Secure file transfer system and method

US 5,297,208 A
Filed: 08/05/1992
Issued: 03/22/1994
Est. Priority Date: 08/05/1992
Status: Expired due to Fees

First Claim

Patent Images

1. A file transfer system consisting ofa plurality of computers connected by a communications channel,means for generating or retrieving random numbers in each of said computers,means for digital handshaking between said computers to establish communications,means for sending frames and data blocks through said channel, reliably and efficiently,means for transmitting an encryption initialization vector frame in order to synchronize cipher feedback,means for deriving a secure session key in each of said computers, based on said random numbers and on exchanged derived numbers,means for encrypting data blocks using said cipher feedback,means for detecting transmission errors,means for resending variants of said encryption initialization vector frame and said frames and data blocks in case of said transmission errors,means for sending an encrypted copy of a file or files based on said session key,means for receiving said encrypted copy of said file or files, andmeans for decrypting said received copy of said file or files.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention is a system and method for securely and robustly transferring a file from one computer to another without having a prearranged encryption key. Data is transferred by first generating some random numbers on each computer and undertaking some cryptographically secure handshaking in which a session key is determined. Then the file is broken up into blocks and encrypted with a chaining block cipher and transmitted. The blocks have headers which identify the them, and allow for detection and correction of transmission errors. Before retransmitting a block, an initialization vector is sent to synchronize the cipher modules. The random numbers are generated with keystroke timings combined with a pseudorandom number generator to expand the supply.

Citations

20 Claims

1. A file transfer system consisting ofa plurality of computers connected by a communications channel,means for generating or retrieving random numbers in each of said computers,means for digital handshaking between said computers to establish communications,means for sending frames and data blocks through said channel, reliably and efficiently,means for transmitting an encryption initialization vector frame in order to synchronize cipher feedback,means for deriving a secure session key in each of said computers, based on said random numbers and on exchanged derived numbers,means for encrypting data blocks using said cipher feedback,means for detecting transmission errors,means for resending variants of said encryption initialization vector frame and said frames and data blocks in case of said transmission errors,means for sending an encrypted copy of a file or files based on said session key,means for receiving said encrypted copy of said file or files, andmeans for decrypting said received copy of said file or files.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1 further comprising means to record keystroke time intervals to generate said random numbers.
  - 3. The system of claim 1 further comprising means to generate said random numbers in advance, precompute modular exponentials of said random numbers, and save both in a storage device.
  - 4. The system of claim 1 further comprising means to update said random numbers based on a pseudorandom number generator and timing information.
  - 5. The system of claim 1 wherein said encryption initialization vector frame is based on the time of day.
  - 6. The system of claim 1 further comprising means to verify the key exchange by transmitting an otherwise unused portion of said session key.
  - 7. The system of claim 1 further comprising means to generate and validate a digital signature for the purpose of authenticating one or more of said computers.
  - 8. The system of claim 1 further comprising means to revert to a non-secure standard file transfer protocol under certain circumstances.
  - 9. The system of claim 1 further comprising means to calculate and transmit secure hash functions in order to verify the integrity of frames or data blocks.
  - 10. The system of claim 1 wherein said means for a deriving a secure session key involves each of said computers sending a modular exponential of said random number, where said modular exponentials conform to the Digital Signature Algorithm (DSA) and said encryption and decryption conforms to the Data Encryption Standard (DES).

11. A file transfer method consisting ofconnecting a plurality of computers by a communications channel,generating or retrieving random numbers in each said computer,digital handshaking between said computers to establish communications,sending frames and data blocks through said channel, reliably and efficiently,transmitting an encryption initialization vector frame in order to synchronize cipher feedback,deriving a secure session key in each of said computers, based on said random numbers and on exchanged derived numbers,encrypting data blocks using said cipher feedback,detecting transmission errors,resending variants of said encryption initialization vector frame and said frames and data blocks in case of said transmission errors,sending an encrypted copy of a file or files based on said session key,receiving said encrypted copy of said file or files, anddecrypting said received copy of said file or files.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of claim 11 further comprising recording keystroke time intervals to generate said random numbers.
  - 13. The method of claim 11 further comprising generating said random numbers in advance, precomputing modular exponentials of said random numbers, and saving both in a storage device.
  - 14. The system of claim 11 further comprising updating said random numbers based on a pseudorandom number generator and timing information.
  - 15. The method of claim 11 further comprising basing said encryption initialization vector frame on the time of day.
  - 16. The method of claim 11 further comprising verifying the key exchange by transmitting an otherwise unused portion of said session key.
  - 17. The method of claim 11 further comprising generating and validate a digital signature for the purpose of authenticating one or more of said computers.
  - 18. The method of claim 11 further comprising reverting to a non-secure standard file transfer protocol under certain circumstances.
  - 19. The method of claim 11 further comprising verifying the integrity of frames or data blocks by calculating and transmitting secure hash functions.
  - 20. The method of claim 11 wherein said method for a deriving a secure session key involves each of said computers sending a modular exponential of said random number, where said modular exponentials conform to the Digital Signature Algorithm (DSA) and said encryption and decryption conforms to the Data Encryption Standard (DES).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Michael J. Markowitz, Roger Schlafly
Original Assignee
Michael J. Markowitz, Roger Schlafly
Inventors
Markowitz, Michael J., Schlafly, Roger
Primary Examiner(s)
Swann, Tod R.

Application Number

US07/926,125
Time in Patent Office

594 Days
Field of Search

380/23, 380/24, 380/25, 380/29, 380/30, 380/46, 380/47, 380/48, 380/49, 380/3, 380/4, 380/50
US Class Current

380/261
CPC Class Codes

H04L 9/0637   Modes of operation, e.g. ci...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/3252   using DSA or related signat...

Secure file transfer system and method

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure file transfer system and method

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links