Group key distribution
First Claim
1. A method for distributing a secret key K from a key holder to a group member, comprising the steps of:
- the group member encrypting a code Rm to form an encrypted code Rme ;
the group member providing said encrypted code Rme and an authentication-M to said key holder;
the key holder decrypting said encrypted code Rme to acquire said code Rm ;
the key holder verifying said authentication-M;
the key holder using said secret key K and said code Rm as inputs to a reversible function to generate a code Rh ;
the key holder encrypting said code Rh to form an encrypted code Rhe ;
the key holder providing said code Rhe and an authentication-H to the group member;
the group member decrypting said encrypted code Rhe to acquire said code Rh ;
the group member verifying said authentication-H; and
the group member deriving said secret key K having said code Rh and said code Rm as inputs to the reversible function.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for distributing a secret key from a key holder H to intended group members M. The method assumes that during the distribution process each party, a group member M and the key holder H, can decrypt and encrypt exchanged information such that the encrypter knows that the decrypter will be the intended party. The method preferably uses a public key/private key encryption technique in which, for example, a trusted Certificate Authority in a public key infrastructure signs the certificates to provide the public keys involved in the encryption. Alternatively, the method, together with a symmetric cipher, uses a shared secret, established in an authenticated mechanism that is outside the information exchanges of the invention. Additionally, the method uses a strong mixing function that takes several items of data as input and produces a pseudo-random authentication (or digest). Inputs to the mixing function include identity stamps that are generated by each member M and key holder H. These inputs can be the identity of the stamp generator, such as a network address, port, or protocol, a timestamp, and/or a secret value that is known only to the stamp generator. The stamps include information to bind member M if generated by key holder H, and to bind key holder H if generated by member M. Consequently, the invention authenticates each communication exchange between member M and key holder H.
202 Citations
45 Claims
-
1. A method for distributing a secret key K from a key holder to a group member, comprising the steps of:
-
the group member encrypting a code Rm to form an encrypted code Rme ; the group member providing said encrypted code Rme and an authentication-M to said key holder; the key holder decrypting said encrypted code Rme to acquire said code Rm ; the key holder verifying said authentication-M; the key holder using said secret key K and said code Rm as inputs to a reversible function to generate a code Rh ; the key holder encrypting said code Rh to form an encrypted code Rhe ; the key holder providing said code Rhe and an authentication-H to the group member; the group member decrypting said encrypted code Rhe to acquire said code Rh ; the group member verifying said authentication-H; and the group member deriving said secret key K having said code Rh and said code Rm as inputs to the reversible function. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method for distributing a secret key K from a key holder to a group member, comprising the steps of:
-
the group member encrypting a code Rm to form an encrypted code Rm ; the group member signing an authentication-M to form a signature Sm ; the group member providing said encrypted code Rme and said signature Sm to the key holder; the key holder decrypting said encrypted code Rme to acquire said code Rm ; the key holder verifying said signature Sm and said authentication-M; the key holder using said secret key K and said code Rm as inputs to a reversible function to generate a code Rh ; the key holder providing said code Rh and an authentication-H to the group member; the group member verifying said authentication-H; and the group member deriving said secret key K having said code Rh and said code Rm as inputs to the reversible function. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A computer-readable medium embodying instructions for causing a device to perform a distribution of a secret key K from a key holder to a group member, said distribution comprising the steps of:
-
the group member encrypting a code Rm to form an encrypted code Rme ; the group member providing said encrypted code Rme and an authentication-M to said key holder; the key holder decrypting said encrypted code Rme to acquire said code Rm ; the key holder verifying said authentication-M; the key holder using said secret key K and said code Rm as inputs to a reversible function to generate a code Rh ; the key holder encrypting said code Rh to form an encrypted code Rhe ; the key holder providing said code Rhe and an authentication-H to the group member; the group member decrypting said encrypted code Rhe to acquire said code Rh ; the group member verifying said authentication-H; and the group member deriving said secret key K having said code Rh and said code Rm as inputs to the reversible function. - View Dependent Claims (37, 38)
-
-
39. A computer system for distributing a secret key K from a key holder to a group member, comprising:
-
means for the group member to encrypt a code Rm to form an encrypted code Rme ; means for the group member to provide said encrypted code Rme, and an authentication-M to said key holder; means for the key holder to decrypt said encrypted code Rme to acquire said code Rm ; means for the key holder to verify said authentication-M; means for the key holder to use said secret key K and said code Rm as inputs to a reversible function to generate a code Rh ; means for the key holder to encrypt said code Rh to form an encrypted code Rhe ; means for the key holder to provide said code Rhe, and an authentication-H to the group member; means for the group member to decrypt said encrypted code Rhe to acquire said code Rh ; means for the group member to verify said authentication-H; and means for the group member to derive said secret key K having said code Rh and said code Rm as inputs to the reversible function. - View Dependent Claims (40, 41)
-
-
42. A computer-readable medium embodying instructions for causing a device to perform a distribution of a secret key K from a key holder to a group member, said distribution comprising the steps of:
-
the group member encrypting a code Rm to form an encrypted code Rme ; the group member signing an authentication-M to form a signature Sm ; the group member providing said encrypted code Rme and said signature Sm to the key holder; the key holder decrypting said encrypted code Rme to acquire said code Rm ; the key holder verifying said signature Sm and said authentication-M; the key holder using said secret key K and said code Rm as inputs to a reversible function to generate a code Rh ; the key holder providing said code Rh and an authentication-H to the group member; the group member verifying said authentication-H; and the group member deriving said secret key K having said code Rh and said code Rm as inputs to the reversible function. - View Dependent Claims (43)
-
-
44. A computer system for distributing a secret key K from a key holder to a group member, comprising:
-
means for the group member to encrypt a code Rm to form an encrypted code Rme ; means for the group member to sign an authentication-M to form a signature Sm ; means for the group member to provide said encrypted code Rme and said signature Sm to the key holder; means for the key holder to decrypt said encrypted code Rme to acquire said code Rm ; means for the key holder to verify said signature Sm and said authentication-M; means for the key holder to use said secret key K and said code Rm as inputs to a reversible function to generate a code Rh ; means for the key holder to provide said code Rh and an authentication-H to the group member; means for the group member to verify said authentication-H; and means for the group member to derive said secret key K having said number Rh and said Rm as inputs to the reversible function. - View Dependent Claims (45)
-
Specification