Multiple level public key hierarchy for performance and high security
First Claim
1. An asymmetric cryptographic processing system using a multiple key hierarchy, the asymmetric cryptographic processing system comprising:
- a digital processing device;
a first key for performing asymmetric operations at a first rate in the digital processing device, wherein each operation requires a first cryptographic processing time; and
a second key for performing an asymmetric cryptographic processing operation in the digital processing device to update the first key, wherein the second key is used in cryptographic processing operations for the first key at a second rate that is less often than the first rate and that requires a second cryptographic processing time greater than the first cryptographic processing time.
4 Assignments
0 Petitions
Accused Products
Abstract
Multiple public/private key pairs of varying levels of security are used to provide a high level of security while still allowing fast processing of encrypted information. The lower-security level includes keys that are small in length, that are changed relatively often, and that require less or fewer resources to implement their functions. When it is required to change key pairs of low security, a key pair at a higher security level (i.e., longer length keys) than the lower-security level keys is used to transfer the new lower-security public keys to devices using those keys. The higher-security keys can, in turn, be changed at a frequency lower than the lower-security keys. The higher-security keys require a higher level of resources to perform their coding operations. This approach of using keys of escalating levels of security to replace lower-security keys, where the higher-security keys require more resources, are more secure, and are replaced less often than the lower-security keys, can be followed as many times as is desired to create a hierarchy of public key uses with the result that the lower-security operations can be performed quickly while the overall system security is high.
51 Citations
17 Claims
-
1. An asymmetric cryptographic processing system using a multiple key hierarchy, the asymmetric cryptographic processing system comprising:
-
a digital processing device; a first key for performing asymmetric operations at a first rate in the digital processing device, wherein each operation requires a first cryptographic processing time; and a second key for performing an asymmetric cryptographic processing operation in the digital processing device to update the first key, wherein the second key is used in cryptographic processing operations for the first key at a second rate that is less often than the first rate and that requires a second cryptographic processing time greater than the first cryptographic processing time. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for providing secure data transactions in a telecommunications system, wherein digital processing device receives information from the telecommunications system, wherein the digital processing device uses a first asymmetrical cryptographically processed key to perform an asymmetric cryptographic processing operation to decode the information, wherein the cryptographic processing operation is at a first level of complexity requiring a first amount of resources by the processing device, wherein the cryptographic processing operation is performed at a first rate of cryptographic processing operations per unit time, the method comprising:
-
transferring a second asymmetrical cryptographically processed key to the digital processing device, wherein the second asymmetrical cryptographically processed key is used in an asymmetric cryptographic processing operation at a second level of complexity requiring a second amount of resources by the processing device that is higher than the first amount of resources; updating the first asymmetrical cryptographically processed key from time-to-time, wherein the updating of the first asymmetrical cryptographically processed key occurs at a second rate of cryptographic processing operations per unit time that is less than the first rate of cryptographic processing operations per unit time, wherein the updating includes the following substeps;
encoding a substitute first asymmetrical cryptographically processed key with a second key, so that the resulting cryptographically processed substitute first asymmetrical cryptographically processed key is decodable by the second asymmetrical cryptographically processed key; andtransferring the substitute first asymmetrical cryptographically processed key to the digital processing device so that the substitute first asymmetrical cryptographically processed key is used in subsequent cryptographic processing operations by the digital processing device. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A method of updating a cryptographic key used for decrypting distributed data, the method comprising:
-
in a digital processing device; generating a first key for decrypting the distributed data at a first rate, the first key of a first length, wherein each decrypting operation requires a first cryptographic processing time; encrypting the first key with a second key, the second key of a second length, wherein the second length is longer than the first length, further wherein the first key encryption processing operations is at a second rate that is less often than the first rate and that requires a second cryptographic processing time greater than the first cryptographic processing time; and distributing the encrypted first key, wherein the distributed first key updates the cryptographic key, and wherein the cryptographic key, first key, and second key encrypt and decrypt data using a similar class of algorithm to encrypt and decrypt data. - View Dependent Claims (15, 16, 17)
-
Specification