Generating a symmetric encryption key

US 10,348,498 B2
Filed: 10/08/2015
Issued: 07/09/2019
Est. Priority Date: 10/09/2014
Status: Active Grant

First Claim

Patent Images

1. A system (300) for generating a symmetric encryption key, said system comprising a first terminal (100a) comprising key data, a second terminal (100b) comprising key data and a server (340), wherein the server (340) is configured to:

generate a first processing file (PF1) for the first terminal (100a) based on an inverse of the key data for the first terminal (KD1) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2);

generate a second processing file (PF2) for the second terminal (100b) based on an inverse of the key data for the second terminal (KD2) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2); and

send the first processing file (PF1) to the first terminal (100a) and the second processing file (PF2) to the second terminal (100b);

wherein the first terminal (100a) is configured to;

receive the first processing file (PF1);

extract combined key data (CKD) from the first processing file (PF1) by a bitwise AND operation on the first processing file (PF1) and the key data for the first terminal (KD1);

generate a first random key seed and send it to the second terminal (100b);

receive a second random key seed from the second terminal (100b);

wherein the second terminal (100b) is configured toreceive the second processing file (PF2);

extract combined key data (CKD) from the second processing file (PF2) by a bitwise AND operation on the second processing file (PF2) and the key data for the second terminal (KD2);

generate the second random key seed and send it to the first terminal (100a);

receive the first random key seed from the first terminal (100a);

whereby the first terminal (100a) and the second terminal (100b) are each configured to;

input the combined key data (CKD) and the first random key seed into a function;

input the combined key data (CKD) and the second random key seed into the function; and

concatenate the results of the functions into the symmetric encryption key, each terminal (100) thereby generating a copy of the symmetric encryption key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for generating a symmetric encryption key, said system comprising a first terminal, a second terminal and a server, wherein the server is configured to generate a first processing file for the first terminal based on a combination of key data for the first terminal and key data for the second terminal and the key data for the first terminal; generate a second processing file for the second terminal based on a combination of key data for the first terminal and key data for the second terminal and the key data for the second terminal; and send the first processing file to the first terminal and the second processing file to the second terminal; wherein the first terminal is configured to receive the first processing file; extract the combined key data; generate a first random key seed and send it to the second terminal; receive a second random key seed from the second terminal; wherein the second terminal is configured to receive the second processing file; extract the combined key data; generate the second random key seed and send it to the first terminal; receive the first random key seed from the first terminal; whereby the first terminal and the second terminal are each configured to: input the combined key data and the first random seed into a function; input the combined key data and the second random seed into the same function; concatenate the results of the functions into the symmetric encryption key, each terminal thereby generating each copy of the symmetric encryption key.

47 Citations

View as Search Results

12 Claims

1. A system (300) for generating a symmetric encryption key, said system comprising a first terminal (100a) comprising key data, a second terminal (100b) comprising key data and a server (340), wherein the server (340) is configured to:
- generate a first processing file (PF1) for the first terminal (100a) based on an inverse of the key data for the first terminal (KD1) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2);
  
  generate a second processing file (PF2) for the second terminal (100b) based on an inverse of the key data for the second terminal (KD2) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2); and
  
  send the first processing file (PF1) to the first terminal (100a) and the second processing file (PF2) to the second terminal (100b);
  
  wherein the first terminal (100a) is configured to;
  
  receive the first processing file (PF1);
  
  extract combined key data (CKD) from the first processing file (PF1) by a bitwise AND operation on the first processing file (PF1) and the key data for the first terminal (KD1);
  
  generate a first random key seed and send it to the second terminal (100b);
  
  receive a second random key seed from the second terminal (100b);
  
  wherein the second terminal (100b) is configured toreceive the second processing file (PF2);
  
  extract combined key data (CKD) from the second processing file (PF2) by a bitwise AND operation on the second processing file (PF2) and the key data for the second terminal (KD2);
  
  generate the second random key seed and send it to the first terminal (100a);
  
  receive the first random key seed from the first terminal (100a);
  
  whereby the first terminal (100a) and the second terminal (100b) are each configured to;
  
  input the combined key data (CKD) and the first random key seed into a function;
  
  input the combined key data (CKD) and the second random key seed into the function; and
  
  concatenate the results of the functions into the symmetric encryption key, each terminal (100) thereby generating a copy of the symmetric encryption key.
- View Dependent Claims (2, 3, 4)
- - 2. The system (300) according to claim 1, wherein the bit-changing function is a function configured to inverse each 1 bit in an input string into a 0 bit at a probability.
  - 3. The system (300) according to claim 1, wherein the first terminal (100a), the second terminal (100b) and the server (340) are each configured to mutate a key data and to update a version for the key data.
  - 4. The system (100, 300) according to claim 1, wherein the system (100, 300) is an apparatus (100) and the first terminal (100a) is an external device (245) to be installed in the apparatus (300) and the apparatus is configured to execute the server (340) or communicate with the server (340).

5. A method for generating a symmetric encryption key for use in a system (300) comprising a first terminal (100a) comprising key data, a second terminal (100b) comprising key data and a server (340), wherein method comprises:
- the server (340) generating a first processing file (PF1) for the first terminal (100a) based on an inverse of the key data for the first terminal (KD1) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2);
  
  the server (340) generating a second processing file (PF2) for the second terminal (100b) based on an inverse of the key data for the second terminal (KD2) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2);
  
  the server (340) sending the first processing file (PF1) to the first terminal (100a) and the second processing file (PF2) to the second terminal (100b);
  
  the first terminal (100a) receiving the first processing file (PF1);
  
  the first terminal (100a) extracting the combined key data (CKD) from the first processing file (PF1) by a bitwise AND operation on the first processing file (PF1) and the key data for the first terminal (KD1);
  
  the first terminal (100a) generating a first random key seed and sending it to the second terminal (100b);
  
  the first terminal (100a) receiving a second random key seed from the second terminal (100b);
  
  the second terminal (100b) receiving the second processing file (PF2);
  
  the second terminal (100b) extracting the combined key data (CKD) from the second processing file (PF2) by a bitwise AND operation on the second processing file (PF2) and the key data for the second terminal (KD1);
  
  the second terminal (100b) generating the second random key seed and sending it to the first terminal (100a);
  
  the second terminal (100b) receiving the first random key seed from the first terminal (100a);
  
  the first terminal (100a) and the second terminal (100b) each inputting the combined key data (CKD) and the first random key seed into a function;
  
  the first terminal (100a) and the second terminal (100b) each inputting the combined key data (CKD) and the second random key seed into the function; and
  
  the first terminal (100a) and the second terminal (100b) both concatenating the results of the functions into the symmetric encryption key.

6. A server (340) for use in a system (300) for generating a symmetric encryption key, said system comprising a first terminal (100a) comprising key data and a second terminal (100b) comprising key data, wherein the server (340) is configured to:
- generate a first processing file (PF1) for the first terminal (100a) based on an inverse of the key data for the first terminal (KD1) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2);
  
  generate a second processing file (PF2) for the second terminal (100b) based on an inverse of the key data for the second terminal (KD2) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of the key data for the first terminal (KD1) and the key data for the second terminal (KD2); and
  
  send the first processing file (PF1) to the first terminal (100a) and the second processing file (PF2) to the second terminal (100b).

7. A terminal (100) comprising key data for use in a system (300) for generating a symmetric encryption key, said system comprising a second terminal (100b) comprising key data and a server (300), wherein the terminal (100) is configured to:
- receive a first processing file (PF1) from the server (300), wherein the first processing file (PF1) is based on an inverse of the key data for the first terminal (KD1) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2);
  
  extract combined key data (CKD) from the first processing file (PF1) by a bitwise AND operation on the first processing file (PF1) and the key data for the first terminal (KD1);
  
  generate a first random key seed and send it to the second terminal (100b);
  
  receive a second random key seed from the second terminal (100b);
  
  input the combined key data (CKD) and the first random key seed into a function;
  
  input the combined key data (CKD) and the second random key seed into the function; and
  
  concatenate the results of the functions into the symmetric encryption key.

8. A method for use in a server in a system (300) for generating a symmetric encryption key, said system comprising a first terminal (100a) comprising key data and a second terminal (100b) comprising key data, wherein method comprises:
- generating a first processing file (PF1) for the first terminal (100a) based on an inverse of the key data for the first terminal (KD1) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2);
  
  generating a second processing file (PF2) for the second terminal (100b) based on an inverse of the key data for the second terminal (KD2) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2); and
  
  sending the first processing file (PF1) to the first terminal (100a) and the second processing file (PF2) to the second terminal (100b).

9. A method for generating a symmetric encryption key for use in a terminal (100) comprising key data in a system (300), said system comprising a second terminal (100b) comprising key data and a server (300), wherein the method comprises:
- receiving a first processing file (PF1) from the server (300), wherein the first processing file (PF1) is based on an inverse of the key data for the first terminal (KD1) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2);
  
  extracting combined key data (CKD) from the first processing file (PF1) by a bitwise AND operation on the first processing file (PF1) and the key data for the first terminal (KD1);
  
  generating a first random key seed and sending it to the second terminal (100b);
  
  receiving a second random key seed from the second terminal (100b);
  
  inputting the combined key data (CKD) and the first random key seed into a function;
  
  inputting the combined key data (CKD) and the second random key seed into the function;
  
  concatenating the results of the functions into the symmetric encryption key.

10. A computer readable storage medium (40) encoded with instructions (41) that, when executed on a processor, causes the processor to perform the steps of:
- a server (340) generating a first processing file (PF1) for a first terminal (100a) based on an inverse of the key data for the first terminal (KD1) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for a second terminal (KD2);
  
  the server (340) generating a second processing file (PF2) for the second terminal (100b) based on an inverse of the key data for the second terminal (KD2) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2);
  
  the server (340) sending the first processing file (PF1) to the first terminal (100a) and the second processing file (PF2) to the second terminal (100b);
  
  the first terminal (100a) receiving the first processing file (PF1);
  
  the first terminal (100a) extracting the combined key data (CKD) from the first processing file (PF1) by a bitwise AND operation on the first processing file (PF1) and the key data for the first terminal (KD1);
  
  the first terminal (100a) generating a first random key seed and sending it to the second terminal (100b);
  
  the first terminal (100a) receiving a second random key seed from the second terminal (100b);
  
  the second terminal (100b) receiving the second processing file (PF2);
  
  the second terminal (100b) extracting the combined key data (CKD) from the second processing file (PF2) by a bitwise AND operation on the second processing file (PF2) and the key data for the second terminal (KD1);
  
  the second terminal (100b) generating the second random key seed and sending it to the first terminal (100a);
  
  the second terminal (100b) receiving the first random key seed from the first terminal (100a);
  
  the first terminal (100a) and the second terminal (100b) each inputting the combined key data (CKD) and the first random key seed into a function;
  
  the first terminal (100a) and the second terminal (100b) each inputting the combined key data (CKD) and the second random key seed into the function; and
  
  the first terminal (100a) and the second terminal (100b) both concatenating the results of the functions into the symmetric encryption key.

11. A computer readable storage medium (40) encoded with instructions (41) that, when executed on a processor, cause the processor to perform the steps of:
- generating a first processing file (PF1) for a first terminal (100a) based on an inverse of the key data for the first terminal (KD1) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for a second terminal (100b)(KD2);
  
  generating a second processing file (PF2) for the second terminal (100b) based on an inverse of the key data for the second terminal (KD2) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2); and
  
  sending the first processing file (PF1) to the first terminal (100a) and the second processing file (PF2) to the second terminal (100b).

12. A computer readable storage medium (40) encoded with instructions (41) that, when executed on a processor, cause the processor to perform the steps of:
- receiving a first processing file (PF1) from a server (300), wherein the first processing file (PF1) is based on an inverse of the key data for the first terminal (100)(KD1) having been subjected to a bit changing function, and a combined key data (CKD), wherein the combined key data (CKD) is a bitwise AND operation of key data for the first terminal (KD1) and key data for the second terminal (KD2);
  
  extracting combined key data (CKD) from the first processing file (PF1) by a bitwise AND operation on the first processing file (PF1) and the key data for the first terminal (KD1);
  
  generating a first random key seed and sending it to a second terminal (100b);
  
  receiving a second random key seed from the second terminal (100b);
  
  inputting the combined key data (CKD) and the first random key seed into a function;
  
  inputting the combined key data (CKD) and the second random key seed into the function; and
  
  concatenating the results of the functions into the symmetric encryption key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kelisec AB
Original Assignee
Kelisec AB
Inventors
Revell, Elise
Primary Examiner(s)
Shehni, Ghazal B

Application Number

US15/516,939
Publication Number

US 20170295016A1
Time in Patent Office

1,370 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0869   for achieving mutual authen...

H04L 9/083   involving central third par...

H04L 9/0869   involving random numbers or...

H04L 9/14   using a plurality of keys o...

H04W 12/04   Key management, e.g. using ...

H04W 12/0431   Key distribution or pre-dis...

Generating a symmetric encryption key

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

47 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Generating a symmetric encryption key

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links