Data encryption using stateless confusion generators

US 20020120838A1
Filed: 12/14/2001
Published: 08/29/2002
Est. Priority Date: 12/29/2000
Status: Abandoned Application

First Claim

Patent Images

1. A packet-based encryption system comprising:

a transmitting device to encrypt data and to insert a pseudo-random key in a transmitted packet; and

a receiving device to receive and to decrypt said data in said transmitted packet using said pseudo-random key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention provides for the encoding of synchronization information in the transmitted streamed data so that the receiver and transmitter may synchronize their internal cipher states. It uses a random number generator at the transmitter subsystem as well as one-way cryptographic hash functions, and streaming cipher algorithms at both the transmitter subsystem and the receiver subsystem. The output of the random number generator at the transmitter is included in the transmitted data packet, and data in the packet is encrypted using a key derived from this same output value. Since this derivation is carried out using a number of encryption steps, such as a one-way hash function and a streaming cipher algorithm, to produce a key that is then used to encrypt the data before it is transmitted, the value of this key is of little use in decrypting the message. Thus, each packet now contains the information needed to generate the correct unique decryption key by the intended receiver and every packet effectively resynchronizes the encryption functions.

Citations

12 Claims

1. A packet-based encryption system comprising:
- a transmitting device to encrypt data and to insert a pseudo-random key in a transmitted packet; and
  
  a receiving device to receive and to decrypt said data in said transmitted packet using said pseudo-random key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1 wherein said transmitting device further comprises:
    - means to generate a random number;
      
      a first one-way cryptographic hash function means to generate a hashed number from said random number;
      
      a first streaming cipher algorithm using a seed to encrypt said hashed number;
      
      encryption means to encrypt said data using results of said first streaming cipher algorithm; and
      
      means to insert said random number in a specified field of said transmitted packet.
  - 3. The system of claim 2 wherein said receiving device further comprises:
    - means to remove said random number from said specified field of said transmitted packet;
      
      a second one-way cryptographic hash function means to generate a second hashed number from said random number;
      
      a second streaming cipher algorithm using a seed to encrypt said second hashed number; and
      
      decryption means to decrypt said data using results of said second streaming cipher algorithm.
  - 4. The system of claim 3 wherein said first one-way cryptographic hash function and said second one-way cryptographic hash function use the same algorithm and use a same first seed or key.
  - 5. The system of claim 4 wherein said first streaming cipher algorithm and said second streaming cipher algorithm are the same and use a same second seed or key.
  - 6. The system of claim 5 wherein said encryption means and said decryption means use the same third key and algorithm.
  - 7. The system of claim 1 wherein said transmitting device further comprises:
    - means to generate a random number;
      
      a first one-way cryptographic hash function means to generate a hashed number from said random number;
      
      a third one-way cryptographic hash function using a seed to encrypt said hashed number;
      
      encryption means to encrypt said data using results of said third one-way cryptographic hash function; and
      
      means to insert said random number in a specified field of said transmitted packet.
  - 8. The system of claim 7 wherein said receiving device further comprises:
    - means to remove said random number from said specified field of said transmitted packet;
      
      a second one-way cryptographic hash function means to generate a second hashed number from said random number;
      
      a fourth one-way cryptographic hash function using a seed to encrypt said second hashed number; and
      
      decryption means to decrypt said data using results of said fourth one-way cryptographic hash function.
  - 9. The system of claim 8 wherein said third one-way cryptographic hash function and said fourth one-way cryptographic hash function are the same and use a same fourth seed or key.

10. A method of encryption of packetized data using a symmetric key-based stream cipher, in which each packet includes self-synchronizing information comprising the steps of:
- encrypting data and inserting a pseudo-random key in a transmitted packet with said encrypted data; and
  
  decrypting said data in said transmitted packet with said inserted pseudo-random key.
- View Dependent Claims (11, 12)
- - 11. The method of claim 10 further comprising the steps of:
    - at the transmitting end;
      
      generating a random number;
      
      generating a hashed number from said random number using a first one-way cryptographic hash function;
      
      providing a first streaming cipher algorithm using said hashed number as a seed;
      
      encrypting said data using results of said first streaming cipher algorithm; and
      
      inserting said random number in a specified field of said transmitted packet. at the receiving end;
      
      removing said random number from said specified field of said transmitted packet;
      
      generating a second hashed number from said random number using a second one-way cryptographic hash function;
      
      providing a second streaming cipher algorithm using said hashed number as a seed; and
      
      decrypting said data using results of said second streaming cipher algorithm using said second hashed number as a seed.
  - 12. The method of claim 10 further comprising the steps of:
    - at the transmitting end;
      
      generating a random number;
      
      generating a hashed number from said random number using a first one-way cryptographic hash function;
      
      providing a third one-way cryptographic hash function using a seed to encrypt said hashed number;
      
      encrypting said data using results of said first streaming cipher algorithm; and
      
      inserting said random number in a specified field of said transmitted packet. at the receiving end;
      
      removing said random number from said specified field of said transmitted packet;
      
      generating a second hashed number from said random number using a second one-way cryptographic hash function;
      
      providing a fourth one-way cryptographic hash function using a seed to encrypt said second hashed number; and
      
      decrypting said data using results of said second streaming cipher algorithm using said second hashed number as a seed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nortel Networks Limited (Nortel Networks Corporation)
Original Assignee
Nortel Networks Limited (Nortel Networks Corporation)
Inventors
Abdulkader, Barbir

Application Number

US10/014,474
Publication Number

US 20020120838A1
Time in Patent Office

Days
Field of Search
US Class Current

713/153
CPC Class Codes

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/0662   with particular pseudorando...

H04L 9/12   Transmitting and receiving ...

Data encryption using stateless confusion generators

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Data encryption using stateless confusion generators

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links