incoming signal according to the symmetric key cryptosystem using master key KM. The decryption is noted as D(KM,E(KM,RB)) and produces random number signal RB.
r' _ 5 Station A is now in possession of two random number signals: the one it generated itself, RA, and the one it received from station B, RB. Similarly, station B is now in possession of the same random number signals as station A: the one it generated itself, RB, and the one it received from station A, RA.
S Both random number signals RA and RB are supplied to combining function element 14 in station A. The combining element p~,lrOlllls a comml-t~tive combination of the random number signals to generate the session key Ks. Commutative functions which are suitable for use in the combining element satisfy the condition f(x,y)=f(y,x) where x and y are RA and RB~ respectively. Examples of such functions for use incombining element 14 are: linear functions such as addition and addition modulo 2;
nonlinear functions such as multiplication and the sum of each variable raised to the same power which is greater than or equal to 2; and one way functions using encryption such as E(KM,RA+RB) or E(RA,RB)+E(RB,RA) It is conceivable that RA and RB could be equal. This may or may not lead to a trivial session key depending on the actual function used in combining element 14. In order to avoid such an occurrence, co...p~ g element 16 is used to check whether the random number signals are di~lelll. If the signals are dirrelelll, then the combining element is allowed to process the random number signals. If the signals are the same, then it may be desirable to signal the remote station via a protocol and request a new ciphertext tr~n~mi~ion of the random signal.
FIG. 2 shows an ~ltern~tive embodiment of the secure session key generation system shown in FIG. 1. In this FIG., elements having the same reference numbers as shown in FIG. 1 are identical to those element. The system shown for station A
compri~es random number generating element 10, master key element 11, decryptionelements 13 and 15, combining element 14, and Co.~pA.;.-g element 16.
For the system in FIG. 2, station A forms random number signal RA from random number generation element 10 and transmits that signal to station B. The random number 2 1 6~874 signal RA is treated as a ciphertext message and supplied to decryption element 15. In a similar manner, station B forms random number signal RB from random number generation element 20 and transmits that signal to station A. Upon reception by station A, the received random number signal RB is treated as a ciphertext message and supplied 5 to decryption element 13.
Decryption element 15 is a symmetric key cryptosystem which responds to the random number signal RA and the master key KM to form the plaintext D(KM,RA). Also, decryption element 13 is a symmetric key cryptosystem which responds to the random number signal RB and the master key KM to form the plaintext D(KM,RB). Both 10 plaintext signals are supplied to combining element 14. Combining function 14 accepts both plaintext signals D(KM,RA) and D(KM,RB) to generate the session key. Co..lp~
element 16 ope~dles as described earlier to determine whether the plaintext signals are the same or di~nl.
The embodiment shown in FIG. 1 produces a session key which depends only on the random signals RA and RB. In the second embodiment (FIG. 2), the session keydepends not only on the random number signals RA and RB but also on the master key.
The new methods presented here have a number of desirable properties:
each station contributes a random input which will influence the common session key;
. preventing decryption of previous message tr~n~mi~sions;
no need for counters, clocks, timers, time stamps, tables, etc.;
no record keeping of any sort is required; and there is only a soft limit to the number of sessions keys derivable from a specific master key; an increasing number will increase the probability of a potential duplication of an earlier key (so-called "birthday problem") but, in practice, this probability can be kept extremely low.
Detailed D~ tion It is apl)ropl;ate to provide some cryptology nomenclature at this time. A puzzle 5 can be thought of as a locked box cont~ining a message where the box is secured by a combination lock. Only a bona fide user can probably solve the pll771e. A class of puzzles is known as a cryptographic system or cryptosystem. The process of making a puzzle is known as encryption and the process of solving the puzzle is known as decryption. The puzzle is called ciphertext and the message within the pllzzle is called 10 plaintext. The members of a particular cryptosystem are distinguished by a particular key or cryptographic key.
The key to making a specific puzzle (i.e., locking plaintext into ciphertext) isknown as the encryption key. Similarly, the key to solving a puzzle (i.e., recovering the plaintext from the ciphertext) is known as the decryption key. According to the scheme 15 of a particular cryptosystem, a key is used to lock plaintext into ciphertext and that same key can also be used to unlock the ciphertext to retrieve the pl~intext. When the encryption key and the decryption key are identical, the cryptosystem is known as a symmetric key cryptosystem.
The notation E(KM, RA) is the encryption of the signal RA via the symmetric key 20 cryptosystem using master key KM. Also, the notation D(KM, RA) is the decryption of the signal RA via the symmetric key cryptosystem using master key KM.
FIG. 1 shows a secure session key generation system realized in accordance with the principles of the present invention. A session key KS is generated mutually and simultaneously at each of two co~ nul~icating stations, namely station A and station B.
25 Both stations colll,llullicate with each other over an insecure communication channel shown by the dashed lines. Session key generation at station A is substantially identical to the session key geneldlion at station B.
The session key generation appa~lus at station A includes random number generation element 10, master key element 11, encryption element 12, decryption 5 element 13, combining element 14 and comparison element 16. Similarly, the session key generation app~us at station B includes random number generation element 20,master key element 21, encryption element 22, decryption element 23, combining element 24 and comparison element 26. Since each station's appald~us is symmetric with that of the other station only station A will be described in detail.
Random number generation element 10 generates a random or pseudo-random sequence of bits as a random number signal RA. Signal RA is supplied to encryption element 12 and combi~ing element 14.
Master key element 11 stores the master key KM negotiated at some earlier time between stations A and B or distributed to stations A and B by a key distribution 15 center. That is, both stations A and B have identical master keys. The master key KM
is expected to be used over a very long period of time in comp~ on with the time of use for a session key. Master keys span many sessions or transactions whereas a session key is generally used for a single session or transaction. Master keys can be distributed by couriers or tokens or they can be generated by Diffie-Hellman key20 exchange or the like.
Encryption element 12 performs the encryption E(KM,RA) using the master key KM and genelales a ciphertext of RA which is tr~n~mitte-l as an outgoing signal to the partner station B. Decryption element 13 leceives an incoming signal E(KM,RB) from station B. The incoming signal corresponds to the ciphertext of the random 25 number signal RB gel~laled by random number generation element 20 and encryption element 22. The latter ciphertext is represented as E(KM,RB). Decryption element 13 decrypts the incoming signal according to the symmetric key cryptosystem using master key KM. The decryption is noted as D(KM,E(KM,RB)) and produces random number signal RB.
r' _ 5 Station A is now in possession of two random number signals: the one it generated itself, RA, and the one it received from station B, RB. Similarly, station B is now in possession of the same random number signals as station A: the one it generated itself, RB, and the one it received from station A, RA.
S Both random number signals RA and RB are supplied to combining function element 14 in station A. The combining element p~,lrOlllls a comml-t~tive combination of the random number signals to generate the session key Ks. Commutative functions which are suitable for use in the combining element satisfy the condition f(x,y)=f(y,x) where x and y are RA and RB~ respectively. Examples of such functions for use incombining element 14 are: linear functions such as addition and addition modulo 2;
nonlinear functions such as multiplication and the sum of each variable raised to the same power which is greater than or equal to 2; and one way functions using encryption such as E(KM,RA+RB) or E(RA,RB)+E(RB,RA) It is conceivable that RA and RB could be equal. This may or may not lead to a trivial session key depending on the actual function used in combining element 14. In order to avoid such an occurrence, co...p~ g element 16 is used to check whether the random number signals are di~lelll. If the signals are dirrelelll, then the combining element is allowed to process the random number signals. If the signals are the same, then it may be desirable to signal the remote station via a protocol and request a new ciphertext tr~n~mi~ion of the random signal.
FIG. 2 shows an ~ltern~tive embodiment of the secure session key generation system shown in FIG. 1. In this FIG., elements having the same reference numbers as shown in FIG. 1 are identical to those element. The system shown for station A
compri~es random number generating element 10, master key element 11, decryptionelements 13 and 15, combining element 14, and Co.~pA.;.-g element 16.
For the system in FIG. 2, station A forms random number signal RA from random number generation element 10 and transmits that signal to station B. The random number 2 1 6~874 signal RA is treated as a ciphertext message and supplied to decryption element 15. In a similar manner, station B forms random number signal RB from random number generation element 20 and transmits that signal to station A. Upon reception by station A, the received random number signal RB is treated as a ciphertext message and supplied 5 to decryption element 13.
Decryption element 15 is a symmetric key cryptosystem which responds to the random number signal RA and the master key KM to form the plaintext D(KM,RA). Also, decryption element 13 is a symmetric key cryptosystem which responds to the random number signal RB and the master key KM to form the plaintext D(KM,RB). Both 10 plaintext signals are supplied to combining element 14. Combining function 14 accepts both plaintext signals D(KM,RA) and D(KM,RB) to generate the session key. Co..lp~
element 16 ope~dles as described earlier to determine whether the plaintext signals are the same or di~nl.
The embodiment shown in FIG. 1 produces a session key which depends only on the random signals RA and RB. In the second embodiment (FIG. 2), the session keydepends not only on the random number signals RA and RB but also on the master key.
The new methods presented here have a number of desirable properties:
each station contributes a random input which will influence the common session key;
. preventing decryption of previous message tr~n~mi~sions;
no need for counters, clocks, timers, time stamps, tables, etc.;
no record keeping of any sort is required; and there is only a soft limit to the number of sessions keys derivable from a specific master key; an increasing number will increase the probability of a potential duplication of an earlier key (so-called "birthday problem") but, in practice, this probability can be kept extremely low.
Claims (15)
1. A method of generating a cryptographic session key for a first symmetric key cryptosystem based on a known master key signal available to at least first and second parties, the method comprising the steps of:
forming a first random number signal by a first random number generation element;
receiving into a decryption element an incoming signal from one of said parties;decrypting the incoming signal using a second symmetric key cryptosystem based on the master key signal to recover a second random number signal; and generating in a combining element said cryptographic session key by commulatively combining at least the first and second random number signals.
forming a first random number signal by a first random number generation element;
receiving into a decryption element an incoming signal from one of said parties;decrypting the incoming signal using a second symmetric key cryptosystem based on the master key signal to recover a second random number signal; and generating in a combining element said cryptographic session key by commulatively combining at least the first and second random number signals.
2. The method as defined in claim 1, wherein the step of generating the cryptographic session key includes the step of comparing the first and second random number signals in a comparing element to determine whether the random number signals are different from one another.
3. The method as defined in claim 2, wherein the generating step further includes proceeding with generation of the cryptographic session key only when the first and second random number signals differ from one other.
4. The method as defined in claim 1, further including the steps of forming an outgoing signal by encrypting the first random number signal in an encryptionelement using a third symmetric key cryptosystem based on the master key signal and transmitting the outgoing signal to one of the parties.
5. The method as defined in claim 4, further including the steps of:
forming the incoming signal by encrypting the second random number signal using a fourth symmetric key cryptosystem based on the master key signal;
transmitting the incoming signal to one of said parties;
decrypting the outgoing signal using a fifth symmetric key cryptosystem based on the master key signal to recover the first random number signal; and generating said cryptographic session key by commutatively combining at least the first and second random number signals.
forming the incoming signal by encrypting the second random number signal using a fourth symmetric key cryptosystem based on the master key signal;
transmitting the incoming signal to one of said parties;
decrypting the outgoing signal using a fifth symmetric key cryptosystem based on the master key signal to recover the first random number signal; and generating said cryptographic session key by commutatively combining at least the first and second random number signals.
6. The method as defined in claim 5, wherein the steps of generating the cryptographic session key each include the step of comparing the first and second random number signals to determine whether the random number signals are different from one other.
7. The method as defined in claim 6, wherein the generating steps each further include proceeding with generation of the cryptographic session key only when the first and second random number signals differ from one other.
8. A method of generating a cryptographic session key for a first symmetric key cryptosystem based on a known master key signal available to at least first and second parties, the method comprising the steps of:
forming a first signal in a first decryption element by decrypting a first random number signal produced by a first random number generator element using a secondsymmetric key cryptosystem based on the master key signal;
receiving into a second decryption element a second random number signal from one of said parties;
decrypting the second random number signal in said second decryption element using a third symmetric key cryptosystem based on the master key signal;
receiving into a second decryption element a second random number signal from one of said parties;
decrypting the second random number signal in said second decryption element using a third symmetric key cryptosystem based on the master key signal to form a second signal; and generating in a combining element said cryptographic session key by commutatively combining at least the first and second signals.
forming a first signal in a first decryption element by decrypting a first random number signal produced by a first random number generator element using a secondsymmetric key cryptosystem based on the master key signal;
receiving into a second decryption element a second random number signal from one of said parties;
decrypting the second random number signal in said second decryption element using a third symmetric key cryptosystem based on the master key signal;
receiving into a second decryption element a second random number signal from one of said parties;
decrypting the second random number signal in said second decryption element using a third symmetric key cryptosystem based on the master key signal to form a second signal; and generating in a combining element said cryptographic session key by commutatively combining at least the first and second signals.
9. The method as defined in claim 8, wherein the step of generating the cryptographic session key includes the step of comparing the first and second signals in a comparing element to determine whether the first and second signals are different from one another.
10. The method as defined in claim 9, wherein the generating step further includes proceeding with generation of the cryptographic session key only when the first and second signals differ from one other.
11. The method as defined in claim 8, further including the steps of forming the first random number signal and transmitting the first random number signal to one of the parties.
12. The method as defined in claim 11, further including the steps of:
forming the second random number signal;
forming the second signal by decrypting the second random number signal using a fourth symmetric key cryptosystem using the master key signal;
transmitting the second random number signal to one of said parties;
decrypting the first random number signal using a fifth symmetric key cryptosystem using the master key signal to form the first signal; and generating said cryptographic session key by commutatively combining at least the first and second random number signals.
forming the second random number signal;
forming the second signal by decrypting the second random number signal using a fourth symmetric key cryptosystem using the master key signal;
transmitting the second random number signal to one of said parties;
decrypting the first random number signal using a fifth symmetric key cryptosystem using the master key signal to form the first signal; and generating said cryptographic session key by commutatively combining at least the first and second random number signals.
13. The method as defined in claim 12, wherein the steps of generating the cryptographic session key each include the step of comparing the first and second signals to determine whether the first and second signals are different from one other.
14. The method as defined in claim 13, wherein the generating steps each further include proceeding with generation of the cryptographic session key only when the first and second signals differ from one other.
15. The method as defined in claim 8, wherein said first decryption element and said second decryption element are one of the same decryption element and different decryption elements.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US366,863 | 1994-12-30 | ||
| US08/366,863 US5602917A (en) | 1994-12-30 | 1994-12-30 | Method for secure session key generation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CA2165874A1 CA2165874A1 (en) | 1996-07-01 |
| CA2165874C true CA2165874C (en) | 1999-03-23 |
Family
ID=23444889
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA002165874A Expired - Fee Related CA2165874C (en) | 1994-12-30 | 1995-12-21 | Method for secure session key generation |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US5602917A (en) |
| EP (1) | EP0720326A3 (en) |
| JP (1) | JPH08234658A (en) |
| CA (1) | CA2165874C (en) |
Families Citing this family (55)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5675649A (en) * | 1995-11-30 | 1997-10-07 | Electronic Data Systems Corporation | Process for cryptographic key generation and safekeeping |
| US5841872A (en) * | 1996-07-01 | 1998-11-24 | Allsoft Distributing Incorporated | Encryption enhancement system |
| US6041123A (en) * | 1996-07-01 | 2000-03-21 | Allsoft Distributing Incorporated | Centralized secure communications system |
| US5841864A (en) * | 1996-08-05 | 1998-11-24 | Motorola Inc. | Apparatus and method for authentication and session key exchange in a communication system |
| AU6758898A (en) | 1997-03-12 | 1998-09-29 | Visa International | Secure electronic commerce employing integrated circuit cards |
| JPH10301492A (en) * | 1997-04-23 | 1998-11-13 | Sony Corp | Enciphering device and method therefor, decoding device and method therefor, and information processing device and method therefor |
| FI113119B (en) * | 1997-09-15 | 2004-02-27 | Nokia Corp | A method for securing communications over telecommunications networks |
| US6128391A (en) * | 1997-09-22 | 2000-10-03 | Visa International Service Association | Method and apparatus for asymetric key management in a cryptographic system |
| DE69834431T3 (en) * | 1998-01-02 | 2009-09-10 | Cryptography Research Inc., San Francisco | LIQUID RESISTANT CRYPTOGRAPHIC PROCESS AND DEVICE |
| US7587044B2 (en) * | 1998-01-02 | 2009-09-08 | Cryptography Research, Inc. | Differential power analysis method and apparatus |
| JP4273535B2 (en) * | 1998-05-12 | 2009-06-03 | ソニー株式会社 | Data transmission control method, data transmission system, data receiving apparatus and data transmitting apparatus |
| CA2333095C (en) | 1998-06-03 | 2005-05-10 | Cryptography Research, Inc. | Improved des and other cryptographic processes with leak minimization for smartcards and other cryptosystems |
| ATE360866T1 (en) | 1998-07-02 | 2007-05-15 | Cryptography Res Inc | LEAK-RESISTANT UPDATING OF AN INDEXED CRYPTOGRAPHIC KEY |
| US7197639B1 (en) * | 1999-02-05 | 2007-03-27 | Rsa Security Inc. | Cryptographic countermeasures against connection depletion attacks |
| JP2000331070A (en) * | 1999-05-17 | 2000-11-30 | Toshiba Corp | Digital data sale system |
| DE19938197A1 (en) * | 1999-08-12 | 2001-03-08 | Deutsche Telekom Ag | Key agreement procedure for a group of at least three participants |
| TW548940B (en) * | 1999-11-29 | 2003-08-21 | Gen Instrument Corp | Generation of a mathematically constrained key using a one-way function |
| US6795555B1 (en) * | 1999-12-30 | 2004-09-21 | Nortel Networks Limited | Encryption key exchange protocol |
| US7047408B1 (en) * | 2000-03-17 | 2006-05-16 | Lucent Technologies Inc. | Secure mutual network authentication and key exchange protocol |
| KR100601634B1 (en) * | 2000-06-07 | 2006-07-14 | 삼성전자주식회사 | High speed copy protection method |
| US7076656B2 (en) * | 2001-04-05 | 2006-07-11 | Lucent Technologies Inc. | Methods and apparatus for providing efficient password-authenticated key exchange |
| FR2823928B1 (en) * | 2001-04-19 | 2003-08-22 | Canal Plus Technologies | METHOD FOR SECURE COMMUNICATION BETWEEN TWO DEVICES |
| TWI222609B (en) * | 2001-07-25 | 2004-10-21 | Matsushita Electric Ind Co Ltd | A method of producing a decrypting apparatus having a cryptographic device and cryptographic information, a system for providing such device and information, and the decrypting apparatus produced by the production method |
| US20040010711A1 (en) * | 2002-07-10 | 2004-01-15 | Weiming Tang | Secure communications and control in a fueling environment |
| US7636840B2 (en) * | 2002-07-10 | 2009-12-22 | Dresser, Inc. | Secure communications and control in a fueling environment |
| EP2270700A1 (en) * | 2002-07-26 | 2011-01-05 | Koninklijke Philips Electronics N.V. | Secure authenticated distance measurement |
| JP2004186814A (en) * | 2002-11-29 | 2004-07-02 | Fujitsu Ltd | Common key encryption communication system |
| US8229118B2 (en) * | 2003-11-07 | 2012-07-24 | Qualcomm Incorporated | Method and apparatus for authentication in wireless communications |
| EP1544706A1 (en) * | 2003-12-18 | 2005-06-22 | Axalto S.A. | Method for protecting and using data files suitable for personalizing smart-cards |
| US7885412B2 (en) * | 2005-09-29 | 2011-02-08 | International Business Machines Corporation | Pre-generation of generic session keys for use in communicating within communications environments |
| US8144875B2 (en) * | 2006-09-06 | 2012-03-27 | Paul McGough | Method and system for establishing real-time authenticated and secured communications channels in a public network |
| JP2010503323A (en) * | 2006-09-06 | 2010-01-28 | エスエスエルネクスト インコーポレイテッド | Method and system for establishing a real-time authenticated and guaranteed communication channel in a public network |
| JP2007043738A (en) * | 2006-09-25 | 2007-02-15 | Sony Corp | Electronic equipment |
| JP2006340407A (en) * | 2006-09-25 | 2006-12-14 | Sony Corp | Encryption device and method, and decoding device and method |
| US20080304664A1 (en) * | 2007-06-07 | 2008-12-11 | Shanmugathasan Suthaharan | System and a method for securing information |
| US8301876B2 (en) * | 2008-05-16 | 2012-10-30 | Emc Corporation | Techniques for secure network communication |
| KR101574820B1 (en) * | 2008-05-29 | 2015-12-04 | 휴렛-팩커드 디벨롭먼트 컴퍼니, 엘.피. | Providing authenticated communications to a replaceable printer component |
| ES2765485T3 (en) * | 2008-05-29 | 2020-06-09 | Hewlett Packard Development Co | Authentication of a replaceable printer component |
| JP2010246158A (en) * | 2010-07-13 | 2010-10-28 | Sony Corp | Encryption apparatus and method, and decryption apparatus and method |
| AP2013006967A0 (en) * | 2011-01-13 | 2013-07-31 | Infosys Ltd | System and method for accessing integrated applications in a single sign-on enabled enterprise solution |
| US8855304B2 (en) * | 2011-06-23 | 2014-10-07 | Infosys Limited | System and method for generating session keys |
| AU2012327945A1 (en) | 2011-10-28 | 2014-05-01 | Debiotech S.A. | Communication secured between a medical device and its remote device |
| JP2012070430A (en) * | 2011-12-07 | 2012-04-05 | Sony Corp | Decoder and decoding method |
| US8885820B1 (en) * | 2012-02-09 | 2014-11-11 | Marvell International Ltd. | Key expansion using seed values |
| WO2014009876A2 (en) * | 2012-07-09 | 2014-01-16 | Debiotech S.A. | Communication secured between a medical device and its remote device |
| JP2013017225A (en) * | 2012-09-18 | 2013-01-24 | Sony Corp | Encryption device and method |
| JP2013192267A (en) * | 2013-06-12 | 2013-09-26 | Sony Corp | Encryption processing apparatus, encryption processing method, decryption processing apparatus, and decryption processing method |
| JP2013179701A (en) * | 2013-06-12 | 2013-09-09 | Sony Corp | Encryption device and method |
| JP2014064318A (en) * | 2013-12-05 | 2014-04-10 | Sony Corp | Encryption device and method |
| DK2955871T3 (en) * | 2014-06-12 | 2017-05-01 | Nagravision Sa | Cryptographic method for securely exchanging messages and apparatus and system for performing this method |
| US10554640B2 (en) * | 2016-06-13 | 2020-02-04 | Nxp B.V. | Method and system for facilitating secure communication |
| CN110073356B (en) | 2016-12-06 | 2023-12-15 | E·马伊姆 | Method and entity for using a security device, in particular having transaction properties |
| CN112152790A (en) * | 2019-06-26 | 2020-12-29 | 联合汽车电子有限公司 | Data encryption method, data decryption method, data encryption device and data decryption device |
| US11068240B1 (en) * | 2020-06-19 | 2021-07-20 | Panagiotis Andreadakis | Aperiodic pseudo-random number generator using big pseudo-random numbers |
| US11146387B1 (en) * | 2020-08-04 | 2021-10-12 | Panagiotis Andreadakis | Random position cipher encryption using an aperiodic pseudo-random number generator |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4649233A (en) * | 1985-04-11 | 1987-03-10 | International Business Machines Corporation | Method for establishing user authenication with composite session keys among cryptographically communicating nodes |
| US5241599A (en) * | 1991-10-02 | 1993-08-31 | At&T Bell Laboratories | Cryptographic protocol for secure communications |
-
1994
- 1994-12-30 US US08/366,863 patent/US5602917A/en not_active Expired - Lifetime
-
1995
- 1995-12-12 EP EP95309015A patent/EP0720326A3/en not_active Withdrawn
- 1995-12-21 CA CA002165874A patent/CA2165874C/en not_active Expired - Fee Related
- 1995-12-27 JP JP7340892A patent/JPH08234658A/en active Pending
Also Published As
| Publication number | Publication date |
|---|---|
| EP0720326A2 (en) | 1996-07-03 |
| US5602917A (en) | 1997-02-11 |
| JPH08234658A (en) | 1996-09-13 |
| CA2165874A1 (en) | 1996-07-01 |
| EP0720326A3 (en) | 1999-05-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2165874C (en) | Method for secure session key generation | |
| US5519778A (en) | Method for enabling users of a cryptosystem to generate and use a private pair key for enciphering communications between the users | |
| EP0460538B1 (en) | Cryptographic communication method and cryptographic communication device | |
| EP0695485B1 (en) | Fair cryptosystems and methods of use | |
| US5907618A (en) | Method and apparatus for verifiably providing key recovery information in a cryptographic system | |
| US6215878B1 (en) | Group key distribution | |
| US6985583B1 (en) | System and method for authentication seed distribution | |
| US7792285B2 (en) | Method and system for securely exchanging encryption key determination information | |
| US7254232B2 (en) | Method and system for selecting encryption keys from a plurality of encryption keys | |
| USRE36918E (en) | Fair cryptosystems and methods of use | |
| US6640303B1 (en) | System and method for encryption using transparent keys | |
| US20110138184A1 (en) | Efficient Techniques for Achieving Security Against Cheating Tamper-Resistant Tokens | |
| US20010014156A1 (en) | Common key generating method, common key generator, cryptographic communication method and cryptographic communication system | |
| CN109784920A (en) | A kind of Transaction Information auditing method and device based on block chain | |
| JPH01225251A (en) | Secret key delivering system | |
| JPH07336328A (en) | Cipher device | |
| Simmons | Proof of soundness (integrity) of cryptographic protocols | |
| JP2000286830A (en) | Encryption processing method in encryption communication system | |
| JPH04101529A (en) | Enciphered communication system | |
| JPS6346028A (en) | Cryptographic key distribution system | |
| Paar et al. | Key establishment | |
| US20040243830A1 (en) | Method and system of secret communication | |
| GB2386518A (en) | Associative encryption and decryption | |
| KR20220142254A (en) | Multi-signature wallet system in blockchain using the bloom filter | |
| Denning | Cryptographic Techniques |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request | ||
| MKLA | Lapsed |