Method for implementing a private-key communication protocol between two processing devices
First Claim
Patent Images
1. A process for implementing a secret key protocol between first and second processing devices (Aj, Ak) wherein each device includes a digital processing circuit to perform modular calculations, comprising the steps of:
- implementing in said processing circuit a secret key enciphering function composed of a sequence of reversable operations comprising at least the combination of two operations, one of the modular calculation type and the other in binary logic, applying said function either to outgoing messages to encipher them, or to incoming messages to decipher them, effecting in said digital processing circuit a dividing of said messages (m) into blocks (x) of N bits prior to said applying step and then processing said divided message in accordance with said applied functions, and said sequence of operations comprises at least a combination of two operations, one of which is a permutation using modular multiplication and the other an OR-exclusive logic operation, this combination being defined by a secret-key enciphering function f such that;
f(x)=(x⊕
K2)*K1 mod n wherein;
x represents a block of N bits of the message, K1 and K2 represent a first and a second secret key over N bits, n is an odd number of N bits, ⊕
is an exclusive OR operation., * is a multiplication modulo n operation.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for implementing private key protocols between two processing devices of which at least one is a portable storage medium. The devices are fitted with a digital processing circuit for performing modular calculation operations with a view to executing operations such as modular multiplication, the processing circuit is used to implement a private key encryption function consisting of a series of reversible operations comprising at least a combination of two operations, i.e. a modular calculation operation and a binary logic operation, and said function is applied either for encrypting or signing messages to be transmitted, or for decrypting received messages.
-
Citations
12 Claims
-
1. A process for implementing a secret key protocol between first and second processing devices (Aj, Ak) wherein each device includes a digital processing circuit to perform modular calculations, comprising the steps of:
-
implementing in said processing circuit a secret key enciphering function composed of a sequence of reversable operations comprising at least the combination of two operations, one of the modular calculation type and the other in binary logic, applying said function either to outgoing messages to encipher them, or to incoming messages to decipher them, effecting in said digital processing circuit a dividing of said messages (m) into blocks (x) of N bits prior to said applying step and then processing said divided message in accordance with said applied functions, and said sequence of operations comprises at least a combination of two operations, one of which is a permutation using modular multiplication and the other an OR-exclusive logic operation, this combination being defined by a secret-key enciphering function f such that;
f(x)=(x⊕
K2)*K1 mod nwherein; x represents a block of N bits of the message, K1 and K2 represent a first and a second secret key over N bits, n is an odd number of N bits, ⊕
is an exclusive OR operation.,* is a multiplication modulo n operation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
the first device (Aj) divides the message (m) into (q+1) blocks of N bits said first device (Aj) enciphers each block x of the message such that the enciphered block y of the message is such that;
-
-
4. Process according to claim 1, characterized in that in the first device (Aj) the message (m) is divided into (q+1) blocks (x) of N bits, in that a block xi of one message is placed in a first register, the next block xi+1 is placed in a second register, and the device sends the enciphered messages after the operation of applying the function f such that
-
5. Process according to claim 4, characterized in that the processing circuit is used to hash the message and in that, when the first device (Aj) hashes a message M of length L, the circuit performs the following steps:
-
6. Process according to claim 1, including generating a hashed value of the message (m) and in that when the first device (Aj)hashes the message (M) of length L, the following steps are carried out
-
7. Process according to claim 1, characterized in that the modular calculation involves a large number.
-
8. Process according to claim 1, characterized in that the devices are smart cards, PCMCIA cards, badges, contactless cards, or any other portable apparatus or device equipped with a security module possessing the same functions as said portable devices.
-
9. Process according to claim 1, characterized in that communication between each device is effected by exchanging radio waves or infrared signals.
-
10. A process for implementing a secrete-key protocol between two processing devices (Aj, Ak), at least one of them being a portable storage device, comprising the following steps:
-
equipping the devices with a digital processing circuit able to perform operations of the modular calculation type to carry out operations, using this processing circuit to implement a secret-key enciphering function composed of a sequence of reversible operations comprising at least the combination of two operations, one of the modular calculation type and the other in binary logic, applying this function either to messages for transmission to encipher them, or to received messages to decipher them, wherein in one device the message is divided into (q+1) blocks of N bits, in that a block xi of one message is placed in a first register, the next block xi+1 is placed in a second register, and the device sends the enciphered messages after the operation consisting of applying a function f such that E(xi, xi+1)=fp(xi, xi+1) with f (xi, xi+1)=yi, yi+1 where yi=xi+1 and p being and iteration number
yi+1=xi⊕
((yi⊕
K2)*K1 mod n)the one device sends the (q+1) y blocks to the other device (Ak), the other device (Ak) performs the following operation on each block yi; - View Dependent Claims (11, 12)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeGemalto SA (Thales SA)
-
Original AssigneeGemplus (Thales SA)
-
InventorsM'Raihi, David, Naccache, David
-
Primary Examiner(s)Hayes, Gail
-
Assistant Examiner(s)Seal, James
-
Application NumberUS08/875,331Time in Patent Office1,315 DaysField of Search380/28, 380/30, 380/43, 380/44, 380/259, 380/170, 380/171, 380/172, 380/285US Class Current380/28CPC Class CodesG06Q 20/341 Active cards, i.e. cards in...G06Q 20/40975 using encryption thereforG07F 7/1008 Active credit-cards provide...G07F 7/1016 Devices or methods for secu...H04L 9/0643 Hash functions, e.g. MD5, S...
