Secure deterministic encryption key generator system and method

US 5,963,646 A
Filed: 12/28/1998
Issued: 10/05/1999
Est. Priority Date: 03/10/1997
Status: Expired due to Term

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method of generating a pseudo-random, symmetric encryption key which is highly resistant to reverse analysis, and which comprises the following steps:

combining a constant value and a secret plural bit sequence to produce a shuffled bit result having fewer than a collective number of bits in said constant value and said secret plural bit sequence;

performing a secure hash operation on said shuffled bit result to produce a message digest; and

extracting said pseudo-random, symmetric encryption key from said message digest.

View all claims

2 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

An encryption key generator is disclosed which is highly resistant to cryptographic analysis or brute force attacks, and which accommodates the destruction of an encryption key after each use by providing for the recreation of the key without need of key directories or other encryption key storage processes. A constant value and a secret E-Key Seed are applied as inputs to a bit-shuffling algorithm to provide a first many-to-few bit mapping and produce a first pseudo-random number. The first pseudo-random number in turn is applied as an input to a secure one-way hash algorithm to provide a second many-to-few bit mapping and produce a second pseudo-random number or message digest that may be truncated to a desired bit length to serve as a non-predictable but deterministic encryption key. Same constant value and E-Key Seed inputs to the key generator will provide the same message digest and hence the same key.

184 Citations

27 Claims

1. A method of generating a pseudo-random, symmetric encryption key which is highly resistant to reverse analysis, and which comprises the following steps:
- combining a constant value and a secret plural bit sequence to produce a shuffled bit result having fewer than a collective number of bits in said constant value and said secret plural bit sequence;
  
  performing a secure hash operation on said shuffled bit result to produce a message digest; and
  
  extracting said pseudo-random, symmetric encryption key from said message digest.
- View Dependent Claims (2, 3, 4, 5, 6, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, wherein said secret plural bit sequence has a binary length of at least 224 bits, and said pseudo-random symmetric encryption key has a binary length of at least 112 bits.
  - 3. The method of claim 1, wherein said constant value and said secret plural bit sequence are combined by plural algebraic functions to form said shuffled bit result.
  - 4. The method of claim 1, wherein said constant value and said secret plural bit sequence are encrypted before being combined by an algebraic function to form said shuffled bit result.
  - 5. The method of claim 1, wherein said message digest has a binary length which is less than that of said shuffled bit result.
  - 6. The method of claim 1, wherein said plural bit sequence has a binary length larger than that of said constant value.
  - 13. The method of claim 1, wherein said constant value and said secret plural bit sequence are combined by at least one algebraic function.
  - 14. The method of claim 1, wherein said constant value and said secret plural bit sequence are combined by at least one logic function.
  - 15. The method of claim 1, wherein said constant value and said secret plural bit sequence are combined by at least one cryptographic function.
  - 16. The method of claim 1, wherein said constant value and said secret plural bit sequence are combined by any combination of one or more of each of an algebraic function, a logic function, and an encryption function.
  - 17. The method of claim 1, wherein said pseudo-random, symmetric encryption key also is deterministic and non-predictable.
  - 18. The method of claim 1, wherein the step of combining includes plural bit shuffling operations to form said shuffled bit result.
  - 19. The method of claim 1, wherein the step of performing also includes plural bit shuffling functions in forming said message digest.
  - 20. The method of claim 1, wherein said secret plural bit sequence may vary in binary bit length.

7. A system for creating a pseudo-random, symmetric encryption key for use in a computer network system, which comprises:
- a first function generator means having a constant value as one input and a secret plural bit sequence as a second input for combining said constant value and said secret plural bit sequence produce a pseudo-random output having fewer than a collective number of bits in said constant value and said secret plural bit sequence;
  
  a secure hash function generator means in electrical communication with said first function generator means and having said pseudo-random output as an input for generating a pseudo-random message digest; and
  
  truncation means in electrical communication with said secure hash function generator means and receiving said pseudo-random message digest for truncating said pseudo-random message digest to provide said pseudo-random, symmetric encryption key.
- View Dependent Claims (8, 9, 10, 11, 21, 22, 23, 24, 25, 27)
- - 8. The system of claim 7, secret wherein said plural bit sequence has a first binary length larger than that of said constant value, and said pseudo-random output has a second binary length larger than said pseudo-random message digest.
  - 9. The system of claim 7, wherein said constant value and said secret plural bit sequence are combined in accordance with at least one algebraic function.
  - 10. The system of claim 9, wherein said at least one algebraic function is replaced by at least one logic function.
  - 11. The system of claim 7, wherein said secret plural bit sequence and said constant value are encrypted before being combined.
  - 21. The system of claim 7, wherein said constant value and said secret plural bit sequence are combined in accordance with at least one cryptographic function.
  - 22. The system of claim 7, wherein said constant value and said secret plural bit sequence are combined by any combination of one or more of each of an algebraic function, a logic function, and an encryption function.
  - 23. The system of claim 7, wherein said pseudo-random, symmetric encryption key also is deterministic and non-predictable.
  - 24. The system of claim 7, wherein said first function generator performs plural bit shuffling functions in combining said constant value and said secret plural bit sequence.
  - 25. The system of claim 7 further including bit shuffling means receiving said pseudo-random message digest from said secure hash function generator means for performing plural bit shuffling operations on said pseudo-random message digest to generate a second pseudo-random message digest which is truncated by said truncation means to provide said pseudo-random, symmetric encryption key.
  - 27. The system of claim 7, wherein said secret plural bit sequence may vary in binary bit length.

12. An encryption key generator in electrical communication with a host system, which comprises:
- an I/O interface means in electrical communication with said host system and receiving command sequences from said host system;
  
  interrupt control means in electrical communication with said I/O interface means for issuing an interrupt signal upon receipt of said command sequences;
  
  a ROM in electrical communication with said I/O interface means and having stored therein operating firmware, a bit-shuffle computer program, and a secure hash computer program;
  
  a RAM in electrical communication with said I/O interface means and said ROM for storing a current E-Key Seed and a constant value;
  
  an EEPROM in electrical communication with said I/O interface means, said ROM, and said RAM, for storing said E-Key Seed and said constant value; and
  
  a CPU in electrical communication with said interrupt control, said I/O interface means, said ROM, said RAM, and said EEPROM for executing said bit-shuffle computer program to combine said constant value and said E-Key Seed in a first many-to-few bit mapping, for executing said secure hash algorithm to produce a message digest in a second many-to-few bit mapping, and for extracting a pseudo-random symmetric, encryption key from said message digest and storing said encryption key in said EEPROM.
- View Dependent Claims (26)
- - 26. The system of claim 12, wherein said pseudo-random, symmetric encryption key also is deterministic and non-predictable.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
RPX Corporation
Original Assignee
The PacID Group, LLC (Marathon Patent Group, Inc.)
Inventors
Alito, Paul N, Fielder, Guy L
Primary Examiner(s)
CANGIALOSI, SALVATORE A

Application Number

US09/221,421
Time in Patent Office

281 Days
Field of Search

380/4, 380/21, 380/25, 380/30, 380/44, 380/28
US Class Current

380/259
CPC Class Codes

H04L 9/0643 Hash functions, e.g. MD5, S...

H04L 9/0869 involving random numbers or...

Secure deterministic encryption key generator system and method

First Claim

2 Assignments

Litigations

0 Petitions

Accused Products

Abstract

184 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Secure deterministic encryption key generator system and method

First Claim

2 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

184 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links