Key distribution method
First Claim
1. A key distribution method comprising the following steps:
- (a) generating a first random number in a first system in use by a first converser;
(b) generating first key distribution information in said first system by applying a predetermined first transformation to said first random number on the basis of first secret information;
(c) transmitting said first key distribution information to a second system in use by a second converser via a communication channel;
(d) receiving said first key distribution information in said second system;
(e) generating a second random number in said second system;
(f) generating second key distribution information by applying said predetermined first transformation to said second random number on the basis of second secret information;
(g) transmitting said second key distribution information to said first system via said communication channel;
(h) receiving said second key distribution information in said first system; and
(i) generating an enciphering key in said first system by applying a predetermined second transformation to said second key distribution information on the basis of said first random number and identification information of said second converser.
1 Assignment
0 Petitions
Accused Products
Abstract
A key distribution method and system for distributing a key over an insecure communication channel between first and second systems. Both first and second systems generate respective random numbers, calculate key distribution codes based on that random number, public information and information secret to the respective systems, and transmits the distribution codes to the other system. The same key is generated by both systems based on public information, the locally generated random number and the received key distribution codes. Alternatively, the systems may exclude the secret information from the key distribution codes but generate and transmit identification codes based on the secret information, public information and the locally generated random numbers. The received key distribution and identification codes are subjected to a known transformation and compared to known identification of the transmitting system.
-
Citations
12 Claims
-
1. A key distribution method comprising the following steps:
-
(a) generating a first random number in a first system in use by a first converser; (b) generating first key distribution information in said first system by applying a predetermined first transformation to said first random number on the basis of first secret information; (c) transmitting said first key distribution information to a second system in use by a second converser via a communication channel; (d) receiving said first key distribution information in said second system; (e) generating a second random number in said second system; (f) generating second key distribution information by applying said predetermined first transformation to said second random number on the basis of second secret information; (g) transmitting said second key distribution information to said first system via said communication channel; (h) receiving said second key distribution information in said first system; and (i) generating an enciphering key in said first system by applying a predetermined second transformation to said second key distribution information on the basis of said first random number and identification information of said second converser. - View Dependent Claims (2, 3, 4)
-
-
5. A key distribution method comprising the following steps:
-
(a) generating a first random number in a first system in use by a first converser; (b) generating first key distribution information in said first system by applying a predetermined first transformation to said first random number on the basis of public information and generating first identification information of said first converser by applying a predetermined second transformation to said first random number on the basis of first secret information; (c) transmitting said first key distribution information and said first identification information to a second system in use by a second converser via a communication channel; (d) receiving said first key distribution information and said first identification information in said second system; (e) examining whether or not the result obtained by applying a predetermined third transformation to said first key distribution information to determine whether said first identification information satisfies a predetermined first condition and, if it does not satisfy, suspending key distribution processing; (f) generating a second random number if said first condition is satisfied at said step (e); (g) generating second key distribution information by applying said predetermined first transformation to said second random number on the basis of said public information, and generating second identification information of said second converser by applying said predetermined second transformation to said second random number on the basis of second secret information; (h) transmitting said second key distribution information and said second identification information to said first system via said communication channel; and (i) receiving said transmitted information and examining in said first system whether or not the result obtained by applying said predetermined third transformation to said second key distribution information on the basis of said second identification information satisfies a predetermined second condition and, if the result does not satisfy said second condition, suspending said key distribution processing or, if it satisfies said second condition, generating said enciphering key by applying a predetermined fourth transformation to said first random number on the basis of said second key distribution information. - View Dependent Claims (6, 7, 8)
-
-
9. A key distribution system comprising a first system in use by a first converser and a second system in use by a second converser connected by a communication channel wherein said first and second systems comprise:
-
(a) means in said first system for generating a first random number; (b) means in said first system for generating first key distribution information by applying a predetermined first transformation to said first random number on the basis of first secret information; (c) means in said first system for transmitting said first key distribution information to said second system via said communication channel; (d) means in said second system for receiving said first key distribution information; (e) means in said second system for generating a second random number; (f) means in said second system for generating second key distribution information by applying said predetermined first transformation to said second random number on the basis of second secret information; (g) means in said second system for transmitting said second key distribution information to said first system via said communication channel; (h) means in said first system for receiving said second key distribution information; and (i) means in said first system for generating an enciphering key by applying a predetermined second transformation to said second key distribution information on the basis of said first random number and identification information of said second converser. - View Dependent Claims (10)
-
-
11. A key distribution system comprising a first system in use by a first converser and a second system in use by a second converser connected by a communication channel wherein said first and second systems comprise:
-
(a) means in said first system for generating a first random number; (b) means in said first system for generating first key distribution information by applying a predetermined first transformation to said first random number on the basis of public information and generating first identification information of said first converser by applying a predetermined second transformation to said first random number on the basis of first secret information; (c) means in said first system for transmitting said first key distribution information and said first identification information to said second system via said communication channel; (d) means in said second system for receiving said first key distribution information and said first identification information; (e) means in said second system for examining whether or not the result obtained by applying a predetermined third transformation to said first key distribution information to determine whether said first identification information satisfies a predetermined first condition and, if it does not satisfy, suspending key distribution processing; (f) means in said second system for generating a second random number if said first condition is satisfied by said examining means; (g) means in said second system for generating second key distribution information by applying said predetermined first transformation to said second random number on the basis of said public information, and generating second identification information of said second converser by applying said predetermined second transformation to said second random number on the basis of second secret information; (h) means in said second system for transmitting said second key distribution information and said second identification information to said first system via said communication channel; and (i) means in said first system for receiving said transmitted information and examining whether or not the result obtained by applying said predetermined third transformation to said second key distribution information on the basis of said second identification information satisfies a predetermined second condition and, if the result does not satisfy said second condition, suspending said key distribution processing or, if it satisfies said second condition, generating said enciphering key by applying a predetermined fourth transformation to said first random number on the basis of said second key distribution information. - View Dependent Claims (12)
-
Specification