Method for negotiating weakened keys in encryption systems
First Claim
1. A method for permitting encrypted communications between two stations which are operable with compatible encryption algorithms that accept encryption keys having work factors with respectively different values, comprising:
- in a first determining step, determining the lower one of the different work factor values;
providing an initial encryption key having a first work factor value;
comparing the first work factor value with the lower one of the work factor values determined in said determining step;
when, in said comparing step, the first work factor value is found to be greater than the lower one of the work factor values determined in said determining step, performing the following steps;
performing a hash function on a first word that includes the initial encryption key to produce an intermediate key, and deriving from the intermediate key a modified intermediate key having a work factor value not greater than the lower one of the different work factor values determined in said determining step;
performing a hash function on a second word that includes the modified intermediate key to produce a second output, and deriving from the second output a final encryption key having a work factor value not greater than the lower one of the different work factor values determined in said determining step; and
using the final encryption key to encrypt communications between the two stations.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for permitting encrypted communications between two stations which are operable with encryption algorithms that accept encryption keys having work factors with different values, by: in a first determining step, determining the lower one of the different values; providing an initial encryption key having a first work factor value; comparing the first work factor value with the lower one of the work factors determined in the determining step; when, in the comparing step, the first work factor value is greater than the lower one of the work factor values determined in the determining step, performing the following steps: performing a first hash function on the initial encryption key to produce a first output, and deriving from the first output a first intermediate key having a work factor value not greater than the lower one of the different work factor values determined in the determining step; performing the first hash function on the first intermediate key to produce a second output, and deriving from the second output a final encryption key having a work factor value not greater than the lower one of the different work factor values determined in the determining step; and using the final encryption key to encrypt communications between the two stations; and when, in the comparing step, the first work factor value is found to not be greater than the lower one of the work factor values determined in the determining step, using the initial encryption key to encrypt communications between the two stations.
8 Citations
23 Claims
-
1. A method for permitting encrypted communications between two stations which are operable with compatible encryption algorithms that accept encryption keys having work factors with respectively different values, comprising:
-
in a first determining step, determining the lower one of the different work factor values;
providing an initial encryption key having a first work factor value;
comparing the first work factor value with the lower one of the work factor values determined in said determining step;
when, in said comparing step, the first work factor value is found to be greater than the lower one of the work factor values determined in said determining step, performing the following steps;
performing a hash function on a first word that includes the initial encryption key to produce an intermediate key, and deriving from the intermediate key a modified intermediate key having a work factor value not greater than the lower one of the different work factor values determined in said determining step;
performing a hash function on a second word that includes the modified intermediate key to produce a second output, and deriving from the second output a final encryption key having a work factor value not greater than the lower one of the different work factor values determined in said determining step; and
using the final encryption key to encrypt communications between the two stations.
-
-
2. Apparatus for permitting encrypted communications between two stations which are operable with compatible encryption algorithms that accept encryption keys having work factors with respectively different values, comprising:
-
means for determining the lower one of the different work factor values;
means for providing an initial encryption key having a given work factor value;
means for comparing the first work factor value with the lower one of the work factor values;
means for performing a hash function on a first word that includes the initial encryption key to produce an intermediate key, and deriving from the intermediate key a modified intermediate key having a work factor value not greater than the lower one of the different work factor values;
means for performing a hash function on a second word that includes the modified intermediate key to produce a second output, and deriving from the second output a final encryption key having a work factor value not greater than the lower one of the different work factor values; and
means for using the final encryption key to encrypt communications between the two stations if the first work factor value is found to be greater than the lower one of the work factor values.
-
-
3. A method for permitting encrypted communications between two stations which are operable with compatible encryption algorithms that accept encryption keys having work factors with respectively different values, comprising:
-
determining a lowest one of the different work factor values;
providing an initial encryption key with a given work factor value;
comparing the given work factor value with the lowest one of the different work factor values; and
wherein, if the given work factor value is greater than the lowest one of the different work factor values, the method further comprises;
deriving from the initial encryption key a final encryption key having a work factor value not greater than the lowest one of the different work factor values; and
using the final encryption key for the encrypted communications. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for permitting encrypted communications between two stations which are operable with compatible encryption algorithms having an accepted key length, wherein the encryption algorithms accept encryption keys having work factors with respectively different values, comprising:
-
generating an initial encryption key;
determining a lowest one of the different work factor values;
comparing the accepted key length and the lowest one of the different work factor values; and
wherein, if the lowest one of the different work factor values is less than the accepted key length, the method further comprises;
deriving from the initial encryption key a final encryption key having a work factor value not greater than the lowest one of the different work factor values; and
using the final encryption key for the encrypted communications. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
Specification