Method for Distributing Cryptographic Keys in a Communication Network
First Claim
Patent Images
1. A method making it possible to distribute elements for generating one or more cryptographic keys between at least two users A and B in a network comprising a number of nodes Ni interlinked by means of communication highways, the network implementing a routing protocol, comprising at least the following steps:
- to communicate with B, A generates a public value that is sensitive to a malicious attack in which a third party seeks to pass himself off as a participant in the network, or “
MIM”
, and decomposes it using a mathematical transformation into m segments of redundancy o, that is to say that an information item can be recomposed from o segments, and transmits this concatenated information with a reference message Na over the network via k routing paths,to communicate with A, B generates a public value that is sensitive to an MIM attack and decomposes it using a mathematical transformation into m segments of redundancy o, that is to say that an information item can be recomposed from o segments, and transmits this concatenated information with a reference message Nb over the network via k routing paths,the two parties A and B regenerate the common secret by recalculating the inverse transform of all the combinations of o segments and by choosing the value that is statistically most represented;
gab˜
and g˜
ab once the two secrets assumed to be common have been calculated, gab˜
for A, and g˜
ab for B, the party A sends a verification message corresponding to the reference message Nb from B encrypted with the common secret;
gab˜
and sends it to the party B;
{Nb}gab˜
, B then decrypts the message from A with his key g˜
ab and checks consistency with his reference message Nb, then refers to the acknowledgment message in the same way;
{Na}g˜
ab to validate the common secret between the two entities, and to use the common secret to encode a message.
1 Assignment
0 Petitions
Accused Products
Abstract
A method making it possible to distribute elements for generating one or more cryptographic keys between at least two users A and B in a network implementing a routing protocol, characterized in that:
- to communicate with B, A generates a public value that is sensitive to a malicious MIM attack and decomposes it into m segments of redundancy o, and transmits this concatenated information with a reference message Na over the network via k routing paths and vice versa for B when he wants to communicate with A,
- the two parties A and B regenerate the common secret by recalculating the inverse transform of all the combinations of o segments and by choosing the value that is statistically most represented: gab˜ and g˜ab
- once the two secrets assumed to be common have been calculated, gab˜ for A, and g˜ab for B, the party A sends a verification message corresponding to the reference message Nb from B encrypted with the common secret: gab˜ and sends it to the party B: {Nb}gab˜,
- B then decrypts the message from A with his key g˜ab and checks consistency with his reference message Nb, then refers to the acknowledgment message in the same way: {Na}g˜ab to validate the common secret between the two entities.
8 Citations
8 Claims
-
1. A method making it possible to distribute elements for generating one or more cryptographic keys between at least two users A and B in a network comprising a number of nodes Ni interlinked by means of communication highways, the network implementing a routing protocol, comprising at least the following steps:
-
to communicate with B, A generates a public value that is sensitive to a malicious attack in which a third party seeks to pass himself off as a participant in the network, or “
MIM”
, and decomposes it using a mathematical transformation into m segments of redundancy o, that is to say that an information item can be recomposed from o segments, and transmits this concatenated information with a reference message Na over the network via k routing paths,to communicate with A, B generates a public value that is sensitive to an MIM attack and decomposes it using a mathematical transformation into m segments of redundancy o, that is to say that an information item can be recomposed from o segments, and transmits this concatenated information with a reference message Nb over the network via k routing paths, the two parties A and B regenerate the common secret by recalculating the inverse transform of all the combinations of o segments and by choosing the value that is statistically most represented;
gab˜
and g˜
abonce the two secrets assumed to be common have been calculated, gab˜
for A, and g˜
ab for B, the party A sends a verification message corresponding to the reference message Nb from B encrypted with the common secret;
gab˜
and sends it to the party B;
{Nb}gab˜
,B then decrypts the message from A with his key g˜
ab and checks consistency with his reference message Nb, then refers to the acknowledgment message in the same way;
{Na}g˜
ab to validate the common secret between the two entities, and to use the common secret to encode a message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeThales SA
-
Original AssigneeThales SA
-
InventorsGrall, Eric
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current380/285
-
CPC Class CodesH04L 2209/80 Wireless network architectu...H04L 9/0841 involving Diffie-Hellman or...H04W 12/041 Key generation or derivationH04W 12/122 Counter-measures against at...H04W 84/18 Self-organising networks, e...
