Method and apparatus for stepping pair keys in a key-management scheme
First Claim
1. A method for a first data processing device (node I) to send data to a second data processing device (node J), comprising the steps of:
- providing a secret value i and a first public value to said node I;
providing a context variable Ni to said node I;
providing a secret value j, and a second public value to said node J;
said node I performing the steps of;
obtaining a certificate for node J and determining said second public value for node J from said certificate for node J;
computing a key {Kij }N.sbsb.i from a shared secret derived from said second public value, said secret value i, and said context variable Ni ;
utilizing said key {Kij }N.sbsb.i to encrypt a randomly generated transient key Kp, and encrypting a data packet to be transmitted to node J using said key Kp ;
said node I sending said data packet encrypted using said key Kp to said node J;
said node I notifying said node J of the current value of Ni.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for generating additional implicit keys from a key [Kij ]N without the necessity of generating a new Diffie-Helman (DH) certificate or requiring communication between nodes to change implicit master keys is disclosed. A first data processing device (node I) is coupled to a private network which is in turn coupled to the Internet. A second data processing device (node J) is coupled to the same, or to a different network, which is also coupled to the Internet, such that node I communicates with node J using the Internet protocol. Node I is provided with a secret value i and a public value. Data packets (referred to as "datagrams") are encrypted to enhance network security. Each node maintains an internal value of N which is incremented based on time and upon the receipt of a data packet from another node. The key [Kij ]N.sbsb.i is derived from the appropriate quantity of αNij by using high order key-sized bits of the respective quantity. The present invention then utilizes the key [Kij ]N.sbsb.i to encrypt a transient key which is referred to as Kp. Node I encrypts the IP data in Kp and encrypts Kp in [Kij ]N.sbsb.i. Node I transmits the encrypted IP datagram packet in the encrypted key Kp to the receiving node J. Node I further includes its current internal value of Ni in the outgoing packet. The present invention also provides for the application of one-way functions to the shared secret to enhance security. Thus, either node I or node J may change the context such that if in the future [Kij ]N.sbsb.i is compromised, or is not useable by a cracker to either decrypt prior encrypted packets. The present invention discloses methods and apparatus for achieving perfect forward security for closed user groups, and for the application of the SKIP methodology to datagram multicast protocols.
90 Citations
40 Claims
-
1. A method for a first data processing device (node I) to send data to a second data processing device (node J), comprising the steps of:
-
providing a secret value i and a first public value to said node I; providing a context variable Ni to said node I; providing a secret value j, and a second public value to said node J; said node I performing the steps of; obtaining a certificate for node J and determining said second public value for node J from said certificate for node J; computing a key {Kij }N.sbsb.i from a shared secret derived from said second public value, said secret value i, and said context variable Ni ; utilizing said key {Kij }N.sbsb.i to encrypt a randomly generated transient key Kp, and encrypting a data packet to be transmitted to node J using said key Kp ; said node I sending said data packet encrypted using said key Kp to said node J; said node I notifying said node J of the current value of Ni. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. An apparatus for encrypting data for transmission from a first data processing device (node I) to a second data processing device (node J), comprising:
-
node I including a first storage device configured to store a secret value i, a first public value, and an internal context variable Ni ; node J including a second storage device configured to store a secret value j, a second public value, and an internal context variable Nj ; node I including an encrypting device configured to encrypt a data packet to be transmitted to node J, said data packet being encrypted using a first certificate for node J to determine said second public value for node J; said encrypting device further deriving a key {Kij }N.sbsb.i from the value of a shared secret derived from said second public value, said secret value i, and said context variable Ni, and said encrypting device encrypting a randomly generated transient key Kp using {Kij }N.sbsb.i, and encrypting said data packet using said transient key Kp ; node I further including an interface circuit configured to transmit said encrypted data packet to said node J and to notify said node J of the value of Ni. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
Specification