Secret key transfer method which is highly secure and can restrict the damage caused when the secret key is leaked or decoded

US 6,160,890 A
Filed: 12/22/1999
Issued: 12/12/2000
Est. Priority Date: 10/31/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method of securing the transmission of information that is encrypted in a transmission apparatus and transferred to be decrypted in a reception apparatus, comprising the steps of:

storing a plurality of secret keys in the transmission apparatus and the reception apparatus;

selecting one of the secret keys from the plurality of stored secret keys in the transmission apparatus;

generating a message;

encrypting the message with a first encryption algorithm using the selected secret key as an encryption key to produce a first cryptogram;

encrypting the message with a second encryption algorithm using the message as an encryption key to produce a second cryptogram;

transmitting the first cryptogram and the second cryptogram to the reception apparatus;

decrypting the first cryptogram with a first secret key stored in the reception apparatus used as a decryption key to provide a first decrypted data;

decrypting the second cryptogram with the first decrypted data of the first cryptogram used as a decryption key to provide a second decrypted data;

comparing the first and second decrypted data to determine if they match and when they match, the secret key selected in the transmission apparatus is authenticated; and

repeating the decrypting of the first cryptogram with successive stored secret keys and comparing the successive decrypted data until a match occurs, whereby upon completion of the comparing step a final determination of the use of an authenticated secret key can be made.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A transmission apparatus 100 includes a secret key storage unit 103 that stores three secret keys K1, K2 and K3, a secret key selection unit 104 that selects one secret key Ks from the secret keys, a message generation unit 106 for generating a message M used as a carrier for indicating a secret key, an encryption module 105 for generating a cryptogram Ca by encrypting the generated message M using the secret key Ks, an encryption module 107 for generating a cryptogram Cm by encrypting the message M using the message M itself as the secret key, and two transmission units 111 and 112 for transmitting the cryptograms Ca and Cm to the reception apparatus 200 to indicate the selected secret key Ks. The reception apparatus 200 includes a decryption module, such as 221, for generating decrypted data Mi by decrypting the cryptogram Ca using a secret key Ki out of the three secret keys, and a decryption module, such as 222, for generating decrypted data Mii by decrypting the cryptogram Cm using the decrypted data Mi, and authorizes that the secret key Ki has been selected when the decrypted data Mi matches the decrypted data Mii.

24 Citations

View as Search Results

19 Claims

1. A method of securing the transmission of information that is encrypted in a transmission apparatus and transferred to be decrypted in a reception apparatus, comprising the steps of:
- storing a plurality of secret keys in the transmission apparatus and the reception apparatus;
  
  selecting one of the secret keys from the plurality of stored secret keys in the transmission apparatus;
  
  generating a message;
  
  encrypting the message with a first encryption algorithm using the selected secret key as an encryption key to produce a first cryptogram;
  
  encrypting the message with a second encryption algorithm using the message as an encryption key to produce a second cryptogram;
  
  transmitting the first cryptogram and the second cryptogram to the reception apparatus;
  
  decrypting the first cryptogram with a first secret key stored in the reception apparatus used as a decryption key to provide a first decrypted data;
  
  decrypting the second cryptogram with the first decrypted data of the first cryptogram used as a decryption key to provide a second decrypted data;
  
  comparing the first and second decrypted data to determine if they match and when they match, the secret key selected in the transmission apparatus is authenticated; and
  
  repeating the decrypting of the first cryptogram with successive stored secret keys and comparing the successive decrypted data until a match occurs, whereby upon completion of the comparing step a final determination of the use of an authenticated secret key can be made.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the generated message is a random number.
  - 3. The method of claim 1 further including confirming that the first and second cryptograms are acceptable, for the purpose of enabling the comparing step in the reception apparatus, before transmitting them to the reception apparatus.
  - 4. The method of claim 3, wherein the confirming step includes successively reading one secret key at a time, aside from the secret key selected from the plurality of secret keys stored and using the read secret key as a decryption key to decrypt the first cryptogram according to a first decryption algorithm to produce a third set of decrypted data;
    - generating a third cryptogram by encrypting the third set of decrypted data according to the second encryption algorithm using the third set of decrypted data as an encryption key; and
      
      comparing the second cryptogram with the third cryptogram based on each read secret key, for judging that the first cryptogram and the second cryptogram are suitable when none of the third cryptograms matches the second cryptogram, and for judging that the first cryptogram and the second cryptogram are not suitable when at least one of the third cryptograms matches the second cryptogram.
  - 5. The method of claim 4 further including,storing transfer data that is to be transferred to the reception apparatusencrypting the transfer data stored according to a third encryption algorithm using the secret key selected as an encryption key to produce a fourth cryptogram,wherein the fourth cryptogram together with the first cryptogram and the second cryptogram is transferred to the reception apparatus;
    - anddecrypting the fourth cryptogram according to a third decryption algorithm using the secret key authorized by the comparing step to restore the transfer data, wherein the third decryption algorithm is an inverse transformation of the third encryption algorithm.
  - 6. The method of claim 3, wherein the confirming steps includessuccessively reading one secret key at a time, aside from the secret key selected, from the plurality of secret keys stored and using the read secret key as a decryption key to decrypt the first cryptogram according to a first decryption algorithm to produce a third set of decrypted data;
    - decrypting the second cryptogram according to a second decryption algorithm using the third set of decrypted data as a decryption key to produce a fourth set of decrypted data; and
      
      comparing the third set of decrypted data and the fourth set of decrypted data, for judging that the first cryptogram and the second cryptogram are suitable when the third set of decrypted data does not match the fourth set of decrypted data for any of the read secret keys, and for judging that the first cryptogram and the second cryptogram are not suitable when the third set of decrypted data matches the fourth set of decrypted data for at least one of the read secret keys.
  - 7. The method of claim 6 further including,storing transfer data that is to be transferred to the reception apparatus;
    - encrypting the transfer data stored according to a third encryption algorithm using the secret key selected as an encryption key to produce a third cryptogram,wherein the third cryptogram together with the first cryptogram and the second cryptogram is transferred to the reception apparatus; and
      
      decrypting the third cryptogram according to a fifth decryption algorithm using the secret key authorized by the comparing step to restore the transfer data, wherein the fifth decryption algorithm is an inverse transformation of the third encryption algorithm.

8. A secret key transmission method, used in a secret key transfer method in which one secret key selected out of a plurality of secret keys is transferred,the secret key transmission method comprising:
- a secret key selecting step for selecting and reading one secret key out of the plurality of secret keys stored in a secret key storing unit which prestores the plurality of secret keys;
  
  a message generating step for generating a message;
  
  a first encrypting step for encrypting the message according to a first encryption algorithm using the secret key selected in the secret key selecting step as an encryption key to produce a first cryptogram;
  
  a second encrypting step for encrypting the message according to a second encryption algorithm using the message as an encryption key to produce a second cryptogram; and
  
  a transferring step for transferring the first cryptogram and the second cryptogram.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The secret key transmission method of claim 8, further comprising:
    - a cryptogram suitability confirming step for confirming that the first cryptogram and the second cryptogram are suitable cryptograms which ensure that an authorization is performed correctly, for allowing the transferring step to transfer the first cryptogram and the second cryptogram when the first cryptogram and the second cryptogram are confirmed as suitable, and for having the message generating step generate a new message, the first encrypting step repeats the encrypting and the second encrypting step repeats the encrypting when the first cryptogram and the second cryptogram are not confirmed as suitable.
  - 10. The secret key transmission method of claim 9,wherein the cryptogram suitability confirming step includes:
    - a first decrypting sub-step for successively reading one secret key at a time, aside from the secret key selected in the secret key selecting step, from the plurality of secret keys stored in the secret key storing unit and using the read secret key as a decryption key to decrypt the first cryptogram according to a first decryption algorithm to produce a first set of decrypted data, wherein the first decryption algorithm is an inverse transformation of the first encryption algorithm;
      
      a first encrypting control sub-step for controlling the second encrypting step to generate a third cryptogram by encrypting the third set of decrypted data according to the second encryption algorithm using the third set of decrypted data as an encryption key; and
      
      a comparing sub-step for comparing the second cryptogram with a third cryptogram generated based on each read secret key, for judging that the first cryptogram and the second cryptogram are suitable when none of the third cryptograms match the second cryptogram, and for judging that the first cryptogram and the second cryptogram are not suitable when at least one of the third cryptograms matches the second cryptogram.
  - 11. The secret key transmission method of claim 10, further comprising:
    - a third encrypting step for encrypting transfer data stored in a transfer data storing unit according to a third encryption algorithm using the secret key selected in the secret key selecting step as an encryption key to produce a fourth cryptogram;
      
      wherein in the transferring step, the fourth cryptogram is transferred together with the first cryptogram and the second cryptogram.
  - 12. The secret key transmission method of claim 9,wherein the cryptogram suitability confirming step includes:
    - a first decrypting sub-step for successively reading one secret key at a time, aside from the secret key selected in the secret key selecting step, from the plurality of secret keys stored in the secret key storing unit and using the read secret key as a decryption key to decrypt the first cryptogram according to a first decryption algorithm to produce a first set of decrypted data, wherein the first decryption algorithm is an inverse transformation of the first encryption algorithm;
      
      a second decrypting sub-step for decrypting the second cryptogram according to a second decryption algorithm using the first set of decrypted data as a decryption key to produce a second set of decrypted data, wherein the second decryption algorithm is an inverse transformation of the second encryption algorithm; and
      
      a comparing sub-step for comparing the first set of decrypted data and the second set of decrypted data, for judging that the first cryptogram and the second cryptogram are suitable when the first cryptogram does not match the second cryptogram for any of the read secret keys, and for judging that the first cryptogram and the second cryptogram are not suitable when the first cryptogram matches the second cryptogram for at least one of the read secret keys.
  - 13. The secret key transmission method of claim 12, further comprising:
    - a third encrypting step for encrypting transfer data stored in a transfer data storing unit according to a third encryption algorithm using the secret key selected in the secret key selecting step as an encryption key to produce a third cryptogram;
      
      wherein in the transferring step, the third cryptogram is transferred together with the first cryptogram and the second cryptogram.

14. A secret key reception method, used in a secret key transfer method in which one secret key selected out of a plurality of secret keys is transferred,the secret key reception method comprising:
- a reception step for receiving a first cryptogram and a second cryptogram;
  
  a first decrypting step for decrypting the received first cryptogram according to a first decryption algorithm using one secret key selected from a plurality of secret keys stored in a secret key storing unit, which prestores the plurality of secret keys, as a decryption key to produce a first set of decrypted data, wherein the first decryption algorithm is an inverse transformation of a first encryption algorithm that was used to encrypt the first cryptogram;
  
  a second decrypting step for decrypting the received second cryptogram according to a second decryption algorithm using the first set of decrypted data as a decryption key to produce a second set of decrypted data, wherein the second decryption algorithm is an inverse transformation of a second encryption algorithm that was used to encrypt the second cryptogram;
  
  ajudging step for judging whether the first set of decrypted data matches the second set of decrypted data and, when the sets of decrypted data match, for authorizing that the secret key used in the first decryption step is a secret key selected and transmitted; and
  
  a repetition control step for having a decryption in the first decrypting step, a decryption in the second decrypting step, and a judging and an authorizing in the judging step repeated for each of the plurality of secret keys in the secret key storing unit.
- View Dependent Claims (15)
- - 15. The secret key reception method of claim 14,wherein in the reception step, a third cryptogram is received together with the first cryptogram and the second cryptogram, the third cryptogram having been generated by encrypting transfer data according to a third encryption algorithm using the selected key as an encryption key,the secret key reception method further comprising:
    - a third decrypting step for decrypting the third cryptogram according to a third decryption algorithm using the secret key authorized in the judging step to restore the transfer data, wherein the third decryption algorithm is an inverse transformation of the third encryption algorithm.

16. A computer program embodied on computer-readable medium for transmitting one secret key selected out of a plurality of secret keys,the computer program comprising:
- a secret key selecting step for selecting and reading one secret key out of the plurality of secret keys stored in a secret key storing unit which prestores the plurality of secret keys;
  
  a message generating step for generating a message;
  
  a first encrypting step for encrypting the message according to a first encryption algorithm using the secret key selected in the secret key selecting step as an encryption key to produce a first cryptogram;
  
  a second encrypting step for encrypting the message according to a second encryption algorithm using the message as an encryption key to produce a second cryptogram; and
  
  a transferring step for transferring the first cryptogram and the second cryptogram.

17. A computer program embodied on computer-readable medium for receiving one secret key selected out of a plurality of secret keys in a secret key transfer system,the computer program comprising:
- a reception step for receiving a first cryptogram and a second cryptogram;
  
  a first decrypting step for decrypting the received first cryptogram according to a first decryption algorithm using one secret key selected from a plurality of secret keys stored in a secret key storing unit, which prestores the plurality of secret keys, as a decryption key to produce a first set of decrypted data, wherein the first decryption algorithm is an inverse transformation of a first encryption algorithm that was used to encrypt the first cryptogram;
  
  a second decrypting step for decrypting the received second cryptogram according to a second decryption algorithm using the first set of decrypted data as a decryption key to produce a second set of decrypted data, wherein the second decryption algorithm is an inverse transformation of a second encryption algorithm that was used to encrypt the second cryptogram;
  
  ajudging step for judging whether the first set of decrypted data matches the second set of decrypted data and, when the sets of decrypted data match, for authorizing that the secret key used in the first decryption step is a secret key selected and transmitted; and
  
  a repetition control step for having a decryption in the first decrypting step, a decryption in the second decrypting step, and a judging and an authorizing in the judging step repeated for each of the plurality of secret keys in the secret key storing unit.

18. A computer data signal embodied in a carrier wave including a program for transmitting one secret key selected out of a plurality of secret keys,the program comprising:
- a secret key selecting step for selecting and reading one secret key out of the plurality of secret keys stored in a secret key storing unit which prestores the plurality of secret keys;
  
  a message generating step for generating a message;
  
  a first encrypting step for encrypting the message according to a first encryption algorithm using the secret key selected in the secret key selecting step as an encryption key to produce a first cryptogram;
  
  a second encrypting step for encrypting the message according to a second encryption algorithm using the message as an encryption key to produce a second cryptogram; and
  
  a transferring step for transferring the first cryptogram and the second cryptogram.

19. A computer data signal embodied in a carrier wave including a program for receiving one secret key selected out of a plurality of secret keys in a secret key transfer system,the program comprising:
- a reception step for receiving a first cryptogram and a second cryptogram;
  
  a first decrypting step for decrypting the received first cryptogram according to a first decryption algorithm using one secret key selected from a plurality of secret keys stored in a secret key storing unit, which prestores the plurality of secret keys, as a decryption key to produce a first set of decrypted data, wherein the first decryption algorithm is an inverse transformation of a first encryption algorithm that was used to encrypt the first cryptogram;
  
  a second decrypting step for decrypting the received second cryptogram according to a second decryption algorithm using the first set of decrypted data as a decryption key to produce a second set of decrypted data, wherein the second decryption algorithm is an inverse transformation of a second encryption algorithm that was used to encrypt the second cryptogram;
  
  a judging step for judging whether the first set of decrypted data matches the second set of decrypted data and, when the sets of decrypted data match, for authorizing that the secret key used in the first decryption step is a secret key selected and transmitted; and
  
  a repetition control step for having a decryption in the first decryption step, a decryption in the second decrypting step, and a judging and an authorizing in the judging step repeated for each of the plurality of secret keys in the secret key storing unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Matsushita Electric Industrial Company Limited (Panasonic Holdings Corporation), Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Matsushita Electric Industrial Company Limited (Panasonic Holdings Corporation), Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
Tatebayashi, Makoto, Ohmori, Motoji, Kato, Takehisa, Hirayama, Koichi, Endoh, Naoki
Primary Examiner(s)
Swann, Tod R.
Assistant Examiner(s)
KABAKOFF, STEPHEN ERIC

Application Number

US09/470,250
Time in Patent Office

356 Days
Field of Search

380/283, 380/284, 380/277, 380/278, 380/281
US Class Current

380/277
CPC Class Codes

H04L 9/0838   Key agreement, i.e. key est...

H04L 9/0891   Revocation or update of sec...

H04N 21/63345   by transmitting keys key di...

H04N 7/1675   Providing digital key or au...

Secret key transfer method which is highly secure and can restrict the damage caused when the secret key is leaked or decoded

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

24 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Secret key transfer method which is highly secure and can restrict the damage caused when the secret key is leaked or decoded

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links