Showing papers on "Ciphertext published in 1989"

Secure broadcasting using the secure lock

Abstract: The authors discuss secure broadcasting, effected by means of a secure lock, on broadcast channels, such as satellite, radio, etc. This lock is implemented by using the Chinese Remainder theorem (CRT). The secure lock offers the following advantages: only one copy of the ciphertext is sent; the deciphering operation is efficient; and the number of secret keys held by each user is minimized. Protocols for secure broadcasting using the secure lock, based on the public-key cryptosystem as well as the private-key cryptosystem, are presented. >

Data cryptography operations using control vectors

Abstract: Data cryptography is achieved in an improved manner by associating with the data cryptography key, a control vector which provides the authorization for the uses of the key intended by the originator of the key. Among the uses specified by the control vector are limitations on encryption, decryption, authentication code generation and verification, translation of the user's data. Complex combinations of data manipulation functions are possible using the control vectors, in accordance with the invention. The system administrator can exercise flexibility in changing the implementation of his security policy by selecting appropriate control vectors in accordance with the invention. Complex scenarios such as encrypted mail box, session protection, file protection, ciphertext translation center, peer-to-peer ciphertext translation, message authentication, message authentication with non-repudiation and many others can be easily implemented by a system designer using the control vectors, in accordance with the invention.

New scheme for digital multisignatures

Abstract: When two individual users wish to carry on a secure conversation, they can use the well-known RSA public key cryptosystem in doing so. This cryptosystem provides to these users both data secrecy and digital signature in a very efficient manner. However, in many applications, multiple users need to sign a document. In this letter, we propose a modified scheme, based on the RSA scheme, which will allow any number of users to sign a document and send it secretly to the receiver. The length of ciphertext remains constant, no matter how great the number of signatories. The trade-off is that the processing times required for generating the multisignature, and for verifying multisignatures, depend on the number of signatories.

Secure management of keys using extended control vectors

Abstract: A method and apparatus are disclosed for use in a data processing system which executes a program which outputs cryptographic service requests for operations with cryptographic keys which are associated with control vectors defining the functions which each key is allowed by its originator to perform. The improved method and apparatus enable the use of control vectors having an arbitrary length. It includes a control vector register having an arbitrary length, for storing a control vector of arbitrary length associated with an N-bit cryptographic key. It further includes a control vector checking means having an input coupled to the control vector register, for checking that the control vector authorizes the cryptographic function which is requested by the cryptographic service request. It further includes a hash function generator having an input coupled to the control vector register and an N-bit output, for mapping the control vector output from the control vector register, into an N-bit hash value. A key register is included for storing the N-bit cryptographic key. It further includes a logic block having a first input coupled to the N-bit output of the hash function generator, and a second input connected to the key register, for forming at the output thereof a product of the N-bit key and the N-bit hash value. Finally, an encryption device is included having a first input for receiving a cleartext data stream and a key input coupled to the output of the logic block, for forming a ciphertext data stream at the output thereof from the cleartext data stream and the product. A decryption device can be substituted for the encryption device to perform decryption operations in a similar manner.

Data cryptography using control vectors

Abstract: Data cryptography is achieved in an improved manner by associating with the data cryptography key, a control vector which provides the authorisation for the uses of the key intended by the originator of the key. Among the uses specified by the control vector are limitations on encryption, decryption, authentication code generation and verification, translation of the user's data. Complex combinations of data manipulation functions are possible using the control vectors, in accordance with the invention. The system administrator can exercise flexibility in changing the implementation of his security policy by selecting appropriate control vectors in accordance with the invention. Complex scenarios such as encrypted mail box, session protection, file protection, ciphertext translation centre, peer-to-peer ciphertext translation, message authentication, message authentication with non-repudiation and many others can be easily implemented by a system designer using the control vectors, in accordance with the invention.

Minimum resource zero-knowledge proofs (extended abstracts)

Abstract: What are the resources of a zero-knowledge Proof? Interaction, communication, and envelops. That interaction, that is the number of rounds of a protocol, is a resource is clear. Actually, it is not a very available one: having someone on the line to answer your questions all the time is quite a luxury. Thus, minimizing the number of rounds in zero-knowledge proofs will make these proofs much more attractive from a practical standpoint. That communication, that is the number of bits exchanged in a protocol, is a resource is also immediately clear. Perhaps, what is less clear is why envelopes are a resource. Let us explain why this is the case.Zero-knowledge proofs work by hiding data from a verifier. Only some of this data will be later revealed, at the verifier's request: enough to convince him that the statement at end is true, but not enough to give him any knowledge beyond that. Data can be hidden in two ways: physically - e.g. by putting it into an envelope - or digitally - by encrypting it. But why is it important to minimize the number of envelopes? Physically, because a GOOD envelope is expensive - it actually must be a led box or a safe. Digitally, because minimizing the number of envelopes corresponds to reducing the transmitted bits. In fact, to transmit an encrypted message, one needs to send more bits than in the message itself. For instance, to send an encrypted bit, one needs to send at least 60 bits in some probabilistic encryption scheme. Also, to decrypt each ciphertext, one has to send the decryption key. However, many bits may be encrypted and decrypted with the same overhead of a few bits. Thus if one manages to package the data that should be hidden in as few envelopes as possible, while maintaining zero-knowledge, the protocol will require transmitting much less bits.

Improved Rabin's scheme with high efficiency

Abstract: The letter proposes a modified public-key cryptosystem based on the Rabin scheme. It can provide simultaneously both private encryption and digital signatures for network users. In the cases where it provides only encryption or only digital signatures, the scheme provides that the bit ratio between plaintext and ciphertext is 1:1 , i.e. equivalent to that of the RSA scheme.

Sharing method for key

Abstract: PURPOSE:To eliminate the need of always holding a terminal key by a host and to contrive the economization by allowing the host to have an arithmetic means of an algorithm F, determining the terminal key from a terminal code of a terminal and allowing the terminal to have a terminal key storage means. CONSTITUTION:For instance, a central office H1 of a host side generates terminal keys Ki, Kj by using an algorithm F, and also, enciphers a communication key R by using the terminal keys Ki, Kj as keys and obtains cipher texts Ci, Cj. The central office H1 sends the cipher Ci to a telephone set Ti, and sends the cipher Cj to a telephone set Tj. The telephone set Ti knows a fact that the cipher text Ci has been sent and receives the cipher text Ci. Subsequently, by using the terminal key Ki which has been held in a terminal key storage means, the cipher text Ci is decoded and the communication key R is obtained. In the same way, the telephone set Tj decodes the cipher text Cj by using the terminal key Kj which has been held and obtains the communication key R. In such a way, it is unnecessary that the central office H1 holds beforehand the terminal keys Ki, Kj.

Ciphertext to plaintext communications system and method

Abstract: A ciphertext to plaintext communications system including a communications channel, a generator, a data device, an encryptor, a black to red communicator (BRC) device, a decryptor, and a comparator. The generator generates a first data-bit sequence which has a predetermined bit pattern. The encryptor encrypts the first data-bit sequence as an encrypted-bit sequence. The encrypted-bit sequence is transmitted over the communications channel and received by the BRC device. The data device generates the second data-bit sequence, which may include data from diagnostic equipment or any other source of information originating in the channel carrying the encrypted-bit sequence. The BRC device modifies the encrypted-bit sequence using the second data-bit sequence. The decryptor decrypts the modified-encrypted-bit sequence as a third data-bit sequence. The third data-bit sequence is compared with the predetermined bit pattern with the comparator, which thereby generates the second data-bit sequence.

Two new efficient cryptosystems based on Rabin's scheme: alternatives to RSA cryptosystem

Abstract: Proposes two distinct cryptosystems based on Rabin's scheme. The first incorporates coding theory and provides encryption only. The second provides simultaneously both private encryption and digital signature for network users. In the cases where the second scheme provides only encryption or only digital signature, the scheme provides that the bit ratio between plaintext and ciphertext is 1:1, i.e. equivalent to that of the RSA scheme. >