KEY BASED SECURE OPERATING SYSTEM WITH SECURE DONGLE AND METHOD, AND CRYPTOGRAPHIC METHOD

US 20120331304A1
Filed: 06/21/2012
Published: 12/27/2012
Est. Priority Date: 06/21/2011
Status: Active Grant

First Claim

Patent Images

1. A security interface system for plausible deniability of encrypted data, comprising:

a. a first port for connection to a memory key, and a second port for connection to a PC;

b. circuitry comprising a hub controller for controlling data flows to and from the ports,c. a mass storage controller containing a boot record for the contents of the key and logic to decrypt the key; and

d. a memory key containing data, the key removably and operatively connected to the first portwherein the memory key is entirely encrypted so as to appear as random data, and the data on the security device is unencrypted.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security interface system creates plausible deniability, and consists of a security interface device having a port for a releasable connection to a PC and to a memory key containing an encrypted operating system, the interface device containing logic to decrypt the memory key and a plaintext bootloader, and a further port for a memory card containing a key. The key is entirely encrypted and appears as random data when inspected. The interface device may have a port(s) for a keyboard and mouse. An encryption and decryption method is described, for decrypting a ciphertext into one of two plaintexts by choice of a key, the choice of which plaintext depending on whether the secret is to be revealed or remain confidential.

Citations

10 Claims

1. A security interface system for plausible deniability of encrypted data, comprising:
- a. a first port for connection to a memory key, and a second port for connection to a PC;
  
  b. circuitry comprising a hub controller for controlling data flows to and from the ports,c. a mass storage controller containing a boot record for the contents of the key and logic to decrypt the key; and
  
  d. a memory key containing data, the key removably and operatively connected to the first portwherein the memory key is entirely encrypted so as to appear as random data, and the data on the security device is unencrypted.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein the key contains an encrypted operating system.
  - 3. The system of claim 1, the interface system further comprising a card containing a decryption key, and the security interface further comprising a third port for receiving the card.
  - 4. The system of claim 3, wherein the interface device, key and the card are all keyed to one another so as to only operate with each other.
  - 5. The system of claim 3 wherein the decryption key is further securely hashed.
  - 6. The system of claim 1, wherein the PC is able to operate entirely on the encrypted operating system of the key, without resort to its own hard disk.
  - 7. The system of claim 1, the security interface device further comprising one or more ports for the operation of a keyboard and mouse.
  - 8. The system of claim 1 the security device further comprising one or more ports for the attachment of peripherals.

9. A method of decryption of an encrypted text, the method comprising the steps of:
- a. D1, D₂, I, K are revealed to a verifier, where D1 and D2 are the plaintexts to be revealed, and I and K form the key pair;
  
  b. I is initialized to a value of 0; and
  
  c. decryption is iteratively performed according to the equation;
  
  F[i]=(D₁[i]D₂[i])^I)^Kmod p while i is an array position and is incremented by one in each iteration, until i points beyond the end of the array.

10. A method of encrypting a plaintext, the method comprising the steps:
- a. p=2q−
  
  1 is calculated, where both p and q are prime;
  
  b. X and Y are selected uniformly at random from the set of real numbers Zq;
  
  c. I₁=X^−
  
  1mod q and I₂=Y^−
  
  1mod q are calculated;
  
  d. C₁=−
  
  XI₂mod q and C₂=−
  
  YI₁mod q are calculated;
  
  e. K₁=(C₁+1)^−
  
  1mod q and K₂=(C₂+1)^−
  
  1mod q are calculated;
  
  f. X, Y, K₁, K₂, I₁, I₂, (C₁+1), (C₂+1) are determined to be unique, and not to contain any members of the set {0, 1, −
  
  1};
  
  g. the shorter of the plaintext input files A, B is padded so that the plaintexts A, B are identical in length;
  
  h. files A and B are indexed as arrays in computer memory using the index I, with each array element being a fixed size close to but smaller than p in length; and
  
  i. D₁and D₂are iteratively calculated by reference to the formulas D₁[i]=A[i]^C1B[i]^C2mod p and D₂[i]=A[i]^XB[i]^Ymod p, wherein i is an array position and is incremented each iteration and the last iteration has finished when i points beyond the array.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Daniel Charles Shapiro, Dong Liang She, Jonathan Marc Parri
Original Assignee
Daniel Charles Shapiro, Dong Liang She, Jonathan Marc Parri
Inventors
She, Dong Liang, Shapiro, Daniel Charles, Parri, Jonathan Marc

Granted Patent

US 9,009,488 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 21/602 Providing cryptographic fac...

G06F 21/85 interconnection devices, e....

KEY BASED SECURE OPERATING SYSTEM WITH SECURE DONGLE AND METHOD, AND CRYPTOGRAPHIC METHOD

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

KEY BASED SECURE OPERATING SYSTEM WITH SECURE DONGLE AND METHOD, AND CRYPTOGRAPHIC METHOD

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links