Method and apparatus for authenticating messages
First Claim
1. A method for authenticating communications comprising the steps of:
- generating;
an encryption/decryption key pair consisting of key Es and Ds said keys being of a first order selected to provide a predetermined level of security;
a set numbers of {a'"'"'} wherein numbers a'"'"' which are members of set {a'"'"'} are approximately of said first order, and have the property that when encrypted with said key Es resulting encrypted numbers Ds [a'"'"'] are of a second order substantially less than said first order;
hashing function H for mapping number of said first order onto a third, smaller order; and
,an encrypting key Ki ;
providing said key Es, said set {a'"'"'} said hashing function H and said key Ki to a first party;
providing said key Ki to a second party;
providing said key Ds and said hashing function H to a third party;
said first party;
selecting a particular one of said numbers a'"'"';
encrypting said selected number a'"'"' with said key Es to obtain a particular value Es [a'"'"'];
operating on said selected number a'"'"' with said hashing function H to obtain a second encrypting key Kj, equal to H(a'"'"');
forming a first level message M1 including said encryption key Ki ;
encrypting said first level message M1 with said second encrypting key Kj ;
forming a second level message M2 including said encrypted first level message Kj [M1 ] and said particular value Es [a'"'"'];
sending said second level message M2 to said second party;
said second party then;
encrypting information P with said key Kj ;
combining said second level message M2 with said encrypted information Ki [P] to form a third level message M3; and
sending a communication comprising said third level message M3 to said third party;
said third party then;
recovering said particular value Es [a'"'"'] from said second level message M2 comprised in said third level message M3;
decrypting said particular value Es [a'"'"'] with said key Ds to obtain said selected number a'"'"';
operating on said selected number a'"'"' with said hashing function H to obtain said second encryption key Kj ;
recovering said encrypted first level message Kj [M1] from said second level message M2 and decrypting said encrypted first level message Kj [M1] with said second encryption key Kj to obtain said first level message M1;
recovering said encrypted information Ki [P] from said third level message M3 and said encryption key Ki from said first level message M1; and
decrypting said encrypted information Ki [P] with said encryption key Ki to obtain said information P;
whereby said third party acquires a basis to believe that said information P is an authentic communication sent by said second party with the authorization of said first party.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for authenication of communications. More particularly the subject application discloses a method and apparatus whereby a third party may validate that a communication is an authentic communication from a second party sent with the authorization of a first party. For example, the third party may be a postal service, the second party may be a mailer, and the communication may be a postal indicia showing that a mail piece has been properly franked. The first party and the second party share an encryption key, or a series of keys. The first party also has a second encryption key which the third party has the ability to decrypted. In the subject invention the first party encrypts a key shared with the second party with the first party'"'"'s second key and transmits this to the second party. The second party then uses its copy of the key to encrypt information and appends its encrypted information to the message received from the first party and transmits all this to the third party. The third party may then decrypt the copy of the key encrypted by the first party and use this information to decrypt the information encrypted by the second party. The known technique of eliptical logarithms may be used to provide highly secure encryption of short messages. The second party may be a mailer and the apparatus of the subject invention may include a postage meter which prints the information transmitted to the third party, who may be a postal service, on a mail piece as a postal indicia.
145 Citations
21 Claims
-
1. A method for authenticating communications comprising the steps of:
-
generating; an encryption/decryption key pair consisting of key Es and Ds said keys being of a first order selected to provide a predetermined level of security; a set numbers of {a'"'"'} wherein numbers a'"'"' which are members of set {a'"'"'} are approximately of said first order, and have the property that when encrypted with said key Es resulting encrypted numbers Ds [a'"'"'] are of a second order substantially less than said first order; hashing function H for mapping number of said first order onto a third, smaller order; and
,an encrypting key Ki ; providing said key Es, said set {a'"'"'} said hashing function H and said key Ki to a first party; providing said key Ki to a second party; providing said key Ds and said hashing function H to a third party; said first party; selecting a particular one of said numbers a'"'"'; encrypting said selected number a'"'"' with said key Es to obtain a particular value Es [a'"'"']; operating on said selected number a'"'"' with said hashing function H to obtain a second encrypting key Kj, equal to H(a'"'"'); forming a first level message M1 including said encryption key Ki ; encrypting said first level message M1 with said second encrypting key Kj ; forming a second level message M2 including said encrypted first level message Kj [M1 ] and said particular value Es [a'"'"']; sending said second level message M2 to said second party; said second party then; encrypting information P with said key Kj ; combining said second level message M2 with said encrypted information Ki [P] to form a third level message M3; and sending a communication comprising said third level message M3 to said third party; said third party then; recovering said particular value Es [a'"'"'] from said second level message M2 comprised in said third level message M3; decrypting said particular value Es [a'"'"'] with said key Ds to obtain said selected number a'"'"'; operating on said selected number a'"'"' with said hashing function H to obtain said second encryption key Kj ; recovering said encrypted first level message Kj [M1] from said second level message M2 and decrypting said encrypted first level message Kj [M1] with said second encryption key Kj to obtain said first level message M1; recovering said encrypted information Ki [P] from said third level message M3 and said encryption key Ki from said first level message M1; and decrypting said encrypted information Ki [P] with said encryption key Ki to obtain said information P;
whereby said third party acquires a basis to believe that said information P is an authentic communication sent by said second party with the authorization of said first party. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for authenticating postal indicia, comprising:
-
authorizing apparatus, said authorizing apparatus further comprising; first storage means for storing one key Es, Ds, and keys Es, Ds, being of a first order selected to provide a predetermined level of security; second storage means for storing; a set of number {a'"'"'} each number a'"'"' having the property that when encrypted with said key Es the resulting values Es [a '"'"'] are of a second order substantially less than said first order; a hashing function H for mapping number a'"'"' onto numbers of a third smaller order; and
,an encryption key Ki ; first data processing means for; selecting a particular one of said number a'"'"'; encrypting said selected number a'"'"' with said key Es to obtain a particular value Es [a'"'"']; operating on said selected number a'"'"' with said hashing function H to obtain a second encryption key Kj, equal to H(a'"'"'); forming a first level message M1 including said encryption key kj ; encrypting said first level message M1 with said second encryption key Kj [M1]; forming a second level message M2 including said encrypted first level message Kj [M1] and said particular value Es [a'"'"']; and
,transmission means responsive to said first data processing means for sending said second level message M2; franking apparatus, for franking a mail piece, said franking apparatus comprising; first receiving means for receiving said second level message M2 second receiving means for receiving postal information P relating to a mail piece; accounting means responsive to said second receiving means for accounting for funds expended in franking said mail piece; encryption means responsive to said accounting means for encrypting said postal information P with said key Ki only if said funds have been accounted for by said accounting means; second data processing means responsive to said first and second receiving means and to said encryption means for; inputting said encrypted postal information Ki [P] from said encryption means; inputting said second level message M2 from said first receiving means inputting said postal information P from said second receiving means; and forming a third level message M3 including said second level message M2 and said encrypted postal information Ki [P]; and
,printing means responsive to said second data processing means for printing an indicia on said mail piece, said second data processing means controlling said printing means to print said indicia including said third level message M3 and said postal information P in plain text; and
,authenticating apparatus, said authenticating apparatus further comprising; scanning means for scanning said indicia, upon receipt of said mail piece, to read said third level message M3 and said postal information P form said plain text; third storage means for securely storing said key Ds ; fourth storage means for storing said hashing function H; third data processing means responsive to said third and forth storage means, and said scanning means for; recovering said particular value Es [a'"'"'] from said third level message M3; decrypting said particular value Es [a'"'"'] with said key Ds to obtain said selected number a'"'"'; operating on said selected number a'"'"' with said hashing function H to obtain H(a'"'"') equal to said second encryption key Kj ; recovering said encrypted first level message Kj [M1] from said third level message M3; decrypting said encrypted first level message Kj [M1] with said key Kj to obtain said first level message M1; recovering said encryption key Ki from said first level message M1; decrypting said encrypted postal information Ki [P] to obtain said information P, inputting said information P as scanned from said plane text and comparing said information P, as input, with said information P, as decrypted, to authenticate said indicia. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An apparatus for providing an authenticating message, comprising:
-
first storage means for storing one key Es of an encrypting/decryption key pair Es,Ds, said keys Es, Ds being of a first order selected to provide a predetermined level of security; second storage means for storing; a set of number {a'"'"'} each number a'"'"' having the property that when encrypted with said key Es the resulting values Es [a'"'"'] are of a second order substantially less than said first order; a hashing function H for mapping number a'"'"' onto number of third smaller order; and
,an encryption key Ki ; data processing means for; selecting a particular one of said number a'"'"'; encrypting said selected number a'"'"' with said key Es to obtain a particular value Es [a'"'"']; operating on said selected number a'"'"' with said hashing function H to obtain a second encryption key Kj, equal to H(a'"'"'); forming a first level message M1 including said encryption key Ki ; encrypting said first level message M1 with said second encryption key Kj to obtain Kj [M1]; forming a second level message M2 including said encrypted first level message Kj [M1] and said particular value Es [a'"'"']; and
,transmission means responsive to said data processing means for sending said second level message M2.
-
-
20. Franking apparatus for franking a mail piece, said franking apparatus comprising:
-
first receiving means for receiving a message M2; second receiving means for receiving postal information P relating to a mail piece; accounting means responsive to said second receiving means for accounting for funds expended in franking said mail piece; encryption means responsive to said accounting means for encrypting said postal information P with a key Ki only if said funds have been accounted for by said accounting means; data processing means responsive to said first and second receiving means and to said encryption means for; inputting said encrypted postal information Ki [P] from said encrypting means; inputting said second level message M2 from said first receiving means inputting said postal information P from said second receiving means; and forming a message M3 including said message M2 and said encrypted postal information Ki [P]; and
,printing means responsive to said data processing means for printing an indicia on said mail piece, said data processing means controlling said printing means to print said indicia including said third level message M3 and said postal information P in plain text.
-
-
21. Authenticating apparatus for authenticating an indicia for a mail piece comprising:
-
scanning means for scanning said indicia, upon receipt of said mail piece, to read a message M3 and postal information P from plain text in said indicia; first storage means for securely storing a key Ds ; second storage means for storing a hashing function H; data processing means responsive to said first and second storage means, and said scanning means, for; recovering particular value Es [a'"'"'] from said message M3; decrypting said particular value Es [a'"'"'] with said key Ds to obtain a'"'"'; operating on a'"'"' with said hashing function H to obtain H(a'"'"') equal to a second encryption key Kj ; recovering a encrypted message Kj [M1] from said message M3; decrypting said encrypted message Kj [M1] with said key Kj to obtain message M1; recovering an encryption key Ki from said first level message M1; recovering encrypted postal information Ki [P] from said third level message M3 and decrypting said said encrypted postal information Ki [P] to obtain information P; inputting said information P as scanned from said plain text and comparing said information P, as input, with said information P, as decrypted, to authenticate said indicia.
-
Specification