Method and System Making it Possible to Test a Cryptographic Integrity of an Error Tolerant Data Item
First Claim
Patent Images
1. A method for testing the cryptographic integrity of data m, comprising, in combination, at least the following steps:
- a first step during which a key (C, Ksym) is generated by executing the following steps;
let F(GF(p), n, M, d) be a family of linear or nonlinear system error-correcting codes over GF(p) of length n, of cardinal M and distance d,randomly draw a correcting code C from the family F(GF(p), n,k,d) that has a correction capacity t, and define the key Ksym,a second step comprising the following steps;
code (20) said data m by using the correcting code selected in the first step,for a systematic code, compute the redundancy r, and use the secret key Sk(C, Ksym, I) with I being a non-zero integer less than t which represents the number of errors accepted in order to protect the redundancy r, the result obtained is the protected redundancy rp=SYMksym (r), with SYMksym=SYM being a symmetrical encryption block algorithm and Ksym being a secret key, transmit (22) the data (m|rp) resulting from the second step, the message with the encrypted redundancy,a third step comprising the following steps;
for a systematic code, let (ma|ra) be the input data for this function, reverse the redundancy confidentiality protection mechanism using the inverse of the symmetrical encryption algorithm and of the secret key SYMksym−
1(ra), ra being the encrypted redundancy received in the integrity checking step,let D1 be a decoding function associated with the chosen code C which has as input any datum and which has as output the word of the code that is closest in terms of distance, and a decoding successful OK or decoding unsuccessful information item, D1 is applied to the whole made up of the received message ma concatenated with the inverse of the redundancy SYMksym−
1(ra);
D1(ma|SYMksym−
1(ra)),if the decoding is not possible, there is no word of the code at a sufficiently small distance, the data are considered to be non-integral,otherwise, if the decoding is possible;
if d(hn-k(D1(ma|SYMksym−
1(ra)), ma)<
I+1, then the response is OK with, as effective useful message received, hn-k(D1(ma|SYMksym−
1(ra)) and the information on the distance d(hn-k(D1(ma|SYMksym−
1(ra)), ma),otherwise, the data are considered to be non-integral, d( )is the distance in terms of the number of elements of GF(p) that are different, and hn-k is the function which takes a character string as input and associates with it the n−
k first characters of the string.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for testing the cryptographic integrity of data m comprises at least the following elements: a module transmitting a message M, said module comprising a memory for storing the parameters used to execute the steps of the method, such as the key, the public data, a transmission medium, a receiver module also comprising storage means for storing at least the same parameters as in transmission. The system may comprise storage means for storing confidential data such as the secret keys, a processor suitable for executing the steps.
4 Citations
5 Claims
-
1. A method for testing the cryptographic integrity of data m, comprising, in combination, at least the following steps:
-
a first step during which a key (C, Ksym) is generated by executing the following steps; let F(GF(p), n, M, d) be a family of linear or nonlinear system error-correcting codes over GF(p) of length n, of cardinal M and distance d, randomly draw a correcting code C from the family F(GF(p), n,k,d) that has a correction capacity t, and define the key Ksym, a second step comprising the following steps; code (20) said data m by using the correcting code selected in the first step, for a systematic code, compute the redundancy r, and use the secret key Sk(C, Ksym, I) with I being a non-zero integer less than t which represents the number of errors accepted in order to protect the redundancy r, the result obtained is the protected redundancy rp=SYMksym (r), with SYMksym=SYM being a symmetrical encryption block algorithm and Ksym being a secret key, transmit (22) the data (m|rp) resulting from the second step, the message with the encrypted redundancy, a third step comprising the following steps; for a systematic code, let (ma|ra) be the input data for this function, reverse the redundancy confidentiality protection mechanism using the inverse of the symmetrical encryption algorithm and of the secret key SYMksym−
1(ra), ra being the encrypted redundancy received in the integrity checking step,let D1 be a decoding function associated with the chosen code C which has as input any datum and which has as output the word of the code that is closest in terms of distance, and a decoding successful OK or decoding unsuccessful information item, D1 is applied to the whole made up of the received message ma concatenated with the inverse of the redundancy SYMksym−
1(ra);D1(ma|SYMksym−
1(ra)),if the decoding is not possible, there is no word of the code at a sufficiently small distance, the data are considered to be non-integral, otherwise, if the decoding is possible; if d(hn-k(D1(ma|SYMksym−
1(ra)), ma)<
I+1, then the response is OK with, as effective useful message received, hn-k(D1(ma|SYMksym−
1(ra)) and the information on the distance d(hn-k(D1(ma|SYMksym−
1(ra)), ma),otherwise, the data are considered to be non-integral, d( )is the distance in terms of the number of elements of GF(p) that are different, and hn-k is the function which takes a character string as input and associates with it the n−
k first characters of the string. - View Dependent Claims (2, 3, 4, 5)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeThales SA
-
Original AssigneeThales SA
-
InventorsPainchault, Philippe, Garrido, Eric, Marcello, Sandra
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current713/168
-
CPC Class CodesH04L 2209/26 Testing cryptographic entit...H04L 2209/34 Encoding or coding, e.g. Hu...H04L 9/06 the encryption apparatus us...H04L 9/32 including means for verifyi...H04L 9/3242 involving keyed hash functi...
