Cryptographic access and labeling system

US 6,011,847 A
Filed: 06/01/1995
Issued: 01/04/2000
Est. Priority Date: 06/01/1995
Status: Expired due to Term

First Claim

Patent Images

1. A cryptographic system which encrypts and decrypts a message of digital information having a trailer in which a plurality of labels are located so as to be individually retrievable, said cryptographic system comprising:

a data key storage means for retrievably storing a data key;

a label storing means for individually, retrievably storing a plurality of labels, each label containing rational information relevant to the message;

an input means for providing an input passphrase from a user, said passphrase comprising at least one password;

a communicating element which manipulates, stores and retrieves the message;

a data base containing a plurality of label strings and a plurality of corresponding weighting factors;

a program which directs the operation of said communicating element, said program having a plurality of instruction sets including;

an instruction set for directing said communicating element to retrieve said data key from said data key storage means,an instruction set for directing said communicating element to receive said input passphrase,an instruction set for directing said communicating element to use said data key and said input passphrase to determine if the user should be granted access to further parts of the program,an instruction set for directing said communicating element to manipulate said data key and said input passphrase to generate a vector which is called the "gamma vector" herein,an instruction set for creating a plurality of separately encrypted, identifiable and addressable, and concatenated labels, each label having a known number of bytes;

an instruction set for directing said communicating element to utilize said gamma vector for encrypting each label,an instruction set for attaching said plurality of encrypted labels at a known location as a message trailer to said message;

said attaching instruction set including a subset of instruction permitting a user of said cryptographics system to access said data base and to select a label string depending upon the corresponding weighting factors;

an instruction set, for locating the encrypted labels in an encrypted message trailer, and for retrievably storing each label;

an instruction set for directing said communicating element to utilize said gamma vector for decrypting each label,an instruction set for directing said communicating element to use two of said plurality of labels and said gamma vector to generate a message key, andan instruction set for directing said communicating element to use said message key with an encryption/decryption algorithm to encrypt and decrypt the message; and

an expert system means for evaluating said weighting factors of the user selected label strings to determine if the combination of selected label strings is a permitted combination.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An integrated, modular computer program system provides for the encryption and decryption of files utilizing conventional encryption algorithms and a relational key generated by the system. The computer program system also generates a series of labels that are encrypted and appended as a trailer to the encrypted message. The encrypted labels provide a history behind the particular encryption and they can be individually selected, separated, and decrypted from the total file. A rule based expert system is utilized as an intelligent label selection system to minimize message sensitivity. An access control module permits a user with a preassigned passphrase to have access to the encryption or decryption portion of the program by comparing a generated vector or key with a partially decrypted version of a second vector or key stored on a portable storage medium such as a floppy disk. If successful, the access control module creates a main key that is then used throughout the remainder of the program to encrypt or decrypt the labels. Part of the encryption or decryption process utilizes an internal, reproducible, but not reversible scrambling subroutine in which the bytes of an initializing vector are successively Exclusive ORed with one another and then the result concatenated to the initializing vector until all of the bytes have been so treated, and then the process repeated an integral number of times depending upon an input variable called a spinup number.

172 Citations

8 Claims

1. A cryptographic system which encrypts and decrypts a message of digital information having a trailer in which a plurality of labels are located so as to be individually retrievable, said cryptographic system comprising:
- a data key storage means for retrievably storing a data key;
  
  a label storing means for individually, retrievably storing a plurality of labels, each label containing rational information relevant to the message;
  
  an input means for providing an input passphrase from a user, said passphrase comprising at least one password;
  
  a communicating element which manipulates, stores and retrieves the message;
  
  a data base containing a plurality of label strings and a plurality of corresponding weighting factors;
  
  a program which directs the operation of said communicating element, said program having a plurality of instruction sets including;
  
  an instruction set for directing said communicating element to retrieve said data key from said data key storage means,an instruction set for directing said communicating element to receive said input passphrase,an instruction set for directing said communicating element to use said data key and said input passphrase to determine if the user should be granted access to further parts of the program,an instruction set for directing said communicating element to manipulate said data key and said input passphrase to generate a vector which is called the "gamma vector" herein,an instruction set for creating a plurality of separately encrypted, identifiable and addressable, and concatenated labels, each label having a known number of bytes;
  
  an instruction set for directing said communicating element to utilize said gamma vector for encrypting each label,an instruction set for attaching said plurality of encrypted labels at a known location as a message trailer to said message;
  
  said attaching instruction set including a subset of instruction permitting a user of said cryptographics system to access said data base and to select a label string depending upon the corresponding weighting factors;
  
  an instruction set, for locating the encrypted labels in an encrypted message trailer, and for retrievably storing each label;
  
  an instruction set for directing said communicating element to utilize said gamma vector for decrypting each label,an instruction set for directing said communicating element to use two of said plurality of labels and said gamma vector to generate a message key, andan instruction set for directing said communicating element to use said message key with an encryption/decryption algorithm to encrypt and decrypt the message; and
  
  an expert system means for evaluating said weighting factors of the user selected label strings to determine if the combination of selected label strings is a permitted combination.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A cryptographic system as claimed in claim 1 wherein said computer program further comprises an instruction set for rekeying at least one variable in said program, said rekeyed variable being used to encrypt at least one of said labels and said data key.
  - 3. A cryptographic system as claimed in claim 1 wherein said communicating element is a computer and said program is a computer program that can be run by said computer.
  - 4. A cryptographic system as claimed in claim 1 wherein said program instruction set that generates said gamma vector includes a subset of instructions that provide said gamma vector only if access is granted to the user.
  - 5. A cryptographic system as claimed in claim 1 wherein said instruction set for manipulating said data key and said passphrase to generate said gamma vector includes a randomizer subset of instructions that provide an initializing vector, that has a plurality of bits, in a shift register means and provide a spinup number, and which enter digital data to be manipulated into one end of the shift register means, take two of said bits in said shift register and exclusive OR them together, and then load a product of the exclusive OR'"'"'d product in said one shift register end shifting all of the numbers in the shift register, and then repeating the loading of said one shift register end a predetermined number of times equal to a factor of said spinup number.
  - 6. A cryptographic system as claimed in claim 1,wherein said instruction set for manipulating said data key and said passphrase to generate said gamma vector includes subsets of instructions that result in the independent initialization and validation of said input passphrase, said subsets of instructions includinga first subset of instruction that receive and manipulate said input passphrase with at least a first internal vector to produce a manipulated passphrase, anda second subset of instructions that combine said manipulated passphrase with a first data key to produce a resulting first product vector;
    - wherein said instruction set for manipulating said data key and said passphrase to generate said gamma vector includes a subset of instructions that result in the independent generation of a second product vector, said subset of instructions includinga third subset of instructions that independently receive and manipulate a second data key with at least a second internal vector that is different from said first internal vector to produce a second product vector with the result that said second product vector has been independently generated; and
      
      wherein said instruction set for manipulating said data key and said passphrase to generate said gamma vector includes a subset of instructions that result in an interdependent verification and validation of said gamma vector, said subset of instructions includinga fourth subset of instructions that compare said first and second product vector and upon a favorable comparison provide said global vector with a result that said gamma vector has been validated by an interdependent verification.
  - 7. A cryptographic system as claimed in claim 1,wherein there are a first and a second data key;
    - wherein said instruction set for manipulating said data key and said passphrase to generate said gamma a vector manipulates two data keys to generate said gamma vector; and
      
      wherein said instruction set for manipulating said data key and said passphrase to generate said gamma vector further includes;
      
      a first subset of instructions that utilize said first data key and a first internal initialization vector to generate a first generated key,a second subset of instructions that utilize said second data key and a second internal initialization vector to generate a second generated key, said first and second internal initialization vectors being different from each other, andthird subset of instructions that compare said first and second generated key and if the same grant access to a plurality of other parts of said cryptographic system.
  - 8. A cryptographic system as claimed in claim 1 wherein said instruction set for directing said communicating element to utilize said gamma vector for encrypting each label utilize a subset of instructions which select and permutate a rational label.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Keybyte Technologies Incorporated
Original Assignee
Keybyte Technologies Incorporated
Inventors
Follendore, Roy D. III
Primary Examiner(s)
Hayes, Gail O.
Assistant Examiner(s)
SAYADIAN, HRAYR

Application Number

US08/457,489
Time in Patent Office

1,678 Days
Field of Search

380/4, 380/21, 380/25, 380/49, 380/50
US Class Current

713/160
CPC Class Codes

G06F 21/6209 to a single file or object,...

G06F 2211/007 Encryption, En-/decode, En-...

Cryptographic access and labeling system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

172 Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Cryptographic access and labeling system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

172 Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links