Method and apparatus for a key-management scheme for internet protocols

US 5,588,060 A
Filed: 06/10/1994
Issued: 12/24/1996
Est. Priority Date: 06/10/1994
Status: Expired due to Term

First Claim

Patent Images

1. An improved method for a first data processing device (node I) to send data to a second data processing device (node J), comprising the steps of:

providing an element for performing the step of providing a secret value i, and a public value ∝

ⁱ mod p to said node I;

providing an element for performing the step of providing a secret value j, and a public value ∝

^j mod p to said node J;

said node I including an element for performing the steps of;

obtaining a Diffie-Helman (DH) certificate for node J and determining said public value ∝

ⁱ mod p from said DH certificate;

computing the value of ∝

^ij mod p, said node I further deriving a key K_ij from said value ∝

^ij mod p;

utilizing said key K_ij to encrypt a randomly generated transient key K_p, and encrypting a data packet to be transmitted to node J using said key K_p ;

providing an element for performing the step of said node I sending said data packet encrypted using said key K_p to said node J.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A first data processing device (node I) is coupled to a private network which is in turn coupled to the Internet. A second data processing device (node J) is coupled to the same, or to a different network, which is also coupled to the Internet, such that node I communicates to node J using the Internet protocol. Node I is provided with a secret value i, and a public value ∝ⁱ mod p. Node J is provided with a secret value j, and a public value ∝^j mod p. Data packets (referred to as "datagrams") are encrypted using the teachings of the present invention to enhance network security. A source node I obtains a Diffie-Helman (DH) certificate for node J, (either from a local cache, from a directory service, or directly from node J), and obtains node J'"'"'s public value ∝^j mod p from the DH certificate. Node I then computes the value of ∝^ij mod p, and derives a key K_ij from the value ∝^ij mod p. A transient key K_p is then generated at random, and K_p is used to encrypt the datagram to be sent by node I. K_p is then encrypted with key K_ij. Upon receipt of the encrypted datagram by the receiving node J, the node J obtains a DH certificate for node I, (either from a local cache, from a directory service, or directly from node J), and obtains the public value ∝ⁱ mod p. Node J then computes the value of ∝^ij mod p and derives the key K_ij. Node J utilizes the key K_ij to decrypt the transient key K_p, and using the decrypted transient key K_p, node J decrypts the datagram packet, thereby resulting in the original data in unencrypted form.

188 Citations

20 Claims

1. An improved method for a first data processing device (node I) to send data to a second data processing device (node J), comprising the steps of:
- providing an element for performing the step of providing a secret value i, and a public value ∝
  
  ⁱ mod p to said node I;
  
  providing an element for performing the step of providing a secret value j, and a public value ∝
  
  ^j mod p to said node J;
  
  said node I including an element for performing the steps of;
  
  obtaining a Diffie-Helman (DH) certificate for node J and determining said public value ∝
  
  ⁱ mod p from said DH certificate;
  
  computing the value of ∝
  
  ^ij mod p, said node I further deriving a key K_ij from said value ∝
  
  ^ij mod p;
  
  utilizing said key K_ij to encrypt a randomly generated transient key K_p, and encrypting a data packet to be transmitted to node J using said key K_p ;
  
  providing an element for performing the step of said node I sending said data packet encrypted using said key K_p to said node J.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method as defined by claim 1, further comprising the steps by said node J of:
    - providing an element for performing the step of receiving said data packet from node I;
      
      providing an element for performing the step of obtaining a DH certificate for said node I and determining said public value ∝
      
      ⁱ mod p from said DH certificate;
      
      providing an element for performing the step of computing the value of ∝
      
      ^ij mod p, said node J further deriving said key K_ij from said value ∝
      
      ^ij mod p;
      
      providing an element for performing the step of utilizing said key K_ij to decrypt the transient key K_p, and decrypting said received data packet using said transient key K_p ;
      
      whereby node J decrypts data received and previously encrypted by node I.
  - 3. The method as defined by claim 2, wherein said key K_ij is derived from ∝
    - ^ij mod p using low order key-size bits of ∝
      
      ^ij mod p.
  - 4. The method as defined by claim 3, wherein the key K_ij is an implicit pair-wise shared secret used as a key for a shared key cryptosystem (SKCS).
  - 5. The method as defined by claim 4, wherein said SKCS is DES.
  - 6. The method as defined by claim 5, wherein said SKCS is RC2.
  - 7. The method as defined by claim 4, wherein said data packet includes a source address, a destination address and an SKCS identifier field.
  - 8. The method as defined by claim 7, wherein said data packet further includes a message indicator field.
  - 9. The method as defined by claim 4, wherein ∝
    - and p are system parameters, and where p is a prime number.

10. An apparatus for encrypting data for transmission from a first data processing device (node I) to a second data processing device (node J), comprising:
- node I including a first storage device for storing a secret value i, and a public value ∝
  
  ⁱ mod p;
  
  node J including a second storage device for storing a secret value j, and a public value ∝
  
  ^j mod p;
  
  node I including an encrypting device for encrypting a data packet to be transmitted to node J, said data packet being encrypted using a first Diffie-Helman (DH) certificate for node J to determine said public value ∝
  
  ^j mod p;
  
  said encrypting device further computing the value of ∝
  
  ^ij mod p and deriving a key K_ij from said value ∝
  
  ^ij mod p;
  
  said encrypting device encrypting a randomly generated transient key K_p from K_ij, and encrypting said data packet using said transient key K_p ;
  
  node I further including an interface circuit for transmitting said encrypted data packet to said node J.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 11. The apparatus as defined by claim 10, wherein said node J further includes:
    - a receiver for receiving said encrypted data packet from node I;
      
      a decrypting device coupled to said receiver for decrypting said data packet from node I.
  - 12. The apparatus as defined by claim 11, wherein said decrypting device obtains a second DH certificate for said node I and determines said public value ∝
    - ⁱ mod p, and computes the value of ∝
      
      ^ij mod p, said decrypting device further deriving said key K_ij from ∝
      
      ^ij mod p.
  - 13. The apparatus as defined by claim 12, wherein said decrypting device utilizes said key K_ij to decrypt said transient key K_p, and decrypts said received data packet using said transient key K_p.
  - 14. The apparatus as defined by claim 13, wherein said key K_ij is derived from ∝
    - ^ij mod p using low order key-size bits of ∝
      
      ^ij mod p.
  - 15. The apparatus as defined by claim 14, wherein said key K_ij is an implicit pair-wise shared secret used as a key for a shared key cryptosystem (SKCS).
  - 16. The apparatus as defined by claim 15, wherein said data packet includes a source address, a destination address and an SKCS identifier field.
  - 17. The apparatus as defined by claim 16, wherein said data packet further includes a message indicator field.
  - 18. The apparatus as defined by claim 17, wherein ∝
    - and p are system parameters, and where p is a prime number.
  - 19. The apparatus as defined by claim 15, wherein said SKCS is DES.
  - 20. The apparatus as defined by claim 15, where said SKCS is RC2.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Aziz, Ashar
Primary Examiner(s)
CANGIALOSI, SALVATORE A

Application Number

US08/258,272
Time in Patent Office

928 Days
Field of Search

380/21, 380/30
US Class Current

380/30
CPC Class Codes

H04L 12/4604   LAN interconnection over a ...

H04L 63/0272   Virtual private networks

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0823   using certificates cryptogr...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/40   Network security protocols

Method and apparatus for a key-management scheme for internet protocols

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

188 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for a key-management scheme for internet protocols

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

188 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others