KEY BASED SECURE OPERATING SYSTEM WITH SECURE DONGLE AND METHOD, AND CRYPTOGRAPHIC METHOD
First Claim
1. A security interface system for plausible deniability of encrypted data, comprising:
- a. a first port for connection to a memory key, and a second port for connection to a PC;
b. circuitry comprising a hub controller for controlling data flows to and from the ports,c. a mass storage controller containing a boot record for the contents of the key and logic to decrypt the key; and
d. a memory key containing data, the key removably and operatively connected to the first portwherein the memory key is entirely encrypted so as to appear as random data, and the data on the security device is unencrypted.
0 Assignments
0 Petitions
Accused Products
Abstract
A security interface system creates plausible deniability, and consists of a security interface device having a port for a releasable connection to a PC and to a memory key containing an encrypted operating system, the interface device containing logic to decrypt the memory key and a plaintext bootloader, and a further port for a memory card containing a key. The key is entirely encrypted and appears as random data when inspected. The interface device may have a port(s) for a keyboard and mouse. An encryption and decryption method is described, for decrypting a ciphertext into one of two plaintexts by choice of a key, the choice of which plaintext depending on whether the secret is to be revealed or remain confidential.
-
Citations
10 Claims
-
1. A security interface system for plausible deniability of encrypted data, comprising:
-
a. a first port for connection to a memory key, and a second port for connection to a PC; b. circuitry comprising a hub controller for controlling data flows to and from the ports, c. a mass storage controller containing a boot record for the contents of the key and logic to decrypt the key; and d. a memory key containing data, the key removably and operatively connected to the first port wherein the memory key is entirely encrypted so as to appear as random data, and the data on the security device is unencrypted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of decryption of an encrypted text, the method comprising the steps of:
-
a. D1, D2, I, K are revealed to a verifier, where D1 and D2 are the plaintexts to be revealed, and I and K form the key pair; b. I is initialized to a value of 0; and c. decryption is iteratively performed according to the equation;
F[i]=(D1[i]D2[i])I)K mod pwhile i is an array position and is incremented by one in each iteration, until i points beyond the end of the array.
-
-
10. A method of encrypting a plaintext, the method comprising the steps:
-
a. p=2q−
1 is calculated, where both p and q are prime;b. X and Y are selected uniformly at random from the set of real numbers Zq; c. I1=X−
1 mod q and I2=Y−
1 mod q are calculated;d. C1=−
XI2 mod q and C2=−
YI1 mod q are calculated;e. K1=(C1+1)−
1 mod q and K2=(C2+1)−
1 mod q are calculated;f. X, Y, K1, K2, I1, I2, (C1+1), (C2+1) are determined to be unique, and not to contain any members of the set {0, 1, −
1};g. the shorter of the plaintext input files A, B is padded so that the plaintexts A, B are identical in length; h. files A and B are indexed as arrays in computer memory using the index I, with each array element being a fixed size close to but smaller than p in length; and i. D1 and D2 are iteratively calculated by reference to the formulas D1[i]=A[i]C1B[i]C2 mod p and D2[i]=A[i]XB[i]Y mod p, wherein i is an array position and is incremented each iteration and the last iteration has finished when i points beyond the array.
-
Specification