Cryptographic key management method and apparatus
First Claim
1. A secure cryptographic communication system comprising:
- A) a communications channel;
B) encryption means coupled to the communications channel for converting a message to be transmitted to encrypted text and for transmitting the encrypted text on the communications channel; and
C) decryption means coupled to the communications channel for receiving the encrypted text on the communications channel and for converting the encrypted text received on the communications channel to plain text;
D) the encryption means comprising transmit key component generating means for generating a transmit key component and transmitting means for transmitting the transmit key component to the decryption means;
E) the decryption means comprising receive key component generating means for generating a receive key component and receiving means for receiving the transmit key component from the encryption means;
F) the decryption means further comprising transmit key component checking means for determining the validity and transmission accuracy of the transmit key component, transmitting means for transmitting the receive key component to the encryption means, and combining means for combining the transmit key component and the receive key component to form a complete key; and
G) the encryption means further comprising receive key component checking means for determining the validity and transmission accuracy of the receive key component, receiving means for receiving the receive key component from the decryption means, and combining means for combining the transmit key component and the receive key component to form a complete key;
H) the encryption means using the complete key to convert the message to be transmitted to encrypted text and the decryption means using the complete key to convert the encrypted text received on the communications channel to plain text.
8 Assignments
0 Petitions
Accused Products
Abstract
A system for the secure communication of a message from a transmitting user to a receiving user using a split key scheme. Each user generates a key component using a cryptographic engine. The key component is a pseudorandom sequence of bits with an appended error detection field which is mathematically calculated based on the pseudorandom sequence. This key component is then sent out on a communications channel from the transmitting user to the receiving user. The receiving user also sends its key component to the transmitting user. Each location performs a mathematical check on the key component received from the other location. If the key component checks pass at both locations, the transmit key component and the receive key component, including the error detection fields, are combined at both locations, forming identical complete keys at both locations. The identical complete keys are then used to initiate the cryptographic engines at both locations for subsequent encryption and decryption of messages between the two locations.
-
Citations
15 Claims
-
1. A secure cryptographic communication system comprising:
-
A) a communications channel; B) encryption means coupled to the communications channel for converting a message to be transmitted to encrypted text and for transmitting the encrypted text on the communications channel; and C) decryption means coupled to the communications channel for receiving the encrypted text on the communications channel and for converting the encrypted text received on the communications channel to plain text; D) the encryption means comprising transmit key component generating means for generating a transmit key component and transmitting means for transmitting the transmit key component to the decryption means; E) the decryption means comprising receive key component generating means for generating a receive key component and receiving means for receiving the transmit key component from the encryption means; F) the decryption means further comprising transmit key component checking means for determining the validity and transmission accuracy of the transmit key component, transmitting means for transmitting the receive key component to the encryption means, and combining means for combining the transmit key component and the receive key component to form a complete key; and G) the encryption means further comprising receive key component checking means for determining the validity and transmission accuracy of the receive key component, receiving means for receiving the receive key component from the decryption means, and combining means for combining the transmit key component and the receive key component to form a complete key; H) the encryption means using the complete key to convert the message to be transmitted to encrypted text and the decryption means using the complete key to convert the encrypted text received on the communications channel to plain text. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for establishing secure cryptographic communications comprising the following steps:
-
A) generating a transmit key component at a first location; B) transmitting the transmit key component to a second location; C) receiving the transmit key component at the second location; D) checking the transmit key component for validity and errors at the second location; E) generating a receive key component at the second location; F) transmitting the receive key component to the first location; G) receiving the receive key component at the first location; H) checking the receive key component for validity and errors at the first location; I) inhibiting message communication between the first location and the second location if the transmit key component is invalid or contains errors; J) inhibiting message communication between the first location and the second location if the receive key component is invalid or contains errors; and K) enabling message communication between the first location and the second location if the transmit key component is valid and contains no errors and if the receive key component is valid and contains no errors. - View Dependent Claims (11, 12, 13, 14, 15)
-
Specification