Secure, swift cryptographic key exchange

US 5,835,592 A
Filed: 09/28/1995
Issued: 11/10/1998
Est. Priority Date: 06/01/1995
Status: Expired due to Fees

First Claim

Patent Images

1. In a protocol for cryptographic communication via a communication channel "I" in which a transmitting cryptographic unit "T" broadcasts onto the communication channel I an encrypted cyphertext message "M" obtained by supplying both a plaintext message "P" and a cryptographic key "K" to a first cryptographic device, and in which a receiving cryptographic unit "R" receives the broadcast cyphertext message M and by supplying the cyphertext message M together with the key K to a second cryptographic device decrypts the plaintext message P therefrom, a method by which the units T and R mutually establish a cryptographic key K by first exchanging messages before the unit T broadcasts the cyphertext message M comprising the steps of:

a. at a first of the units T or R;

i. selecting a first quantity "A" and a second quantity "B;

"ii. using a first mathematical function "Φ

₁ " and the quantities A and B, computing a third quantity "C"=Φ

₁ (A, B), the quantities A and B and the function Φ

₁ being such that knowing one or the other of the selected quantities A or B, the computed quantity C, and the function Φ

₁, there does not exist an inverse function Φ

₁ that may be used for directly computing the unknown quantity A or B;

iii. transmitting the selected quantity A together with the quantity C from the first unit T or R to a second unit R or T; and

iv. retaining at the first unit T or R the selected quantity B;

b. at the second unit R or T;

i. receiving the quantities A and C transmitted by the first unit T or R;

ii. selecting a fourth quantity "D;

"iii. using a second mathematical function "Φ

₂ " and the received quantity A together with the selected quantity D, computing a fifth quantity "E"=Φ

₂ (A, D), the quantities A and D and the function Φ

₂ being such that knowing one or the other of the selected quantities A or D, the computed quantity E, and the function Φ

₂, there does not exist an inverse function Φ

₂ that may be used for directly computing the unknown quantity A or D;

iv. transmitting the computed quantity E from the second unit R or T to the first unit T or R;

v. retaining at the second unit R or T the selected quantity D; and

vi. using a third mathematical function "Ψ

₂ " and the retained quantity D together with the received quantity C, computing the key K=Ψ

₂ (D, C)=Ψ

₂ (D, Φ

₁ {A, B}); and

c. at the first unit T or R;

i. receiving the quantity E transmitted by the unit R or T; and

ii. using a fourth mathematical function "Ψ

₁ " and the retained quantity B together with the received quantity E, computing the key K=Ψ

₁ (B, E)=Ψ

₁ (B, Φ

₂ {A, D})=Ψ

₂ (D, Φ

₁ {A, B}).

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Using the present cryptographic key exchange protocol, a first of two cryptographic units selects quantities "A" and "B." That same unit then applies a mathematical function "Φ₁ " to A and B to compute a third quantity "C.". A and B and the function Φ₁ posses the property that knowing A or B, and C, and the function Φ₁, it is mathematically impossible to compute the unknown quantity B or A. The first unit then transmits A together C to the second unit while retaining B. The second unit selects a fourth quantity "D" and then applies a second mathematical function Φ₂ to A and D to compute a quantity "E" which the second unit transmits to the first unit while retaining D. The quantities A and D and the function Φ₂ must posses the property that knowing D and E, and the function Φ₂, it is mathematically impossible to compute the unknown quantity D. Then the second unit applies a third mathematical function "Ψ₂ " to D and C to compute the key "K." The first unit upon receiving the quantity E then applies a fourth mathematical function Ψ₁ to B and E to also compute the key K.

Citations

47 Claims

1. In a protocol for cryptographic communication via a communication channel "I" in which a transmitting cryptographic unit "T" broadcasts onto the communication channel I an encrypted cyphertext message "M" obtained by supplying both a plaintext message "P" and a cryptographic key "K" to a first cryptographic device, and in which a receiving cryptographic unit "R" receives the broadcast cyphertext message M and by supplying the cyphertext message M together with the key K to a second cryptographic device decrypts the plaintext message P therefrom, a method by which the units T and R mutually establish a cryptographic key K by first exchanging messages before the unit T broadcasts the cyphertext message M comprising the steps of:
- a. at a first of the units T or R;
  
  i. selecting a first quantity "A" and a second quantity "B;
  
  "ii. using a first mathematical function "Φ
  
  ₁ " and the quantities A and B, computing a third quantity "C"=Φ
  
  ₁ (A, B), the quantities A and B and the function Φ
  
  ₁ being such that knowing one or the other of the selected quantities A or B, the computed quantity C, and the function Φ
  
  ₁, there does not exist an inverse function Φ
  
  ₁ that may be used for directly computing the unknown quantity A or B;
  
  iii. transmitting the selected quantity A together with the quantity C from the first unit T or R to a second unit R or T; and
  
  iv. retaining at the first unit T or R the selected quantity B;
  
  b. at the second unit R or T;
  
  i. receiving the quantities A and C transmitted by the first unit T or R;
  
  ii. selecting a fourth quantity "D;
  
  "iii. using a second mathematical function "Φ
  
  ₂ " and the received quantity A together with the selected quantity D, computing a fifth quantity "E"=Φ
  
  ₂ (A, D), the quantities A and D and the function Φ
  
  ₂ being such that knowing one or the other of the selected quantities A or D, the computed quantity E, and the function Φ
  
  ₂, there does not exist an inverse function Φ
  
  ₂ that may be used for directly computing the unknown quantity A or D;
  
  iv. transmitting the computed quantity E from the second unit R or T to the first unit T or R;
  
  v. retaining at the second unit R or T the selected quantity D; and
  
  vi. using a third mathematical function "Ψ
  
  ₂ " and the retained quantity D together with the received quantity C, computing the key K=Ψ
  
  ₂ (D, C)=Ψ
  
  ₂ (D, Φ
  
  ₁ {A, B}); and
  
  c. at the first unit T or R;
  
  i. receiving the quantity E transmitted by the unit R or T; and
  
  ii. using a fourth mathematical function "Ψ
  
  ₁ " and the retained quantity B together with the received quantity E, computing the key K=Ψ
  
  ₁ (B, E)=Ψ
  
  ₁ (B, Φ
  
  ₂ {A, D})=Ψ
  
  ₂ (D, Φ
  
  ₁ {A, B}).
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method by which the units T and R mutually establish the cryptographic key K of claim 1 wherein the function Φ
    - ₁ is identical to function Φ
      
      ₂, and wherein the function Ψ
      
      ₁ is identical to the function Ψ
      
      ₂.
  - 3. The method by which the units T and R mutually establish the cryptographic key K of claim 2 wherein the quantities A, B and C are respectively selected by a random number generator.
  - 4. The method by which the units T and R mutually establish the cryptographic key K of claim 2 wherein the first unit T or R transmits the selected quantity A together with the quantity C to the second unit R or T via the communication channel I, and the second unit R or T transmits the quantity E from the second unit R or T back to the first unit T or R via the communication channel I.
  - 5. The method by which the units T and R mutually establish the cryptographic key K of claim 2 wherein:
    - a. the selected quantities A, B and D are vectors;
      
      b. the vectors A and B are not parallel;
      
      c. the vectors A and D are not parallel;
      
      d. the vector D is not coplanar with the vectors A and B;
      
      e. the function Φ
      
      ₁ is a vector cross-product whereby the computed quantities C and E are vectors C and E; and
      
      f. the function Ψ
      
      ₁ is an absolute value of a vector dot-product.
  - 6. The method by which the units T and R mutually establish the cryptographic key K of claim 5 further comprising a step, performed by each of the units T and R, of applying a modulus function while establishing the cryptographic key K thereby establishing a modulus key K_m.

7. A cryptographic system adapted for cryptographic communication comprising:
- a. a communication channel "I" adapted for transmission of an encrypted cyphertext message "M;
  
  "b. a pair of transceivers that are coupled to said communication channel I, and that are adapted for communicating the cyphertext message M from one transceiver to another transceiver via said communication channel I; and
  
  c. a pair of cryptographic units, each cryptographic unit including;
  
  i. a quantity source for selecting one or more quantities to be used in establishing a cryptographic key "K" prior to communicating the cyphertext message M, and for transmitting such selected quantities from a quantity output port of the quantity source;
  
  ii. a key generator having a quantity input port for accepting one or more quantities selected by the quantity source, the key generator employing such quantities in establishing the key K which the key generator transmits from a key output port; and
  
  iii. a cryptographic device having;
  
  (1) a key input port for receiving the key K from the key generator;
  
  (2) a plaintext port adapted either for accepting a plaintext message "P" for encryption into the cyphertext message M and transmission from the cryptographic device, or for delivering a plaintext message P obtained by decryption of the cyphertext message M received by the cryptographic device; and
  
  (3) a cyphertext port adapted either for transmitting the cyphertext message M to one of said transceivers, or for receiving the cyphertext message M from such transceiver,the key generators of said cryptographic units collaboratively establishing the key K by;
  
  a. the key generator of a first of the cryptographic units;
  
  i. using a first mathematical function "Φ
  
  ₁ " together with a first quantity "A" and a second quantity "B," that are selected by the quantity source of the first cryptographic unit, to compute a third quantity "C"=Φ
  
  ₁ (A, B), the quantities A and B and the function Φ
  
  ₁ being such that knowing one or the other of the selected quantities A or B, the quantity C, and the function Φ
  
  ₁, there does not exist an inverse function Φ
  
  ₁ that may be used for directly computing the unknown quantity A or B;
  
  ii. transmitting the selected quantity A together with the quantity C from the key generator of said first cryptographic unit to the key generator of a second cryptographic unit; and
  
  iii. retaining at the first cryptographic unit the quantity B;
  
  b. the key generator of said second cryptographic unit;
  
  i. using a second mathematical function "Φ
  
  ₂ " together with the selected quantity A received from the first cryptographic unit and a fourth quantity "D," that is selected by the quantity source of said second cryptographic unit, to compute a fifth quantity "E"=Φ
  
  ₂ (A, D), the quantities A and D and the function Φ
  
  ₂ being such that knowing one or the other of the selected quantities A or D, the computed quantity E, and the function Φ
  
  ₂, there does not exist an inverse function Φ
  
  ₂ that may be used for directly computing the unknown quantity A or D;
  
  ii. transmitting the computed quantity E from the key generator of said second cryptographic unit to the key generator of said first cryptographic unit;
  
  iii. retaining at the second cryptographic unit the selected quantity D; and
  
  iv. using a third mathematical function "Ψ
  
  ₂ " and the retained quantity D together with the received quantity C to compute the key K=Ψ
  
  ₂ (D, C)=Ψ
  
  ₂ (D, Φ
  
  ₁ {A, B}); and
  
  c. the key generator of said first cryptographic unit;
  
  i. using a fourth mathematical function "Ψ
  
  ₁ " and the retained quantity B together with the received quantity E to compute the key K=Ψ
  
  ₁ (B, E)=Ψ
  
  ₁ (B, Φ
  
  ₂ {A, D})=Ψ
  
  ₂ (D, Φ
  
  ₁ {A, B}).
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The cryptographic system of claim 7 wherein the function Φ
    - ₁ is identical to function Φ
      
      ₂, and wherein the function Ψ
      
      ₁ is identical to the function Ψ
      
      ₂.
  - 9. The cryptographic system of claim 8 wherein the selected quantities A, B and D are respectively selected by a random number generator.
  - 10. The cryptographic system of claim 8 wherein the first cryptographic unit transmits the selected quantity A together with the quantity C to the second cryptographic unit via the communication channel I, and the second cryptographic unit transmits the quantity E from the second cryptographic unit back to the first cryptographic unit via the communication channel I.
  - 11. The cryptographic system of claim 8 wherein:
    - a. the selected quantities A, B and D are vectors;
      
      b. the vectors A and B are not parallel;
      
      c. the vectors A and D are not parallel;
      
      d. the vector D is not coplanar with the vectors A and B;
      
      e. the function Φ
      
      ₁ is a vector cross-product whereby the computed quantities C and E are vectors C and E; and
      
      f. the function Ψ
      
      ₁ is an absolute value of a vector dot-product.
  - 12. The cryptographic system of claim 11 wherein the key generators of both cryptographic units respectively apply a modulus function while establishing the cryptographic key K thereby establishing a modulus key K_m.

13. A cryptographic unit adapted for inclusion into a cryptographic system that performs cryptographic communication, the cryptographic system including:
- a. a communication channel "I" adapted for transmission of an encrypted cyphertext message "M;
  
  " andb. a pair of transceivers that are coupled to said communication channel I, and that are adapted for communicating the cyphertext message M from one transceiver to another transceiver via said communication channel I,said cryptographic unit comprising;
  
  a. a quantity source for selecting one or more quantities to be used in establishing a cryptographic key "K" prior to communicating the cyphertext message M, and for transmitting such selected quantities from a quantity output port of the quantity source;
  
  b. a key generator having a quantity input port for accepting one or more quantities selected by the quantity source, the key generator employing such quantities in establishing the key K which the key generator transmits from a key output port; and
  
  c. a cryptographic device having;
  
  i. a key input port for receiving the key K from the key generator;
  
  ii. a plaintext port adapted either for accepting a plaintext message "P" for encryption into the cyphertext message M and transmission from the cryptographic device, or for delivering a plaintext message P obtained by decryption of the cyphertext message M received by the cryptographic device; and
  
  iii. a cyphertext port adapted either for transmitting the cyphertext message M to one of the transceivers, or for receiving the cyphertext message M from such transceiver,the key generator of said cryptographic unit being adapted for establishing the key K collaboratively by communicating with a second cryptographic unit included in the cryptographic system by;
  
  a. using a first mathematical function "Φ
  
  ₁ " together with a first quantity "A" and a second quantity "B," that are selected by the quantity source of said cryptographic unit, in computing a third quantity "C"=Φ
  
  ₁ (A, B), the quantities A and B and the function Φ
  
  ₁ being such that knowing one or the other of the selected quantities A or B, the quantity C, and the function Φ
  
  ₁, there does not exist an inverse function Φ
  
  ₁ that may be used for directly computing the unknown quantity A or B;
  
  b. transmitting the quantity A together with the quantity C from the key generator of said cryptographic unit to the second cryptographic unit; and
  
  c. retaining at the first cryptographic unit the quantity B;
  
  d. receiving from the second cryptographic unit a fourth quantity "E" that has been obtained by computationally evaluating a second mathematical function "Φ
  
  ₂," the function Φ
  
  ₂ being such that knowing the quantity E, the function Φ
  
  ₂, and all but one of the variables used in evaluating the function Φ
  
  ₂, there does not exist an inverse function Φ
  
  ₂ that may be used for directly computing the unknown variable; and
  
  e. using a third mathematical function "Ψ
  
  ₁ " and the retained quantity B together with the received quantity E to compute the key K=Ψ
  
  ₁ (B, E).
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The cryptographic unit of claim 13 wherein the function Φ
    - ₁ is identical to function Φ
      
      ₂.
  - 15. The cryptographic unit of claim 13 wherein the quantities A and B are respectively selected by a random number generator.
  - 16. The cryptographic unit of claim 13 wherein said cryptographic unit transmits the quantity A together with the quantity C to the second cryptographic unit via the communication channel I, and receives the quantity E from the second cryptographic unit via the communication channel I.
  - 17. The cryptographic unit of claim 13 wherein:
    - a. the quantities A and B and the received quantity E are vectors;
      
      b. the vectors A and B are not parallel;
      
      c. the vector E is not perpendicular to the vector B;
      
      d. the function Φ
      
      ₁ is a vector cross-product whereby the quantity C is a vector C; and
      
      e. the function Ψ
      
      ₁ is an absolute value of a vector dot-product.
  - 18. The cryptographic unit of claim 17 wherein, while establishing the cryptographic key K, the key generator of said cryptographic unit applies a modulus function thereby establishing a modulus key K_m.
  - 19. The cryptographic unit of claim 13 further comprising the transceiver to which the cyphertext port of said cryptographic unit transmits the cyphertext message M, or from which the cyphertext port of said cryptographic unit receives the cyphertext message M.

20. A cryptographic unit adapted for inclusion into a cryptographic system that performs cryptographic communication, the cryptographic system including:
- a. a communication channel "I" adapted for transmission of an encrypted cyphertext message "M;
  
  " andb. a pair of transceivers that are coupled to the communication channel I, and that are adapted for communicating the cyphertext message M from one transceiver to another transceiver via the communication channel I,said cryptographic unit comprising;
  
  a. a quantity source for selecting one or more quantities to be used in establishing a cryptographic key "K" prior to communicating the cyphertext message M, and for transmitting such selected quantities from a quantity output port of the quantity source;
  
  b. a key generator having a quantity input port for accepting one or more quantities selected by the quantity source, the key generator employing such quantities in establishing the key K which the key generator transmits from a key output port; and
  
  c. a cryptographic device having;
  
  i. a key input port for receiving the key K from the key generator;
  
  ii. a plaintext port adapted either for accepting a plaintext message "P" for encryption into the cyphertext message M and transmission from the cryptographic device, or for delivering a plaintext message P obtained by decryption of the cyphertext message M received by the cryptographic device; and
  
  iii. a cyphertext port adapted either for transmitting the cyphertext message M to one of the transceivers, or for receiving the cyphertext message M from such transceiver,the key generator of said cryptographic unit being adapted for establishing the key K collaboratively by communicating with a second cryptographic unit included in the cryptographic system by;
  
  a. receiving from the second cryptographic unit a first quantity "C" that has been obtained by computationally evaluating a first mathematical function "Φ
  
  ₁," the function Φ
  
  ₁ being such that knowing the quantity C, the function Φ
  
  ₁, and all but one of the variables used in evaluating the function Φ
  
  ₁, there does not exist an inverse function Φ
  
  ₁ that may be used for directly computing the unknown variable; and
  
  b. using a second mathematical function "Ψ
  
  ₂ " together with the quantity C, that said key generator receives from the second cryptographic unit, and a second quantity "D," that is selected by the quantity source included in the second cryptographic unit, the key generator computes the key K=Ψ
  
  ₂ (D, C).
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
- - 21. The cryptographic unit of claim 20 wherein the key generator of said cryptographic unit, in collaboratively establishing the key K by communicating with the second cryptographic unit included in the cryptographic system, also:
    - c. uses a third mathematical function "Φ
      
      ₂ " together with a quantity A, also received from the second cryptographic unit, and with the second quantity D to compute a fifth quantity "E"=Φ
      
      ₂ (A, D), the quantities A and D and the function Φ
      
      ₂ being such that knowing one or the other of the quantities A or D, the computed quantity E, and the function Φ
      
      ₂, there does not exist an inverse function Φ
      
      ₁ that may be used for directly computing the unknown quantity A or D; and
      
      d. transmits the computed quantity E from the key generator of said first cryptographic unit to the second cryptographic unit.
  - 22. The cryptographic unit of claim 21 wherein the function Φ
    - ₁ is identical to function Φ
      
      ₂.
  - 23. The cryptographic unit of claim 20 wherein the quantity D is selected by a random number generator.
  - 24. The cryptographic unit of claim 20 wherein said cryptographic unit receives the quantity C via the communication channel I.
  - 25. The cryptographic unit of claim 20 wherein:
    - a. the quantities C and D are vectors;
      
      b. the vector D is not perpendicular to the vector C; and
      
      c. the function Ψ
      
      ₂ is an absolute value of a vector dot-product.
  - 26. The cryptographic unit of claim 25 wherein, while establishing the cryptographic key K, the key generator of said cryptographic unit applies a modulus function thereby establishing a modulus key K_m.
  - 27. The cryptographic unit of claim 20 further comprising the transceiver to which the cyphertext port of said cryptographic unit transmits the cyphertext message M, or from which the cyphertext port of said cryptographic unit receives the cyphertext message M.

28. A key generator adapted for inclusion into a cryptographic unit that is adapted for inclusion into a cryptographic system that performs cryptographic communication, the cryptographic system including:
- a. a communication channel "I" adapted for transmission of an encrypted cyphertext message "M;
  
  " andb. a pair of transceivers that are coupled to the communication channel I, and that are adapted for communicating the cyphertext message M from one transceiver to another transceiver via the communication channel I, andc. a pair of cryptographic units, each cryptographic unit including a cryptographic device having;
  
  i. a key input port for receiving a cryptographic key "K" prior to communicating the cyphertext message M;
  
  ii. a plaintext port adapted either for accepting a plaintext message "P" for encryption into the cyphertext message M and transmission from the cryptographic device, or for delivering a plaintext message P obtained by decryption of the cyphertext message M received by the cryptographic device; and
  
  iii. a cyphertext port adapted either for transmitting the cyphertext message M to one of the transceivers, or for receiving the cyphertext message M from such transceiver,the key generator adapted for inclusion into at least one of the cryptographic units comprising;
  
  a. a quantity input port for accepting one or more quantities to be used by the key generator in establishing the key K;
  
  b. a key output port from which the key generator transmits the key K to the key input port of the cryptographic device included in the cryptographic unit that includes the key generator;
  
  the key generator of the cryptographic unit being adapted for establishing the key K collaboratively by communicating with a second cryptographic unit included in the cryptographic system by;
  
  a. receiving from the second cryptographic unit a first quantity "C" that has been obtained by computationally evaluating a first mathematical function "Φ
  
  ₁," the function Φ
  
  ₁ being such that knowing the quantity C, the function Φ
  
  ₁, and all but one of the variables used in evaluating the function Φ
  
  ₁, there does not exist an inverse function Φ
  
  ₁ that may be used for directly computing the unknown variable; and
  
  b. using a second mathematical function "Ψ
  
  ₂ " together with the quantity C, that the key generator receives from the second cryptographic unit, and a second quantity "D," that is supplied to the quantity input port of the key generator, the key generator computes the key K=Ψ
  
  ₂ (D, C).
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35)
- - 29. The cryptographic unit of claim 28 wherein the key generator of said cryptographic unit, in collaboratively establishing the key K by communicating with the second cryptographic unit included in the cryptographic system, also:
    - c. uses a third mathematical function "Φ
      
      ₂ " together with a quantity A, also received from the second cryptographic unit, and with the second quantity D to compute a fifth quantity "E"=Φ
      
      ₂ (A, D), the quantities A and D and the function Φ
      
      ₂ being such that knowing one or the other of the quantities A or D, the computed quantity E, and the function Φ
      
      ₂, there does not exist an inverse function Φ
      
      ₂ that may be used for directly computing the unknown quantity A or D; and
      
      d. transmits the computed quantity E from the key generator of said first cryptographic unit to the second cryptographic unit.
  - 30. The cryptographic unit of claim 29 wherein the function Φ
    - ₁ is identical to function Φ
      
      ₂.
  - 31. The key generator of claim 28 further comprising a quantity source for selecting one or more quantities to be used in establishing the key K, the key generator including a quantity output port for transmitting such selected quantities from the quantity source to the quantity input port of the key generator.
  - 32. The key generator of claim 31 wherein the quantity D is selected by a random number generator.
  - 33. The key generator of claim 28 wherein the cryptographic unit receives the quantity C via the communication channel I.
  - 34. The key generator of claim 28 wherein:
    - a. the quantities C and D are vectors;
      
      b. the vector D is not perpendicular to the vector C; and
      
      c. the function Ψ
      
      ₂ is an absolute value of a vector dot-product.
  - 35. The key generator of claim 34 wherein, while establishing the cryptographic key K, the key generator applies a modulus function thereby establishing a modulus key K_m.

36. In a protocol for cryptographic communication via a communication channel "I" in which a transmitting cryptographic unit "T" broadcasts onto the communication channel I an encrypted cyphertext message "M" obtained by supplying both a plaintext message "P" and a cryptographic key "K" to a first cryptographic device, and in which a receiving cryptographic unit "R" receives the broadcast cyphertext message M and by supplying the cyphertext message M together with the key K to a second cryptographic device decrypts the plaintext message P therefrom, a method by which the units T and R mutually establish a cryptographic key K by first exchanging messages before the unit T broadcasts the cyphertext message M comprising the steps of:
- a. at a first of the units T or R;
  
  i. selecting a first quantity "B;
  
  "ii. using a first mathematical function "Φ
  
  " together with the selected quantity B, computing a second quantity "C"=Φ
  
  (B), the function Φ
  
  being such that knowing the quantity C and the function Φ
  
  , there does not exist an inverse function of function Φ
  
  that may be used for directly computing quantity B;
  
  iii. transmitting the quantity C from the first unit T or R to a second unit R or T; and
  
  iv. retaining at the first unit T or R the quantity B;
  
  b. at the second unit R or T;
  
  i. selecting a third quantity "D;
  
  "ii. using the first mathematical function Φ
  
  together with the selected quantity D, computing a fourth quantity "E"=Φ
  
  (D), the function Φ
  
  being such that knowing the quantity E and the function Φ
  
  , there does not exist an inverse function of function Φ
  
  that may be used for directly computing quantity D;
  
  iii. transmitting the computed quantity E from the second unit R or T to the first unit T or R;
  
  iv. retaining at the first unit R or T the quantity D;
  
  V. receiving the quantity C transmitted by the first unit T or R; and
  
  vi. using a second mathematical function "Ψ
  
  " together with the quantity D and the received quantity C, computing the key K=Ψ
  
  (D, C); and
  
  c. at the first unit T or R;
  
  i. receiving the quantity E transmitted by the unit R or T; and
  
  ii. using the second mathematical function Ψ and
  
  the retained quantity B together with the received quantity E, computing the key K=Ψ
  
  (B, E)=Ψ
  
  (D, C).
- View Dependent Claims (37, 38, 39, 40, 41, 42)
- - 37. The method by which the units T and R mutually establish the cryptographic key K of claim 36 wherein the selected quantities B and D are respectively selected by a random number generator.
  - 38. The method by which the units T and R mutually establish the cryptographic key K of claim 36 wherein the first unit T or R transmits the quantity C via the communication channel I, and the second unit R or T transmits the quantity E from the second unit R or T back to the first unit T or R via the communication channel I.
  - 39. The method by which the units T and R mutually establish the cryptographic key K of claim 36 wherein an inverse function Φ
    - ^-1 of the function Φ
      
      has an unlimited number of periodic solutions.
  - 40. The method by which the units T and R mutually establish the cryptographic key K of claim 36 wherein:
    - a. the quantity B and the quantity D are respectively complex numbers of the form z_b =r_b (cosΘ
      
      _b +isinΘ
      
      _b) and z_d =r_d (cosΘ
      
      _d +isinΘ
      
      _d);
      
      b. the function Φ
      
      is an arbitrarily chosen scalar constant "g" raised to a complex number power respectively by the complex number quantities B or D whereby the computed quantities C and E are complex numbers, ##EQU15## c. the function Ψ
      
      is either a modulus or an argument of the complex number C or E raised to a complex number power respectively by the complex number quantities B or D, ##EQU16##
  - 41. The method by which the units T and R mutually establish the cryptographic key K of claim 40 wherein the scalar constant is a number "e" that is used as a base for natural logarithms.
  - 42. The method by which the units T and R mutually establish the cryptographic key K of claim 36 wherein:
    - a. the quantity B and the quantity D are respectively n-dimensional vectors respectively B=(b₁, b₂, . . . , b_n) and D=(d₁, d₂, . . . , d_n);
      
      b. the function Φ
      
      evaluates a determinant to obtain conventional vectors X_C and X_E, the determinants so evaluated respectively including;
      
      i. a row that contains a set of standard unit vectors (e₁, e₂, . . . , e_n);
      
      ii. a row that contains respectively either the n-dimensional vector B or the n-dimensional vector D depending upon whether the determinant is being evaluated to establish either the vector X_C or the vector X_E ; and
      
      iii. n-2 remaining rows of the determinant contain a set of (n-2) public vectorsp¹ =(p₁¹, p₂¹, . . . , p_n¹)p² =(p₁², p₂², . . . , p_n²) . . .p^n-2 =(p₁^n-2, p₂^n-2, . . . , p_n^n-2); and
      
      c. the function Ψ
      
      is an absolute value of a vector dot-product respectively of the vector B with the vector X_E, K=|(b₁, b₂, . . . , b_n)·
      
      X_E, |, or of the vector D with the vector X_C, K=|(d₁, d₂, . . . , d_n)·
      
      X_c |.

43. In a protocol for cryptographic communication via a communication channel "I" in which a transmitting cryptographic unit "T" broadcasts onto the communication channel I an encrypted cyphertext message "M" obtained by supplying both a plaintext message "P" and a cryptographic key "K" to a first cryptographic device, and in which a receiving cryptographic unit "R" receives the broadcast cyphertext message M and by supplying the cyphertext message M together with the key K to a second cryptographic device decrypts the plaintext message P therefrom, a method by which the units T and R mutually establish a cryptographic key K by first exchanging messages before the unit T broadcasts the cyphertext message M comprising the steps of:
- a. at a first of the units T or R;
  
  i. selecting a first quantity "A" and a second quantity "B;
  
  "ii. using a first mathematical function "Φ
  
  ₁ " together with the selected quantities A and B, computing a second quantity "C"=Φ
  
  ₁ (A, B), the function Φ
  
  being such that knowing the quantity C and the function Φ
  
  ₁, there does not exist an inverse function of Φ
  
  ₁ that may be used for directly computing the quantities A or B;
  
  iii. transmitting the quantity C from the first unit T or R to a second unit R or T; and
  
  iv. retaining at the first unit T or R the quantities A and B;
  
  b. at the second unit R or T;
  
  i. selecting a third quantity "D;
  
  "ii. using a second mathematical function "Φ
  
  ₂ " together with the selected quantity D, computing a fourth quantity "E"=Φ
  
  ₂ (D), the function Φ
  
  ₂ being such that knowing the quantity E and the function Φ
  
  ₂, there does not exist an inverse function of Φ
  
  ₂ that may be used for directly computing quantity D;
  
  iii. transmitting the computed quantity E from the second unit R or T to the first unit T or R;
  
  iv. retaining at the first unit R or T the quantity D;
  
  v. receiving the quantity C transmitted by the first unit T or R; and
  
  vi. using a third mathematical function "Ψ
  
  ₂ " and the retained quantity D together with the received quantity C, computing the key K=Ψ
  
  ₂ (D, C)=Ψ
  
  ₂ (D, Φ
  
  ₁ {A, B}); and
  
  c. at the first unit T or R;
  
  i. receiving the quantity E transmitted by the unit R or T; and
  
  ii. using a fourth mathematical function "Ψ
  
  ₁ " and the retained quantities A and B together with the received quantity E, computing the key K=Ψ
  
  (A, B, E)=Ψ
  
  (D, C).
- View Dependent Claims (44, 45, 46, 47)
- - 44. The method by which the units T and R mutually establish the cryptographic key K of claim 43 wherein the selected quantities B and D are respectively selected by a random number generator.
  - 45. The method by which the units T and R mutually establish the cryptographic key K of claim 43 wherein the first unit T or R transmits the quantity C via the communication channel I, and the second unit R or T transmits the quantity E from the second unit R or T back to the first unit T or R via the communication channel I.
  - 46. The method by which the units T and R mutually establish the cryptographic key K of claim 43 wherein:
    - a. the selected quantities A, B and D are vectors;
      
      b. the computed quantities C and E are vectors;
      
      c. the function Φ
      
      ₁ is a first difference "Δ
      
      " of a convolution "*" of the vectors A and B;
      
      d. the function Φ
      
      ₂ is a first difference A of the vector D;
      
      e. the function Ψ
      
      ₂ is a convolution * of the vector C with the vector D; and
      
      f. the function Ψ
      
      ₁ is a convolution * of the vectors A and B convolved * with the vector E.
  - 47. The method by which the units T and R mutually establish the key K of claim 46 further comprising a step, performed by each of the units T and R, of applying a modulus function while establishing the cryptographic key K thereby establishing a modulus key K_m.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Chung Nan Chang
Original Assignee
Chung Nan Chang
Inventors
Yuan, Chuan Kuan, Hao, Feng Qi, Chang, Chung Nan
Primary Examiner(s)
Buczinski, Stephen C.

Application Number

US08/534,960
Time in Patent Office

1,139 Days
Field of Search

380/21, 380/28, 380/30, 380/49, 380/44, 380/46
US Class Current

380/285
CPC Class Codes

H04L 9/0841 involving Diffie-Hellman or...

H04L 9/3093 involving Lattices or polyn...

Secure, swift cryptographic key exchange

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

47 Claims

Specification

Solutions

Use Cases

Quick Links

Secure, swift cryptographic key exchange

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

47 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links