SECURED EMBEDDED DATA ENCRYPTION SYSTEMS
1 Assignment
0 Petitions
Accused Products
Abstract
Devices generate security vectors based on their own attributes. A device'"'"'s security vectors compose its transformation matrix. The devices securely share copies of their transformation matrices with other devices. A transmitting device adds its unique MAC to packets, encrypts those packets using its own transformation matrix, and transmits those packets. A receiving device uses its copy of the transmitting device'"'"'s transformation matrix to decrypt the data in a packet, determining whether a MAC extracted from that packet matches the transmitting device'"'"'s MAC. The receiving device can permit or prevent further processing of the packet'"'"'s data depending on whether the MACs match. Each device can store a copy of a same program that can be used to derive derivative security vectors from existing security vectors. Each device in the network can derive the same set of derivative vectors for any selected other device in the network, thereby “evolving” the transformation matrices.
8 Citations
38 Claims
-
1-20. -20. (canceled)
-
21. A method of securing communications between a first device and a second device, wherein the method comprises:
-
sending, from the first device to the second device, a first set of security vectors and a first message authentication code (MAC) to the second device to provide, on the second device, a stored first set of security vectors and a stored first MAC, wherein the first set of ecurity vectors and the first MAC are unique to the first device; generating, by the first device, a first transformation matrix from the first set of security vectors; generating, by the first device, a first derivative transformation matrix from the first transformation matrix using an initialization program; encrypting, by the first device, data and the first MAC using the first derivative transformation matrix to provide encrypted data and an encrypted first MAC; sending, from the first device to the second device, the encrypted data and the encrypted first MAC; generating, by the second device, a second transformation matrix from the stored first set of security vectors; generating, by the second device, a second derivative transformation matrix from the second transformation using the initialization program; decrypting, by the second device, the encrypted data and the encrypted first MAC using the second derivative transformation matrix to provide decrypted data and a decrypted first MAC; comparing the decrypted first MAC to the stored first MAC; and releasing the decrypted data if the decrypted first MAC is equivalent to the stored first MAC. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. An encryption/decryption processor, comprising:
-
a storage unit for storing a set of security vectors and a message authentication code (MAC); a transmitter for transmitting encrypted data and an encrypted MAC; an encryption unit for encrypting data and for encrypting the MAC; a generator for generating a derivative set of security vectors and for generating a derivative transformation matrix; a receiver for receiving encrypted data and an encrypted MAC; a decryption unit for decrypting encrypted data and for decrypting the encrypted MAC; and a comparison unit for comparing a stored MAC and a decrypted MAC. - View Dependent Claims (37)
-
-
38. A computer program product stored on a non-transitory computer-readable storage medium comprising computer-executable instructions for causing a processor to:
-
send, from a first device to a second device, a first set of security vectors and a first message authentication code (MAC) to the second device to provide, on the second device, a stored first set of security vectors and a stored first MAC, wherein the first set of security vectors and the first MAC are unique to the first device; generate, by the first device, a first transformation matrix from the first set of security vectors; generate, by the first device, a first derivative transformation matrix from the first transformation matrix using an initialization program; encrypt, by the first device, data and the first MAC using the first derivative transformation matrix to provide encrypted data and an encrypted first MAC; send, from the first device to the second device, the encrypted data and the encrypted first MAC; generate, by the second device, a second transformation matrix from the stored first set of security vectors; generate by the second device, a second derivative transformation matrix from the second transformation using the initialization program; decrypt, by the second device, the encrypted data and the encrypted first MAC using the second derivative transformation matrix to provide decrypted data and a decrypted first MAC; compare the decrypted first MAC to the stored first MAC; and release the decrypted data if the decrypted first MAC is equivalent to the stored first MAC.
-
Specification