System and method for deriving an appropriate initialization vector for secure communications

US 6,055,316 A
Filed: 12/26/1997
Issued: 04/25/2000
Est. Priority Date: 12/26/1997
Status: Expired due to Term

First Claim

Patent Images

1. A ciphertext information generating system for generating ciphertext from plaintext, said ciphertext information generating system comprising:

A. an initialization vector generator configured to receive a selected input value and generate an initialization vector therefrom using a selected initialization vector generation methodology,(i) the selected input value being different for each plaintext and being associated with a selected characteristic of said plaintext,(ii) the selected initialization vector generation methodology being selected so that(a) a small change of the selected input value will result in a large change in the initialization vector; and

(b) for any two randomly-selected selected input values, it is unlikely that the corresponding initialization vectors will have the same value; and

B. an encryption module configured to generate the ciphertext from the plaintext and the initialization vector using a selected encryption methodology and encryption key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure communications arrangement is disclosed including a source device and a destination device interconnected by a network. The source device generates message packets for transfer to the destination device, each message packet including information in ciphertext form. The source device generates the ciphertext from plaintext in accordance with the cipher block chaining mode, using an initialization vector that is generated using a hash function selected so that small changes in an input result in large changes in the initialization vector. As a result values such as sequence numbers or time stamps can be used in generating the initialization vector, while still providing for cryptographic security for the ciphertext as against cryptanalytic attack. The destination device receives the message packet and decrypts the ciphertext to generate plaintext in accordance with the cipher block chaining mode, using an initialization vector that is generated using the corresponding hash function. Although the secure communications arrangement is described in connection with the cipher block chaining mode, other modes, such as the cipher-feedback mode, output-feedback mode and other encryption modes which make use of initialization vectors, could also be used.

113 Citations

87 Claims

1. A ciphertext information generating system for generating ciphertext from plaintext, said ciphertext information generating system comprising:
- A. an initialization vector generator configured to receive a selected input value and generate an initialization vector therefrom using a selected initialization vector generation methodology,(i) the selected input value being different for each plaintext and being associated with a selected characteristic of said plaintext,(ii) the selected initialization vector generation methodology being selected so that(a) a small change of the selected input value will result in a large change in the initialization vector; and
  
  (b) for any two randomly-selected selected input values, it is unlikely that the corresponding initialization vectors will have the same value; and
  
  B. an encryption module configured to generate the ciphertext from the plaintext and the initialization vector using a selected encryption methodology and encryption key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A ciphertext information generating system as defined in claim 1 in which the selected initialization vector generation methodology is a hashing methodology.
  - 3. A ciphertext information generating system as defined in claim 2 in which the selected initialization vector generation methodology is an MD5 hashing methodology.
  - 4. A ciphertext information generating system as defined in claim 1 in which the selected characteristic is a ciphertext sequence number.
  - 5. A ciphertext information generating system as defined in claim 1 in which the selected characteristic is a time stamp.
  - 6. A ciphertext information generating system as defined in claim 1 further including a ciphertext information utilization module configured to utilize the ciphertext.
  - 7. A ciphertext information generating system as defined in claim 6 in which the ciphertext information utilization module comprises a message packet transfer module configured to generate a message packet including the ciphertext for transfer over a network.
  - 8. A ciphertext information generating system as defined in claim 7 in which the message packet transfer module is further configured to associate the selected input value with the message packet.
  - 9. A ciphertext information generating system as defined in claim 6 in which the ciphertext information utilization module comprises an information store for storing the ciphertext.
  - 10. A ciphertext information generating system as defined in claim 9 in which the initialization vector generator is configured to use a storage address in the information store as the input number.

11. A plaintext information generating system for generating plaintext from ciphertext, said plaintext information generating system comprising:
- A. an initialization vector generator configured to receive a selected input value and generate an initialization vector therefrom using a selected initialization vector generation methodology,(i) the selected input value being different for each plaintext and being associated with a selected characteristic of said ciphertext,(ii) the selected initialization vector generation methodology being selected so that(a) a small change of the selected input value will result in a large change in the initialization vector; and
  
  (b) for any two randomly-selected selected input values, it is unlikely that the corresponding initialization vectors will have the same value; and
  
  B. a decryption module configured to generate the plaintext from the ciphertext and the initialization vector using a selected decryption methodology and decryption key.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 12. A plaintext information generating system as defined in claim 11 in which the selected initialization vector generation methodology is a hashing methodology.
  - 13. A plaintext information generating system as defined in claim 12 in which the selected initialization vector generation methodology is an MD5 hashing methodology.
  - 14. A plaintext information generating system as defined in claim 11 in which the selected characteristic is a ciphertext sequence number.
  - 15. A plaintext information generating system as defined in claim 11 in which the selected characteristic is a time stamp.
  - 16. A plaintext information generating system as defined in claim 11 further including a ciphertext information utilization module configured to utilize the ciphertext.
  - 17. A plaintext information generating system as defined in claim 16 in which the ciphertext information utilization module comprises a message packet receiving module configured to receive a message packet including the ciphertext for transfer over a network and provide the ciphertext in the message packet to the decryption module.
  - 18. A plaintext information generating system as defined in claim 17 in which the message packet is further associated with the selected input value, the message packet receiving module being further configured to provide the associated selected input value to the initialization vector generator.
  - 19. A plaintext information generating system as defined in claim 16 in which the ciphertext information utilization module comprises an information store and a ciphertext retrieval module for retrieving the ciphertext from the information store for provision to the decryption module.
  - 20. A plaintext information generating system as defined in claim 19 in which the initialization vector generator is configured to use a storage address in the information store as the input number.
  - 21. A plaintext information generating system as defined in claim 11 in which the decryption module is further configured to perform a verification operation to verify sensibility of the plaintext.
  - 22. A plaintext information generating system as defined in claim 21 in which the decryption module is configured to perform the verification operation by generating from at least a portion of the plaintext a check value and comparing the check value to a corresponding value associated with the message packet.
  - 23. A plaintext information generating system as defined in claim 22 in which the check value is selected from at least one of a checksum value and a signature value.
  - 24. A plaintext information generating system as defined in claim 21 in which the decryption module is configured to perform the verification operation in connection with a verification methodology selected based on plaintext structure.
  - 25. A plaintext information generating system as defined in claim 24 in which the plaintext is in ASCII text form, the decryption module being configured to perform the verification operation to verify that the plaintext is in ASCII text form.
  - 26. A plaintext information generating system as defined in claim 21 in which the decryption module is configured to perform the verification operation in connection with a verification methodology selected based on application-specific analysis of the plaintext.
  - 27. A plaintext information generating system as defined in claim 21 in which the decryption module is configured to, in performing the verification operation, enable the initialization vector generating module to generate a plurality of initialization vectors each from a respective one of a plurality of input values, the decryption module generating a trial plaintext from each of said initialization vectors and identifying therefrom a verified plaintext based on the sensibility of the trial plaintexts.
  - 28. A plaintext information generating system as defined in claim 21 in which the decryption module is configured to, in performing the verification operation, in a series of iterations, enable the initialization vector generating module to generate an initialization vector, in each iteration using an associated input value, the decryption module generating a trial plaintext using each initialization vector and determining therefrom the sensibility of the trial plaintext generated for the iteration, the series of iterations to continue until a trial plaintext is determined to be sensible, the sensible trial plaintext comprising a verified plaintext.
  - 29. A plaintext information generating system as defined in claim 21 in which the decryption module is configured to, in performing the verification operation, enable the initialization vector generating module to generate a plurality of initialization vectors each from a respective one of a plurality of input values, the decryption module generating a trial plaintext from each of said initialization vectors and providing all of these trial plaintexts with their respective sensibilities.

30. A ciphertext information generating method for generating ciphertext from plaintext, said ciphertext information generating method comprising:
- A. an initialization vector generating step in which an initialization vector is generated from a selected input value using a selected initialization vector generation methodology,(i) the selected input value being different for each plaintext and being associated with a selected characteristic of said plaintext,(ii) the selected initialization vector generation methodology being selected so that(a) a small change of the selected input value will result in a large change in the initialization vector; and
  
  (b) for any two randomly-selected selected input values, it is unlikely that the corresponding initialization vectors will have the same value; and
  
  B. an encryption step in which the ciphertext is generated from the plaintext and the initialization vector using a selected encryption methodology and encryption key.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39)
- - 31. A ciphertext information generating method as defined in claim 30 in which the selected initialization vector generation methodology is a hashing methodology.
  - 32. A ciphertext information generating method as defined in claim 31 in which the selected initialization vector generation methodology is an MD5 hashing methodology.
  - 33. A ciphertext information generating method as defined in claim 30 in which the selected characteristic is a ciphertext sequence number.
  - 34. A ciphertext information generating method as defined in claim 30 in which the selected characteristic is a time stamp.
  - 35. A ciphertext information generating method as defined in claim 30 further including a ciphertext information utilization step in which the ciphertext is utilized.
  - 36. A ciphertext information generating method as defined in claim 35 in which the ciphertext information utilization step includes the step of generating a message packet including the ciphertext for transfer over a network.
  - 37. A ciphertext information generating method as defined in claim 36 in which the message packet generating step includes the step of associating the selected input value with the message packet.
  - 38. A ciphertext information generating method as defined in claim 35 in which the ciphertext information utilization step includes the step of storing the ciphertext in an information store.
  - 39. A ciphertext information generating method as defined in claim 38 in which the initialization vector generation step includes the step of using a storage address in the information store as the input number.

40. A plaintext information generating method for generating plaintext from ciphertext, said plaintext information generating method comprising:
- A. an initialization vector generating step in which an initialization vector is generated from a selected input value using a selected initialization vector generation methodology,(i) the selected input value being different for each plaintext and being associated with a selected characteristic of said ciphertext,(ii) the selected initialization vector generation methodology being selected so that(a) a small change of the selected input value will result in a large change in the initialization vector; and
  
  (b) for any two randomly-selected selected input values, it is unlikely that the corresponding initialization vectors will have the same value; and
  
  B. a decryption step in which the plaintext is generated from the ciphertext and the initialization vector using a selected decryption methodology and decryption key.
- View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58)
- - 41. A plaintext information generating method as defined in claim 40 in which the selected initialization vector generation methodology is a hashing methodology.
  - 42. A plaintext information generating method as defined in claim 41 in which the selected initialization vector generation methodology is an MD5 hashing methodology.
  - 43. A plaintext information generating method as defined in claim 40 in which the selected characteristic is a ciphertext sequence number.
  - 44. A plaintext information generating method as defined in claim 40 in which the selected characteristic is a time stamp.
  - 45. A plaintext information generating method as defined in claim 40 further including a plaintext information utilization step for utilizing the plaintext.
  - 46. A plaintext information generating method as defined in claim 45 in which the ciphertext information utilization step includes the step of receiving a message packet including the ciphertext.
  - 47. A plaintext information generating method as defined in claim 46 in which the message packet generating step includes the step of using a selected input value associated with the message packet in the initialization vector generating step.
  - 48. A plaintext information generating method as defined in claim 45 in which the ciphertext information utilization step includes the step of retrieving the ciphertext from an information store for use in the decryption step.
  - 49. A plaintext information generating method as defined in claim 48 in which the initialization vector generation step includes the step of using a storage address in the information store as the input number.
  - 50. A plaintext information generating method as defined in claim 40 in which the decryption step includes the step of performing a verification operation to verify sensibility of the plaintext.
  - 51. A plaintext information generating method as defined in claim 50 in which the decryption step includes the step of performing the verification operation by generating from at least a portion of the plaintext a check value and comparing the check value to a corresponding value associated with the message packet.
  - 52. A plaintext information generating method as defined in claim 51 in which the check value is selected from at least one of a checksum value and a signature value.
  - 53. A plaintext information generating method as defined in claim 50 in which the decryption step includes the step of performing the verification operation in connection with a verification methodology selected based on plaintext structure.
  - 54. A plaintext information generating method as defined in claim 53 in which the plaintext is in ASCII text form, the decryption step including the step of performing the verification operation to verify that the plaintext is in ASCII text form.
  - 55. A plaintext information generating method as defined in claim 50 in which the decryption step includes the step of performing the verification operation in connection with a verification methodology selected based on application-specific analysis of the plaintext.
  - 56. A plaintext information generating method as defined in claim 50 in which the decryption step includes the step of, in performing the verification operation, enabling the initialization vector generating step to be performed to generate a plurality of initialization vectors each from a respective one of a plurality of input values, in the decryption step a trial plaintext being generated from each of said initialization vectors, and a verified plaintext being identified therefrom based on the sensibility of the trial plaintexts.
  - 57. A plaintext information generating method as defined in claim 50 in which the decryption step includes the step of, in performing the verification operation, in a series of iterations, enabling the initialization vector generating step to be performed to generate an initialization vector, in each iteration using an associated input value, the decryption step including the step of generating a trial plaintext using each initialization vector and determining therefrom the sensibility of the trial plaintext generated for the iteration, the series of iterations to continue until a trial plaintext is determined to be sensible, the sensible trial plaintext comprising a verified plaintext.
  - 58. A plaintext information generating method as defined in claim 50 in which the decryption step includes the step of, in performing the verification operation, enabling the initialization vector generating step to generate a plurality of initialization vectors each from a respective one of a plurality of input values, the decryption step including the step of generating a trial plaintext from each of said initialization vectors and providing all of these trial plaintexts with their respective sensibilities.

59. A ciphertext information generation computer program product configured to enable a computer to generate ciphertext from plaintext, said ciphertext information generation computer program product comprising a computer-readable medium having encoded thereon:
- A. an initialization vector generator module configured to enable the computer to receive a selected input value and generate an initialization vector therefrom using a selected initialization vector generation methodology,(i) the selected input value being different for each plaintext and being associated with a selected characteristic of said plaintext,(ii) the selected initialization vector generation methodology being selected so that(a) a small change of the selected input value will result in a large change in the initialization vector; and
  
  (b) for any two randomly-selected selected input values, it is unlikely that the corresponding initialization vectors will have the same value; and
  
  B. an encryption module configured enable the computer to generate the ciphertext from the plaintext and the initialization vector using a selected encryption methodology and encryption key.
- View Dependent Claims (60, 61, 62, 63, 64, 65, 66, 67, 68)
- - 60. A ciphertext information generation computer program product as defined in claim 59 in which the selected initialization vector generation methodology is a hashing methodology.
  - 61. A ciphertext information generation computer program product as defined in claim 60 in which the selected initialization vector generation methodology is an MD5 hashing methodology.
  - 62. A ciphertext information generation computer program product as defined in claim 59 in which the selected characteristic is a ciphertext sequence number.
  - 63. A ciphertext information generation computer program product as defined in claim 59 in which the selected characteristic is a time stamp.
  - 64. A ciphertext information generation computer program product as defined in claim 59 further including a ciphertext information utilization module configured to enable the computer to utilize the ciphertext.
  - 65. A ciphertext information generation computer program product as defined in claim 64 in which the ciphertext information utilization module comprises a message packet transfer module configured to enable the computer to generate a message packet including the ciphertext for transfer over a network.
  - 66. A ciphertext information generation computer program product as defined in claim 65 in which the message packet transfer module is further configured to enable the computer associate the selected input value with the message packet.
  - 67. A ciphertext information generation computer program product as defined in claim 64 in which the ciphertext information utilization module configured to enable the computer to store the ciphertext on an information store.
  - 68. A ciphertext information generation computer program product as defined in claim 67 in which the initialization vector generator is configured to enable the computer to use a storage address in the information store as the input number.

69. A plaintext information generation computer program product for generating plaintext from ciphertext, said plaintext information generation computer program product comprising:
- A. an initialization vector generator module configured to enable the computer to receive a selected input value and generate an initialization vector therefrom using a selected initialization vector generation methodology,(i) the selected input value being different for each plaintext and being associated with a selected characteristic of said ciphertext,(ii) the selected initialization vector generation methodology being selected so that(a) a small change of the selected input value will result in a large change in the initialization vector; and
  
  (b) for any two randomly-selected selected input values, it is unlikely that the corresponding initialization vectors will have the same value; and
  
  B. a decryption module configured to enable the computer to generate the plaintext from the ciphertext and the initialization vector using a selected decryption methodology and decryption key.
- View Dependent Claims (70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87)
- - 70. A plaintext information generation computer program product as defined in claim 69 in which the selected initialization vector generation methodology is a hashing methodology.
  - 71. A plaintext information generation computer program product as defined in claim 70 in which the selected initialization vector generation methodology is an MD5 hashing methodology.
  - 72. A plaintext information generation computer program product as defined in claim 69 in which the selected characteristic is a ciphertext sequence number.
  - 73. A plaintext information generation computer program product as defined in claim 69 in which the selected characteristic is a time stamp.
  - 74. A plaintext information generation computer program product as defined in claim 69 further including a plaintext information utilization module for enabling the computer to utilize the plaintext.
  - 75. A plaintext information generation computer program product as defined in claim 74 in which the ciphertext information utilization module comprises a message packet receiving module configured to enable the computer to receive a message packet including the ciphertext for transfer over a network and provide the ciphertext in the message packet to the decryption module.
  - 76. A plaintext information generation computer program product as defined in claim 75 in which the message packet is further associated with the selected input value, the message packet receiving module being further configured to enable the computer to provide the associated selected input value to the initialization vector generator.
  - 77. A plaintext information generation computer program product as defined in claim 74 in which the ciphertext information utilization module is configured to enable the computer to retrieve the ciphertext information store from an information store and provide the retrieved ciphertext for processing under control of the decryption module.
  - 78. A plaintext information generation computer program product as defined in claim 77 in which the initialization vector generator module is configured to enable the computer to use a storage address in the information store as the input number.
  - 79. A plaintext information generation computer program product as defined in claim 69 in which the decryption module is further configured to enable the computer to perform a verification operation to verify sensibility of the plaintext.
  - 80. A plaintext information generation computer program product as defined in claim 79 in which the decryption module is configured to enable the computer to perform the verification operation by generating from at least a portion of the plaintext a check value and comparing the check value to a corresponding value associated with the message packet.
  - 81. A plaintext information generation computer program product as defined in claim 80 in which the check value is selected from at least one of a checksum value and a signature value.
  - 82. A plaintext information generation computer program product as defined in claim 79 in which the decryption module is configured to enable the computer to perform the verification operation in connection with a verification methodology selected based on plaintext structure.
  - 83. A plaintext information generation computer program product as defined in claim 82 in which the plaintext is in ASCII text form, the decryption module being configured to enable the computer to perform the verification operation to verify that the plaintext is in ASCII text form.
  - 84. A plaintext information generation computer program product as defined in claim 79 in which the decryption module is configured to enable the computer to perform the verification operation in connection with a verification methodology selected based on application-specific analysis of the plaintext.
  - 85. A plaintext information generation computer program product as defined in claim 79 in which the decryption module is configured to enable the computer to, in performing the verification operation, execute the initialization vector generating module to generate a plurality of initialization vectors each from a respective one of a plurality of input values, the decryption module enabling the computer to generate a trial plaintext from each of said initialization vectors and identify therefrom a verified plaintext based on the sensibility of the trial plaintexts.
  - 86. A plaintext information generation computer program product as defined in claim 79 in which the decryption module is configured to enable the computer to, in performing the verification operation, in a series of iterations, enable the initialization vector generating module to generate an initialization vector, in each iteration using an associated input value, the decryption module enabling the computer to generate a trial plaintext using each initialization vector and determine therefrom the sensibility of the trial plaintext generated for the iteration, the series of iterations to continue until a trial plaintext is determined to be sensible, the sensible trial plaintext comprising a verified plaintext.
  - 87. A plaintext information generation computer program product as defined in claim 79 in which the decryption module is configured to enable the computer to, in performing the verification operation, process the initialization vector generating module to generate a plurality of initialization vectors each from a respective one of a plurality of input values, the decryption module enabling the computer to generate a trial plaintext from each of said initialization vectors and providing all of these trial plaintexts with their respective sensibilities.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Perlman, Radia J., Hanna, Stephen R.
Primary Examiner(s)
Hayes, Gail O.
Assistant Examiner(s)
DI LORENZO, ANTHONY

Application Number

US08/998,520
Time in Patent Office

851 Days
Field of Search

380/29, 380/37, 380/48, 380/262
US Class Current

380/262
CPC Class Codes

H04L 9/0637 Modes of operation, e.g. ci...

H04L 9/0643 Hash functions, e.g. MD5, S...

System and method for deriving an appropriate initialization vector for secure communications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

113 Citations

87 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for deriving an appropriate initialization vector for secure communications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

113 Citations

87 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links