Communication session encryption and authentication system
First Claim
1. A method for creating and securely distributing ephemeral random symmetric keys for use in a plurality of concurrent or spaced in time communication sessions on a communication medium between a first data processing station and a plurality of second data processing stations having access to the communication medium, in which the first station and each second station in the plurality of second stations have respective identifiers and first and second shared secrets, and for mutual authentication of the first and second stations without exchanging messages carrying said shared secrets via the communication medium, comprising:
- receiving at the first station requests from the plurality of second stations for initiation of a communication session;
producing an array of session random symmetric encryption keys and plurality of sub-arrays of data random symmetric keys at the first station, where each sub-array is subordinated only to a respective session random symmetric encryption key to service a plurality of communication sessions by continuously generating, storing and obliterating the keys in the array and in the sub-arrays according to a logic at the first station; and
after receiving a request from a particular second station, selecting a session random symmetric encryption key from said array, and executing a plurality of exchanges of encrypted messages across said communication medium during an authentication stage of the communication session, the exchanges in the plurality of exchanges including at least one message carrying respective data random symmetric keys from the sub-array which is subordinated to the selected session random symmetric encryption key from the first station to the second station and messages respectively returning the data random symmetric keys, or their hashed equivalents, in an encrypted form from the second station to the first station, to mutually authenticate the first station and the second station without exchanging the first and second shared secrets over the communication medium, and to provide one of the data random symmetric keys from the sub-array to the second station as a final symmetric encryption key for use in subsequent communications during said communication session;
wherein in at least one of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is encrypted using an intermediate data random symmetric encryption key, where the intermediate data random symmetric encryption key is one of the data random symmetric keys from said sub-array, exchanged in a previous one of the plurality of exchanges; and
wherein in at least one of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is veiled in a conversion array using the first shared secret and then, encrypted using one of the data random symmetric keys from said sub-array exchanged in a previous exchange, andin at least one other of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is veiled in a conversion array using the second shared secret and then, encrypted using one of the data random symmetric keys from said sub-array exchanged in a previous exchange.
2 Assignments
0 Petitions
Accused Products
Abstract
An interactive mutual authentication protocol, which does not allow shared secrets to pass through untrusted communication media, integrates an encryption key management system into the authentication protocol, so that key management becomes an essential part of the authentication protocol itself. The system provides a secure distribution of a secret session random key used in symmetric cryptography. Successful exchange of this encryption key allows for secure transit of the protocol data over communication lines in encrypted form, permitting explicit mutual authentication of the connected parties. The post-authentication stage of the communication session can use secure encryption for the data exchange, since each party has already obtained the secret session random key.
-
Citations
36 Claims
-
1. A method for creating and securely distributing ephemeral random symmetric keys for use in a plurality of concurrent or spaced in time communication sessions on a communication medium between a first data processing station and a plurality of second data processing stations having access to the communication medium, in which the first station and each second station in the plurality of second stations have respective identifiers and first and second shared secrets, and for mutual authentication of the first and second stations without exchanging messages carrying said shared secrets via the communication medium, comprising:
-
receiving at the first station requests from the plurality of second stations for initiation of a communication session; producing an array of session random symmetric encryption keys and plurality of sub-arrays of data random symmetric keys at the first station, where each sub-array is subordinated only to a respective session random symmetric encryption key to service a plurality of communication sessions by continuously generating, storing and obliterating the keys in the array and in the sub-arrays according to a logic at the first station; and after receiving a request from a particular second station, selecting a session random symmetric encryption key from said array, and executing a plurality of exchanges of encrypted messages across said communication medium during an authentication stage of the communication session, the exchanges in the plurality of exchanges including at least one message carrying respective data random symmetric keys from the sub-array which is subordinated to the selected session random symmetric encryption key from the first station to the second station and messages respectively returning the data random symmetric keys, or their hashed equivalents, in an encrypted form from the second station to the first station, to mutually authenticate the first station and the second station without exchanging the first and second shared secrets over the communication medium, and to provide one of the data random symmetric keys from the sub-array to the second station as a final symmetric encryption key for use in subsequent communications during said communication session; wherein in at least one of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is encrypted using an intermediate data random symmetric encryption key, where the intermediate data random symmetric encryption key is one of the data random symmetric keys from said sub-array, exchanged in a previous one of the plurality of exchanges; and wherein in at least one of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is veiled in a conversion array using the first shared secret and then, encrypted using one of the data random symmetric keys from said sub-array exchanged in a previous exchange, and in at least one other of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is veiled in a conversion array using the second shared secret and then, encrypted using one of the data random symmetric keys from said sub-array exchanged in a previous exchange. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A data processing apparatus for creating and securely distributing ephemeral random symmetric keys for use in a plurality of concurrent or spaced in time communication sessions on a communication medium between the data processing apparatus as a first station and a plurality of second data processing stations having access to the communication medium, in which the first station and each second station in the plurality of second stations have respective identifiers and first and second shared secrets, and for mutual authentication of the first and second stations without exchanging messages carrying said shared secrets via the communication medium, comprising:
-
a processor at the first station, a communication interface adapted for connection to a communication medium, and memory storing instructions for execution by the data processor, the instructions including logic to receive requests via the communication interface from the plurality of second stations for initiation of a communication session; logic to produce an array of session random symmetric encryption keys and plurality of sub-arrays of data random symmetric keys at the first station, where each sub-array is subordinated only to a respective session random symmetric encryption key to service a plurality of communication sessions by continuously generating, storing and obliterating the keys in the array and in the sub-arrays; and logic to select, after receiving a request from a particular second station, a session random symmetric encryption key from said array, and to execute a plurality of exchanges of encrypted messages across said communication medium during an authentication stage of the communication session, the exchanges in the plurality of exchanges including at least one message carrying respective data random symmetric keys from the sub-array which is subordinated to the selected session random symmetric encryption key from the first station to the second station and messages respectively returning the data random symmetric keys, or their hashed equivalents, in an encrypted form from the second station to the first station, to mutually authenticate the first station and the second station without exchanging the first and second shared secrets over the communication medium, and to provide one of the data random symmetric keys from the sub-array to the second station as a final symmetric encryption key for use in subsequent communications during said communication session; wherein in at least one of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is encrypted using an intermediate data random symmetric encryption key, where the intermediate data random symmetric encryption key is one of the data random symmetric keys from said sub-array, exchanged in a previous one of the plurality of exchanges; and wherein in at least one of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is veiled in a conversion array using the first shared secret and then, encrypted using one of the data random symmetric keys from said sub-array exchanged in a previous exchange, and in at least one other of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is veiled in a conversion array using the second shared secret and then, encrypted using one of the data random symmetric keys from said sub-array exchanged in a previous exchange. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. An article of manufacture, comprising:
-
a machine readable data storage medium having computer program instructions stored therein, for creating and securely distributing ephemeral random symmetric keys for use in a plurality of concurrent or spaced in time communication sessions on a communication medium between a first data processing station and a plurality of second data processing stations having access to the communication medium, in which the first station and each second station in the plurality of second stations have respective identifiers and first and second shared secrets, and for mutual authentication of the first and second stations without exchanging messages carrying said shared secrets via the communication medium, said instructions comprising; logic to receive at the first station requests from the plurality of second stations for initiation of a communication session; logic to produce an array of session random symmetric encryption keys and plurality of sub-arrays of data random symmetric keys at the first station, where each sub-array is subordinated only to a respective session random symmetric encryption key to service a plurality of communication sessions by continuously generating, storing and obliterating the keys in the array and in the sub-arrays; and logic to select, after receiving a request from a particular second station, a session random symmetric encryption key from said array, and to execute a plurality of exchanges of encrypted messages across said communication medium during an authentication stage of the communication session, the exchanges in the plurality of exchanges including at least one message carrying respective data random symmetric keys from the sub-array which is subordinated to the selected session random symmetric encryption key from the first station to the second station and messages respectively returning the data random symmetric keys, or their hashed equivalents, in an encrypted form from the second station to the first station, to mutually authenticate the first station and the second station without exchanging the first and second shared secrets over the communication medium, and to provide one of the data random symmetric keys from the sub-array to the second station as a final symmetric encryption key for use in subsequent communications during said communication session; wherein in at least one of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is encrypted using an intermediate data random symmetric encryption key, where the intermediate data random symmetric encryption key is one of the data random symmetric keys from said sub-array, exchanged in a previous one of the plurality of exchanges; and wherein in at least one of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is veiled in a conversion array using the first shared secret and then, encrypted using one of the data random symmetric keys from said sub-array exchanged in a previous exchange, and in at least one other of the plurality of exchanges, the respective data random symmetric key, or its hashed equivalent, is veiled in a conversion array using the second shared secret and then, encrypted using one of the data random symmetric keys from said sub-array exchanged in a previous exchange. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification