One-time-pad encryption with central key service and key management

US 20030026431A1
Filed: 09/24/2002
Published: 02/06/2003
Est. Priority Date: 03/29/2000
Status: Abandoned Application

First Claim

Patent Images

1. A computer readable data carrier containing a one-time-pad communications key consisting of an encrypted sequence of bytes, produced by assembling a random sequence of bytes, encrypting the sequence by executing an encryption process with a key encryption key, and inserting into a carrier.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A one-time-pad encryption system where encrypted one-time-pad keys can be distributed to users on physical media or on a computer network from a central server. Each one-time-pad key has a key identification number that facilitates key management. Each encrypted data set includes a header specifying an offset within the one-time-pad key for commencement of decryption so that messages can be decrypted in any order. Before encryption begins, the length of remaining unused key is compared to the length of the data set to be encrypted. For ease of transcription or transmission by humans, the encrypted data can be represented as a subset of the 48 keys that are easy to use on a keyboard, preferably the 26 capital letters of the Western alphabet or these letters plus six numerals for a total of 32 characters. A one-time-pad key which is specialized to achieve such encryption can also be used for binary encryption. Encryption control buttons are added to a word processor and other programs as an addition to the user interface.

110 Citations

View as Search Results

37 Claims

1. A computer readable data carrier containing a one-time-pad communications key consisting of an encrypted sequence of bytes, produced by assembling a random sequence of bytes, encrypting the sequence by executing an encryption process with a key encryption key, and inserting into a carrier.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computer readable data carrier of claim 1 where the carrier is a physical, portable data memory.
  - 3. The computer readable data carrier of claim 1 where the carrier is a carrier signal with electronic intra-computer communications.
  - 4. A pair of computer readable data carriers as specified in claim 1 where the communications key on each carrier is encrypted with a key encryption key that is the same as the key encryption key for the other carrier of the pair.
  - 5. A pair of computer readable data carriers as specified in claim 1 where the communications key on each carrier is encrypted with a key encryption key that is different from the key encryption key for the other carrier of the pair.
  - 6. The pair of computer readable data carriers of claim 4 where the communications key on each carrier is encrypted with a one-time-pad key.
  - 7. The pair of computer readable data carriers of claim 4 where the communications key on each carrier is encrypted with a repeating key.
  - 8. The computer readable data carrier of claim 2 where the communications key on the carrier is encrypted with a repeating key.
  - 9. The computer readable data carrier of claim 1 where the byte values in said random sequence of bytes are limited to a set of byte values that includes fewer than all possible byte values such that the encryption process with the encryption key generates encrypted byte values falling outside of the set.

10. A method for a server on a network to provide a pair of encrypted one-time-pad communications keys, one to a sender and one to a receiver, comprising:
- a. receiving a sequence of random numbers from a random number generator;
  
  b. using said sequence of random numbers to generate a one-time-pad communications key commencing with an identifier; and
  
  c. transmitting a copy of said key via a computer network to each of a data set sender and to a data set receiver, each copy encrypted with a key encryption key.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The method of claim 10 wherein the key is comprised of a plurality of blocks, each having a block identifier associated with the block.
  - 12. The method of claim 11 wherein the blocks are generated and transmitted in a sequential stream for more than 4 continuous hours.
  - 13. The method of claim 10 wherein the key encryption method is a one-time-pad method.
  - 14. The method of claim 10 wherein the key encryption method is a repeating key method.
  - 15. The method of claim 10 where the communications key is encrypted with a key encryption key for the sender that is the same as the key encryption key for the receiver.

16. A method for a computer to use a one-time-pad communications key to encrypt a data set, comprising:
- a. having an encrypted one-time-pad communications key with an identifier;
  
  b. decrypting said one-time-pad communications key;
  
  c. using said one-time-pad communications key to encrypt a data set; and
  
  d. transmitting said data set to a receiver along with the identifier for said onetime-pad communications key.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
- - 17. The method of claim 16 wherein the computer is coupled to a network and the one-time-pad communications key is received from a server on the network.
  - 18. The method of claim 17 wherein the communications key is comprised of a plurality of blocks and the identifier comprises a block identifier associated with the block.
  - 19. The method of claim 18 wherein a portion of each block is used to encrypt said data set and a remaining portion of each block is discarded.
  - 20. The method of claim 16 wherein the key decryption method is a one-time-pad method.
  - 21. The method of claim 16 wherein the key decryption method is a repeating key method.
  - 22. The method of claim 16 wherein the method of encrypting the data set is binary encryption.
  - 23. The method of claim 16 wherein the method of encrypting the data set produces ciphertext having a keyable character set.

24. A method for a computer to receive an encrypted data set and use a one-time-pad communications key to decrypt the data set, comprising:
- a. having an encrypted one-time-pad communications key;
  
  b. decrypting said one-time-pad communications key;
  
  c. receiving an encrypted data set; and
  
  d. using said one-time-pad communications key to decrypt said data set.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31)
- - 25. The method of claim 24 wherein the computer is coupled to a network and the one-time-pad communications key is received from a server on the network.
  - 26. The method of claim 25 wherein the communications key is comprised of a plurality of blocks, each having a block identifier associated with the block.
  - 27. The method of claim 26 wherein a portion of each block is used to decrypt said data set and a remaining portion of each block is discarded.
  - 28. The method of claim 24 wherein the key decryption method is a one-time-pad method.
  - 29. The method of claim 24 wherein the key decryption method is a repeating key method.
  - 30. The method of claim 24 wherein the method of decrypting the data set is binary decryption.
  - 31. The method of claim 24 wherein the data set is comprised of ciphertext having a keyable character set and the method of decryption is based on the number of characters in the character set.

32. A computer method to minimize the chances that a one-time-pad encryption key that has been used is used again, comprising:
- a. receiving in a computer system a command to install a one-time-pad encryption key;
  
  b. installing said encryption key and placing in a registry in said computer system an identifier that identifies said key; and
  
  c. when a command is received to again install said key, checking said registry for said identifier and, if said identifier is present, taking an action to discourage further use of said key.
- View Dependent Claims (33, 34)
- - 33. The method of claim 32 further comprising, as said key is used, adding usage information to said registry indicating which portion remains unused and taking said action to discourage further use only if the portion remaining unused is smaller than a threshold.
  - 34. The method of claim 33 further comprising, if a command is received to delete said key while a portion larger than said threshold remains unused, taking said action to discourage further use even though such portion remains unused.

35. A method for a computer to determine whether a one-time-pad communications key is long enough to encrypt a data set, comprising:
- a. having an encrypted one-time-pad communications key with a record of an amount of said key remaining unused;
  
  b. having a data set to be encrypted with said communications key;
  
  c. determining a length of said data set;
  
  d. comparing said length to said amount of key remaining unused; and
  
  e. if said length is longer than said amount of key remaining unused, taking an action to discourage use of said key to encrypt said data set.
- View Dependent Claims (36, 37)
- - 36. The method of claim 35 wherein the method of encrypting the data set is binary encryption.
  - 37. The method of claim 35 wherein:
    - a. said data set comprises text;
      
      b. before said length is determined, said data set is expanded to an intermediate text represented by a character set limited to 48 or fewer characters; and
      
      c. the method of encrypting the data set produces ciphertext having a keyable character set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vadium Technology, Inc. (VTIAC Holdings Ltd.)
Original Assignee
Vadium Technology, Inc. (VTIAC Holdings Ltd.)
Inventors
Hammersmith, Wolfgang S.

Application Number

US10/254,754
Publication Number

US 20030026431A1
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

H04L 9/0822 using key encryption key

H04L 9/083 involving central third par...

One-time-pad encryption with central key service and key management

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

110 Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

One-time-pad encryption with central key service and key management

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

110 Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links