Method for secure key distribution over a nonsecure communications network
First Claim
1. A method of secure key distribution on a nonsecure network, comprising the steps of:
- securely transmitting a password generated by a Subscriber to a Provider over said network, said Subscriber not possessing sufficient computational facility to create a secure crypto-key; and
using a method dependent upon said password to securely transfer a decryption key from said Provider to said Subscriber over said network, said decryption key being usable by said Subscriber to securely decrypt subsequent messages encrypted by said Provider and transmitted over said network,wherein said password dependent method comprises the steps of;
Provider transmission of a table of private keys and a lookup algorithm to said Subscriber over said network;
Subscriber selection of a selected private key from said table using said password as a parameter in said lookup algorithm;
Provider selection of a selected public key from a table of public keys corresponding to said table of private keys, using said password as a parameter in said lookup algorithm;
Provider encryption of said decryption key using said selected public key; and
Subscriber decryption of said decryption key using said selected private key.
1 Assignment
0 Petitions
Accused Products
Abstract
In response to an inquiry by an unsophisticated Subscriber over a nonsecure network, a Provider returns a public key and retains the corresponding private key. The Subscriber encrypts a password using the public key, which is decrypted by the Provider. The password is then used to securely transfer to the Subscriber a key determined by the Provider, thereby enabling the Subscriber to decrypt messages encrypted by the Provider and transmitted over the nonsecure network. This password dependent secure transmission of a key to an unsophisticated Subscriber may be accomplished by several methods, including hashing, key lookup, and Wizard protocol. In each method the password is used by the Subscriber and the Provider in correlated operations ending in secure receipt by the Subscriber of a key determined by the Provider.
39 Citations
4 Claims
-
1. A method of secure key distribution on a nonsecure network, comprising the steps of:
-
securely transmitting a password generated by a Subscriber to a Provider over said network, said Subscriber not possessing sufficient computational facility to create a secure crypto-key; and using a method dependent upon said password to securely transfer a decryption key from said Provider to said Subscriber over said network, said decryption key being usable by said Subscriber to securely decrypt subsequent messages encrypted by said Provider and transmitted over said network, wherein said password dependent method comprises the steps of; Provider transmission of a table of private keys and a lookup algorithm to said Subscriber over said network; Subscriber selection of a selected private key from said table using said password as a parameter in said lookup algorithm; Provider selection of a selected public key from a table of public keys corresponding to said table of private keys, using said password as a parameter in said lookup algorithm; Provider encryption of said decryption key using said selected public key; and Subscriber decryption of said decryption key using said selected private key. - View Dependent Claims (2)
-
-
3. An apparatus for secure key distribution on a nonsecure network, comprising:
-
means for securely transmitting a password generated by a Subscriber to a Provider over said network, said Subscriber not possessing sufficient computational facility to create a secure crypto-key; and password dependent means for securely transferring a decryption key from said Provider to said Subscriber over said network, said decryption key being usable by said Subscriber to securely decrypt subsequent messages encrypted by said Provider and transmitted over said network, wherein said password dependent means comprises; means for Provider transmission of a table of private keys and a lookup algorithm to said Subscriber over said network; means for Subscriber selection of a selected private key from said table using said password as a parameter in said lookup algorithm; means for Provider selection of a selected public key from a table of public keys corresponding to said table of private keys, using said password as a parameter in said lookup algorithm; means for Provider encryption of said decryption key using said selected public key; and means for Subscriber decryption of said decryption key using said selected private key. - View Dependent Claims (4)
-
Specification