Cryptographic system using interchangeable key blocks and selectable key fragments
First Claim
1. A cryptographic system for the secured transmission of information between first and second nodes, comprising, at the first node;
- means for generating a key comprising more than one key fragment;
means for selecting a set of one or more of the key fragments;
means for generating data indicative of the selected key fragments;
means for encrypting the information using the selected key fragment set;
means for encrypting the key, said key encrypting means comprising means for generating a second key comprising more than one second key fragment;
means for selecting a set of one or more of the second key fragments;
means for encrytping said key with said selected set of second key fragments, means for generating second data indicative of the set of second key fragments selected; and
means for transferring the encrypted information, encrypted key, select data and second data from the first node to the second node; and
at the second node, means for decrypting the encrypted key, means for obtaining the selected key fragments set from the decrypted key in accordance with the transferred select data and means for decrypting the encrypted information using the obtained key fragments set.
2 Assignments
0 Petitions
Accused Products
Abstract
A cryptographic system is used for the secure transmission of digitized signals to a plurality of receivers. At the transmission end, a key consisting of two blocks, each including a plurality of key fragments, is generated. For each transmission session, different sets of key fragments may be periodically selected from one of the key blocks and used to encrypt the signals. Data indicative of the set selection is generated. The key is distributed to each receiver. The set selection data is transmitted to all receivers along with the encrypted signals and used to construct the key fragment set for decryption of the transmitted signals. During the transmission session, the other key block may be varied to form a replacement key which is distributed to each receiver. At the end of the session, the functions of the key blocks are interchanged in all receivers at one time by selecting a set in the varied key block for use in encryption and decryption.
197 Citations
31 Claims
-
1. A cryptographic system for the secured transmission of information between first and second nodes, comprising, at the first node;
- means for generating a key comprising more than one key fragment;
means for selecting a set of one or more of the key fragments;
means for generating data indicative of the selected key fragments;
means for encrypting the information using the selected key fragment set;
means for encrypting the key, said key encrypting means comprising means for generating a second key comprising more than one second key fragment;
means for selecting a set of one or more of the second key fragments;
means for encrytping said key with said selected set of second key fragments, means for generating second data indicative of the set of second key fragments selected; and
means for transferring the encrypted information, encrypted key, select data and second data from the first node to the second node; and
at the second node, means for decrypting the encrypted key, means for obtaining the selected key fragments set from the decrypted key in accordance with the transferred select data and means for decrypting the encrypted information using the obtained key fragments set. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- means for generating a key comprising more than one key fragment;
-
11. A cryptographic system for the secure transmission of information between first and second nodes, comprising at the first node;
- means for selecting a set of one or more of the key fragments, said key fragment selection means comprising means for periodically selecting different arrangements of fragments to form the key fragment set, means for generating data indicative of the selected key fragment set, means for encrypting the information using the selected key fragments set;
means for transferring the encrypted information, key, and select data from the first node to the second node;
at the second node;
means for obtaining the selected key fragment set for the transferred key in accordance with the transferred select data; and
means for decrypting the encrypted information using the obtained key fragment set.
- means for selecting a set of one or more of the key fragments, said key fragment selection means comprising means for periodically selecting different arrangements of fragments to form the key fragment set, means for generating data indicative of the selected key fragment set, means for encrypting the information using the selected key fragments set;
-
12. A cryptographic system for the secure transmission of information between first and second nodes, comprising, at the first node;
- means for generating a key comprising more than one key fragment, said key fragments comprising bytes;
means for selecting a set of one or more of the key fragments;
means for generating data indicative of the selected key fragments in said set;
means for encrypting the information using the selected key fragments in said set;
means for transferring the encrypted information, key, and select data from the first node to the second node; and
at the second node;
means for obtaining the selected key fragments said of the transferred key in accordance with the transferred selected data; and
means for decrypting the encrypted information using the obtained key fragments set.
- means for generating a key comprising more than one key fragment, said key fragments comprising bytes;
- 13. A cryptographic system for the secure transmission of information between first and second nodes comprising, at the first node, means for generating a key comprising first and second blocks, each block comprising more than one key fragment, means for designating one of the key blocks as the current key block for encryption and decryption, means for selecting one or more key fragments of the current key block to form a key fragment set, means for varying the second key block, said designating means designating the second key block as the then current key block after same has been varied, means for generating data indicative of the selected key fragment set from the then current key block, means for encrypting information using the selected key fragment set of the then current key block, means for transferring the encrypted information, key and data to the second node, and, at the second node, means for obtaining the selected key fragment set of the then current key block from the transferred key in accordance with the transferred data and means for decrypting the encrypted information using the obtained selected key fragment set.
- 22. A receiver for use in a system broadcasting information of the type comprising an encrypted key including more than one key fragment, data indicative of a key fragment set selected from the key, information encrypted using the selected set of key fragments indicated by the data, second data indicative of a key fragment set selected from a second key comprising more then one fragment, the receiver comprising means for receiving the key in encrypted form, data and encrypted information, means for obtaining the selected set of key fragments from the received key in accordance with the received data, means for decrypting the received information using the obtained selected key fragment set, a memory for storing a second key and means for using the stored second key to decrypt the received key fragment, comprising means for obtaining the second key fragment set from the stored second key in accordance with the second data and for using the obtained second key fragment set in decrypting the key information.
- 24. A receiver for use in a system broadcasting information of the type comprising key information including a key with first and second blocks, each having more than one fragments, one of the blocks being designated as the current key block for encrypting and decrypting during a period in which the other block is varied and, thereafter, the second block being designated as the current key block, data indicative of a key fragment set selected from the then current key block and information encrypted using the selected set of fragments indicated by the data, the receiver comprising means for receiving the key information, data and encrypted information, means for obtaining, from the received key information, the selected key fragment set in accordance with the received data and means for decrypting the received information using the obtained selected key fragment set.
-
29. A cryptographic method for the secure transmission of information between first and second nodes comprising the steps of, at the first node, generating a key comprising more than one key fragment, selecting one or more of the key fragments to form the set, generating data indicative of the selective key fragments set, encrypting the information to be transmitted using the selected key fragment set, encrypting the key, the step of encrypting the key comprising the steps of generating a second key comprising more than one key fragment, selecting one or more of the second key fragments to form a second set, encrypting the key with the selected set of second key fragments generating second data indicative of the selected second key fragment set, transferring the encrypted information, encrypted key, data and second data from the first node to the second node and, at the second node, obtaining the selected key fragment set from the transferred encrypted key in accordance with the transferred data, decrypting the encrypted key and decrypting the information using the obtained key fragment set.
-
30. The method of claim 56, wherein the step of decrypting the key information includes the steps of storing the second key, obtaining the selected second key fragment set from the stored second key using the second data and decrypting the encrypted key using the obtained second key fragment set.
-
31. A method for changing keys in a cryptographic system for transmitting information from a first node to a plurality of second nodes, the method comprising the steps of:
- generating a first key comprising first and second blocks, selecting said first block of the first key for use in encrypting and decrypting, encrypting the information to be transmitted with the first key block;
generating a second key comprising first and second blocks in which said first block is identical to the first block of the first key;
transmitting the encrypted information to each of the second nodes, distributing the first key to each of the second nodes to permit decryption of the transmitted information with the first block, distributing the second key to each of the second nodes for substitution for the first key, distributing to each of the second nodes a signal causing each of the second nodes to switch from said first block of said second key to said second block of said second key for decryption of the transmitted information as the second block of the second key is substituted for the first block of the first key for encryption of the information to be transferred.
- generating a first key comprising first and second blocks, selecting said first block of the first key for use in encrypting and decrypting, encrypting the information to be transmitted with the first key block;
Specification