Method for secure key distribution over a nonsecure communications network
First Claim
1. A method of secure key distribution on a nonsecure network, comprising the steps of:
- securely transmitting a password generated by a Subscriber to a Provider over said network, said password not being known to said Provider prior to said transmission; and
using a method dependent upon said password to securely transfer a decryption key from said Provider to said Subscriber over said network, said password dependent method exploiting the similarities and differences between said password and said decryption key, said decryption key being usable by said Subscriber to securely decrypt subsequent messages encrypted by said Provider and transmitted over said network.
1 Assignment
0 Petitions
Accused Products
Abstract
In response to an inquiry by an unsophisticated Subscriber over a nonsecure network, a Provider returns a public key and retains the corresponding private key. The Subscriber encrypts a password using the public key, which is decrypted by the Provider. The password is then used to securely transfer to the Subscriber a key determined by the Provider, thereby enabling the Subscriber to decrypt messages encrypted by the Provider and transmitted over the nonsecure network. This password dependent secure transmission of a key to an unsophisticated Subscriber may be accomplished by several methods, including hashing, key lookup, Wizard protocol, and Warlock procedure. In each method the password is used by the Subscriber and the Provider in correlated operations ending in secure receipt by the Subscriber of a key determined by the Provider.
81 Citations
20 Claims
-
1. A method of secure key distribution on a nonsecure network, comprising the steps of:
-
securely transmitting a password generated by a Subscriber to a Provider over said network, said password not being known to said Provider prior to said transmission; and using a method dependent upon said password to securely transfer a decryption key from said Provider to said Subscriber over said network, said password dependent method exploiting the similarities and differences between said password and said decryption key, said decryption key being usable by said Subscriber to securely decrypt subsequent messages encrypted by said Provider and transmitted over said network. - View Dependent Claims (2, 3, 4, 9, 11, 13, 15, 16, 17)
-
-
5. An apparatus for secure key distribution on a nonsecure network, comprising:
-
means for securely transmitting a password generated by a Subscriber to a Provider over said network, said password not being known to said Provider prior to said transmission; and password dependent means for securely transferring a decryption key from said Provider to said Subscriber over said network, said password dependent means exploiting the similarities and differences between the password and the decryption key, said decryption key being usable by said Subscriber to securely decrypt subsequent messages encrypted by said Provider and transmitted over said network. - View Dependent Claims (6, 7, 8, 10, 12, 14, 18, 19, 20)
-
Specification