Cryptographic system using interchangeable key blocks and selectable key fragments

US 4,803,725 A
Filed: 05/14/1987
Issued: 02/07/1989
Est. Priority Date: 03/11/1985
Status: Expired due to Term

First Claim

Patent Images

1. A cryptographic system for the secure transmission of information between first and second nodes, comprising, at the first node:

means for generating a key comprising more than one key fragment;

means for arranging the key fragments in a selected order to form a permuted key;

means for generating data indicative of the selected order to the key fragements in the permuted key;

means for encrypting the information with said permuted key;

means for transferring the encrypted information, key and selected order data from the first node to the second node; and

, at the second node;

means for obtaining the selected order of key fragments to reconstruct the permuted key from the transferred key in accordance with the transferred selected order data; and

means for decrypting the information using the permuted key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cryptographic system is used for the secure transmission of digitized signals to a plurality of receivers. At the transmission end, a key consisting of two blocks, each including a plurality of key fragments, is generated. For each transmission session, different sets of key fragments may be periodically selected from one of the key blocks and used to encrypt the signals. Data indicative of the set selection is generated. The key is distributed to each receiver. The set selection data is transmitted to all receivers along with the encrypted signals and used to construct the key fragment set for decryption of the transmitted signals. During the transmission session, the other key block may be varied to form a replacement key which is distributed to each receiver. At the end of the session, the functions of the key blocks are interchanged in all receivers at one time by selecting a set in the varied key block for use in encryption and decryption.

Citations

35 Claims

1. A cryptographic system for the secure transmission of information between first and second nodes, comprising, at the first node:
- means for generating a key comprising more than one key fragment;
  
  means for arranging the key fragments in a selected order to form a permuted key;
  
  means for generating data indicative of the selected order to the key fragements in the permuted key;
  
  means for encrypting the information with said permuted key;
  
  means for transferring the encrypted information, key and selected order data from the first node to the second node; and
  
  , at the second node;
  
  means for obtaining the selected order of key fragments to reconstruct the permuted key from the transferred key in accordance with the transferred selected order data; and
  
  means for decrypting the information using the permuted key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The system of claim 1, further comprising means, at the first node, for encrypting the permuted key and means, at the second node, for decrypting the permuted key.
  - 3. The system of claim 2, wherein said key encryption means comprises means for generating a second key comprising one or more than one second key fragments;
    - means for selecting one or more of the second key fragments and arranging the selected second key fragments in a selected order;
      
      means for generating second data indicative of the selection and order of second key fragments;
      
      means for encrypting the permuted key with the selected ordered second key fragments and;
      
      means for transferring the second data from the first node to the second node.
  - 4. The system of claim 3, wherein said key decryption means comprises means for storing the second key, means for obtaining the selected ordered second key fragments from the stored second key using the second data and means for decrypting the permuted key using the selected ordered key fragments.
  - 5. The system of claim 3, wherein said means for generating the second key comprises means for storing a third key, means for storing a number associated with the second node, and means for encrypting the number with the third key to obtain the second key.
  - 6. The system of claim 5, for transmission of information from a first node to a plurality of second nodes each of which has a unique number associated with it and further comprising, at the first node, means for storing each of the unique numbers and for using a different one of the unique numbers to generate each of a plurality of second keys, each of the second keys being usable only by the second node whose unique number was used to generate it.
  - 7. The system of claim 6, wherein said key decryption means comprises means for storing the second key, means for obtaining the selected ordered key fragments from the stored second key using the second data and means for decrypting the permuted key using the selected ordered second key fragments.
  - 8. The system of claim 7, wherein said second key storing means stores a second key which is generated based on the unique number associated with the second node of which the storage means form a part.
  - 9. The system of claim 1, wherein said key fragment set selection means comprises means for periodically rearranging the order of the key fragments to form new permuted keys.
  - 10. The system of claim 3, wherein said second key fragment selection and arranging means comprises means for periodically selecting different second key fragments.
  - 11. The system of claim 3, wherein said second key fragment selection and arranging means comprises means for periodically reordering the selected second key fragments.
  - 12. The system of claim 3, wherein the key fragments are rearranged relatively often and the second key fragments are reselected or reordered less often.
  - 13. The system of claim 1, wherein said key fragments comprise bytes.
  - 14. The system of claim 3, wherein the second key fragments comprise sets of bits.

15. A cryptographic system of the secure transmission of information between first and second nodes, comprising, at the first node, means for generating a key comprising first and second key blocks, each of said blocks comprising more than one key fragment arranged in a selected order;
- means for designating one of the key blocks as the current key block for encryption and decryption;
  
  means for varying the order of the key fragments in the other key block, means for designating the other key block as the current key block at a time after the order of the key fragments therein has been varied;
  
  means for generating data indicative of the order of the key fragments in the current key block;
  
  means for encrypting the information to be transmitted using the key fragments arranged in the selected order from the then current key block and means for transferring the encrypted information, key, and data from the first node to the second node and, at the second node, means for obtaining the select order of the key fragments from the then current key block in the transferred key in accordance with the transferred data and means for decrypting the encrypted information using the obtained key fragments in the selected order from the then current key block.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, further comprising means, at the first node, for encrypting the key to form the transferred key and means, at the second node, for decrypting the transferred key.
  - 17. The system of claim 16, for transmission to a plurality of second nodes, wherein said key encrypting means comprises means for generating a plurality of second keys, each corresponding to a different one of the second nodes and means for encrypting the key for transmission to each of the second nodes by using the second key associated with that second node.
  - 18. The system of claim 17, wherein each of the second nodes comprises means for storing the second key associated therewith and means for decrypting the encrypted key using the stored second key.
  - 19. The system of claim 18, wherein said means for generating the second key comprises means for storing a third key, means for storing a number associated with each of the second nodes, and means for encrypting each of the numbers with the third key to obtain a plurality of the second keys.
  - 20. The system of claim 15, wherein said means for generating the second key comprises means for storing a third key, means for storing a number associated with each of the second nodes, and means for encrypting each of the numbers with the third key to obtain a plurality of the second keys.

21. A receiver for use in a system broadcasting information of the type comprising a key having more than one key fragment, the key fragments having been arranged in a selected order to form a permuted key, data indicative of the selected order of the key fragments in the permuted key, and information encrypted using the permuted key, the receiver comprising means for receiving the key, data and encrypted information, means for obtaining the permuted key from the received key in accordance with the received data and means for decrypting the received information using the obtained permuted key.
- View Dependent Claims (22, 23, 24)
- - 22. The receiver of claim 21, wherein the key is received in encrypted form and further comprising a memory for storing a second key and means for using the second key to decrypt the received key.
  - 23. The receiver of claim 22, wherein the second key comprises more than one fragment, wherein the broadcast signal comprises second data indicative of a selected set and order of fragments from the second key and wherein said means for using the second key to decrypt the received key comprises means for obtaining the selected set and order of second key fragments from the stored second key in accordance with the second data and for using the same in decrypting the received key.
  - 24. The receiver of claim 21, wherein said fragments comprise bytes.

25. A receiver for use in a system for broadcasting information of the type comprising:
- a key having first and second key blocks, each of the blocks comprising a plurality of key fragments arranged in a selected order, one of the blocks being designated as the current key block for encrypting and decrypting, while the other block is varied and, thereafter the other key block being designated as the current key block;
  
  data indicative of the order of the key fragments of the then current key block;
  
  information encrypted using the key fragments arranged in the selected order from the then current key block, the receiver comprising means for receiving the key, data and encrypted information, means for obtaining the selected order of the key fragments for the then current key block from the key in accordance with the received data and means for decrypting the received information using the key fragments arranged from the then current key block.
- View Dependent Claims (26, 27)
- - 26. The receiver of claim 25, wherein the key is received in encrypted form and further comprising a memory for storing a second key and means for using the second key to decrypt the key.
  - 27. The receiver of claim 25, wherein said first key block is designated as the current key block during a first transmission session and said second key block is designated as the current key block during a second transmission session.

28. A cryptographic method for the secure transmission of information between first and second nodes comprising the steps of, at the first node, generating a key comprising more then one key fragment, arranging the key fragments to form a permuted key, generating data indicative of the order of the key fragments in the permuted key, encrypting the information to be transmitted using the permuted key, transferring the encrypted information, key, and data from the first node to the second node and, at the second node, obtaining the order of the key fragments to reconstruct the permuted key from the transferred key in accordance with the transferred data and decrypting the information using the permuted key.
- View Dependent Claims (29, 30, 31)
- - 29. The method of claim 28, further comprising the steps of, at the first node, encrypting the key and, at the second node, decrypting the key.
  - 30. The method of claim 29, wherein the step of encrypting the key comprises the steps of generating a second key comprising one or more key fragments, selecting and arranging the second key fragments, generating second data indicative of the selection and order of the second key fragments, and transferring the second data from the first node to the second node.
  - 31. The method of claim 30, wherein the step of decrypting the key includes the steps of storing the second key, obtaining the selected and ordered second key fragments from the stored second key using the second data and decrypting the key using the selected and ordered second key fragments.

32. A cryptographic method for the secure transmission of information between first and second nodes, comprising the steps of, at the first node, generating a key comprising first and second key blocks, each of the key blocks comprising more than one key fragment arranged in a selected order, selecting one of the key blocks as the current key block for the second key block and, thereafter, selecting the second key block as the current key block, generating data indicative of the selected order of the key fragments in the then current key block, and transferring the encrypted information, key, and data from the first node to the second node and, at the second node, obtaining the selected order of the key fragments in the then current key block from the key in accordance with the data, and decrypting the information using the ordered key fragments of the then current key block from the transferred key information.
- View Dependent Claims (33, 34, 35)
- - 33. The method of claim 32, further comprising the steps of, at the first node, encrypting the key, and, at the second node, decrypting the key.
  - 34. The method of claim 33, for transmission to a plurality of second nodes, wherein the step of encrypting the key comprises the steps of generating a plurality of second keys, each corresponding to a different one of the second nodes, and encrypting the key for transmission to each of the second nodes by using the second key associated with that second node.
  - 35. The method of claim 34, wherein each of the second nodes has the second key associated therewith stored therein and further comprising the steps of decrypting the key using the stored second key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
General Instrument Corporation (CommScope Holding Company, Inc.)
Original Assignee
General Instrument Corporation (CommScope Holding Company, Inc.)
Inventors
Horne, Donald R., Jeffers, John M.
Primary Examiner(s)
NOT, DEFINED
Assistant Examiner(s)
NOT, DEFINED

Application Number

US07/050,635
Time in Patent Office

635 Days
Field of Search

380/14, 380/15, 380/19, 380/20, 380/44, 380/45, 380/36, 380/37
US Class Current

380/44
CPC Class Codes

H04L 9/083   involving central third par...

H04L 9/0891   Revocation or update of sec...

H04N 21/233   Processing of audio element...

H04N 21/26606   for generating or managing ...

H04N 21/26613   for generating or managing ...

H04N 21/42684   Client identification by a ...

H04N 21/439   Processing of audio element...

H04N 21/4623   Processing of entitlement m...

H04N 7/1675   Providing digital key or au...

Cryptographic system using interchangeable key blocks and selectable key fragments

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Cryptographic system using interchangeable key blocks and selectable key fragments

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links