Showing papers on "Encryption published in 1994"

The RC5 encryption algorithm

Abstract: This document describes the RC5 encryption algorithm, a fast symmetric block cipher suitable for hardware or software implementations. A novel feature of RC5 is the heavy use of data-dependent rotations. RC5 has a variable word size, a variable number of rounds, and a variable-length secret key. The encryption and decryption algorithms are exceptionally simple.

Electronic document verification system and method

Abstract: The integrity or the signator of an electronic document can be verified by embedding a security object, for example, supported by an object linking and embedding (OLE) capability, in the electronic document at a location selected by the signator. The embedded security object includes security information and an identifier for invoking the processing of the security information. The security information may include a document digest that characterizes the electronic document at the time the security object was embedded, a signature digest that identifies the signator and that characterizes the instance of the embedded security object, and the signator's electronic chop, which may be the signator's digitized signature or other graphic image. In addition, the security information can be encrypted using either private key encryption or public key encryption. When the electronic document is later displayed, the identifier invokes processing that decrypts the security information and calculates the document digest based on the current state of the electronic document. The signator of the electronic document can be verified based upon the result of the decryption. The integrity of the electronic document can be verified if the decrypted document digest matches the calculated document digest. If the signator and the document integrity are confirmed, the electronic chop is displayed in the document. If, however, the signator or document integrity are not verified, the electronic chop is not displayed. In addition, a warning message may be displayed if verification fails.

PGP: Pretty Good Privacy

Abstract: From the Publisher: Use of the Internet is expanding beyond anyone's expectations. As corporations, government offices, and ordinary citizens begin to rely on the information highway to conduct business, they are realizing how important it is to protect their communications -- both to keep them a secret from prying eyes and to ensure that they are not altered during transmission. Encryption, which until recently was an esoteric field of interest only to spies, the military, and a few academics, provides a mechanism for doing this. PGP, which stands for Pretty Good Privacy, is a free and widely available encryption program that lets you protect files and electronic mail. Written by Phil Zimmermann and released in 1991, PGP works on virtually every platform and has become very popular both in the U.S. and abroad. Because it uses state-of-the-art public key cryptography, PGP can be used to authenticate messages, as well as keep them secret. With PGP, you can digitally "sign" a message when you send it. By checking the digital signature at the other end, the recipient can be sure that the message was not changed during transmission and that the message actually came from you. PGP offers a popular alternative to U.S. government initiatives like the Clipper Chip because, unlike Clipper, it does not allow the government or any other outside agency access to your secret keys. PGP: Pretty Good Privacy by Simson Garfinkel is both a readable technical user's guide and a fascinating behind-the-scenes look at cryptography and privacy. Part I, "PGP Overview," introduces PGP and the cryptography that underlies it. Part II, "Cryptography History and Policy," describes the history of PGP -- its personalities, legal battles, and other intrigues; it also provides background on the battles over public key cryptography patents and the U.S. government export restrictions, and other aspects of the ongoing public debates about privacy and free speech. Part III, "Using PGP," describes how to use PGP: protecting files and email, creating and using keys, signing messages, certifying and distributing keys, and using key servers. Part IV, "Appendices," describes how to obtain PGP from Internet sites, how to install it on PCs, UNIX systems, and the Macintosh, and other background information. The book also contains a glossary, a bibliography, and a handy reference card that summarizes all of the PGP commands, environment variables, and configuration variables.

Yaksha, an improved system and method for securing communications using split private key asymmetric cryptography

Abstract: In a system, such as a system utilizing a Kerberos protocol, system users each have an associated asymmetric crypto-key. The security of communications over the system is enhanced by a first user generating a temporary asymmetric crypto-key having a first temporary key portion and an associated second temporary key portion. The second temporary key portion is encrypted by the first user with the first private key portion of the first user crypto-key to form a first encrypted message. Another user, preferably an authentication server, applies the second private key portion and the public key portion of the first user crypto-key to the first encrypted message to decrypt the second temporary key portion and thereby authenticate the first user to the security server. The authentication server then encrypts the first encrypted message with the second private key portion of the first user crypto-key to form a second encrypted message. The first user next applies the public key portion of the first user crypto-key to decrypt the second encrypted message and obtain the second temporary key portion, thereby authenticating the security server to the first user.

Method and apparatus for enabling trial period use of software products: method and apparatus for passing encrypted files between data processing systems

Abstract: A method and apparatus is provided for transferring encrypted files from a source computer to one or more target computers. An export program is provided in the source computer and an import program is provided in the target computer. The export program decrypts the encrypted file and tags the export operation with an export counter value. The clear text file is then encrypted with an encryption operation utilizing a key which is unique to a transfer memory media, such as diskette serial number. The memory media is carried to a target computer which utilizes the import file to decrypt the encrypted file.

Authentication system using one-time passwords

Abstract: A system for authenticating a user located at a requesting node to a resource such as a host application located at an authenticating node using one-time passwords that change pseudorandomly with each request for authentication. At the requesting node a non-time-dependent value is generated from nonsecret information identifying the user and the host application, using a secret encryption key shared with the authenticating node. The non-time-dependent value is combined with a time-dependent value to generate a composite value that is encrypted to produce an authentication parameter. The authentication parameter is reversibly transformed into an alphanumeric character string that is transmitted as a one-time password to the authenticating node. At the authenticating node the received password is transformed back into the corresponding authentication parameter, which is decrypted to regenerate the composite value. The non-time-dependent value is replicated at the authenticating node using the same nonsecret information and encryption key shared with the requesting node. The locally generated non-time-dependent value is combined with the regenerated composite value to regenerate the time-dependent value. The user is authenticated if the regenerated time-dependent value is within a predetermined range of a time-dependent value that is locally generated at the authenticating node.

Secure payment method using facsimile

Abstract: Electronic funds transfer processes are being put into place to replace the paper based check clearing process. Although ubiquitous in the business environment, facsimile transmission technology has not been used for electronic transfer of funds. Fraud prevention and uncertainties in the legal status of a facsimile transmission are among the impediments for electronic funds transfer with facsimile. The method for transferring funds from a payer to a payee comprises the steps of preparing a payment form including information for identifying an amount to be transferred, a bank of the payee and an account number of the payee, receiving and verifying a security code at an encryption unit to authorize a transmission including an encryption, preparing a facsimile transmission device to send an image of the payment form, connecting the facsimile device through the encryption unit over a communication line to a payment service provider, receiving at the payment service provider the transmission including an encryption, and sending a confirmation message to the facsimile device that the transmission has been correctly received, decrypting the encryption at the payment service provider, determining whether the encryption was authentically generated by the payer, extracting the identifying information from the facsimile transmission, and generating an electronic funds transfer request based on the identifying information provided that the encryption is determined to be authentic.

Method and apparatus for secure remote authentication in a public network

Abstract: A client workstation provides a login address as an anonymous ftp (file transfer protocol) request, and a password as a user's e-mail address. A destination server compares the user's e-mail address provided as a password to a list of authorized users' addresses. If the user's e-mail address is located on the list of authorized users' addresses maintained by the destination server, the destination server generates a random number (X), and encrypts the random number in an ASCII representation using encryption techniques provided by the Internet Privacy Enhanced Mail (PEM) procedures. The encrypted random number is stored in a file as the user's anonymous directory. The server further establishes the encrypted random number as one-time password for the user. The client workstation initiates an ftp request to obtain the encrypted PEM random number as a file transfer (ftp) request from the destination server. The destination server then sends the PEM encrypted password random number, as an ftp file, over the Internet to the client workstation. The client workstation decrypts the PEM encrypted file utilizing the user's private RSA key, in accordance with established PEM decryption techniques. The client workstation then provides the destination server with the decrypted random number password, which is sent in the clear over the Internet, to login to the destination server. Upon receipt of the decrypted random number password, the destination server permits the user to login to the anonymous directory, thereby completing the user authentication procedure and accomplishing login.

Software pay per use system

Abstract: A pay per use system for the prevention of the unauthorized use of computer software. An encryption program encodes original software to produce secured software. The encoding is accomplished by using cryptographic techniques. In order to use the software, a user must call a telephone number to receive the cryptographic keys necessary to decrypt the secured software. Thus, users must pay for each use of the secured software. The system allows software developers to freely distribute the secured software. Copies of the secured software may be freely made, because payment is based on each use of the software not on each copy of the software.

Programmable distributed personal security

Abstract: The present invention is embodied in a Secured Processing Unit (SPU) chip, a microprocessor designed especially for secure data processing. By integrating keys, encryption/decryption engines and algorithms in the SPU, the entire security process is rendered portable and easily distributed across physical boundaries. The invention is based on the orchestration of three interrelated systems: (i) detectors, which alert the SPU to the existence, and help characterize the nature, of a security attack; (ii) filters, which correlate the data from the various detectors, weighing the severity of the attack against the risk to the SPU's integrity, both to its secret data and to the design itself; and (iii) responses, which are countermeasures, calculated by the filters to be most appropriate under the circumstances, to deal with the attack or attacks present. The present invention, with wide capability in all three of the detectors, filters and responses, allows a great degree of flexibility for programming an appropriate level of security/policy into an SPU-based application.

System and method for centralized session key distribution, privacy enhanced messaging and information distribution using a split private key public cryptosystem

Abstract: A encryption method and system using split key public encryption. A first and second user private encryption key and a corresponding first and second user public encryption key are generated. The first and second user private encryption keys are divided into a first and second private user key portion and a corresponding first and second central authority key portion. The first and second private user key portions are respectively disclosed to the first and second users. The central authority key portions and the user public encryption keys are maintained by a central authority (CA). The first user request a communications session with the second user through the CA. After receiving the request, the CA encrypts a session encryption key with (i) the central authority key portion and user public encryption key associated with a first user to form a first encrypted session key and (ii) the central authority key portion and user public encryption key associated with the second user to form a second encrypted session key. The first encrypted session key is provided to the first user and the second encrypted session key is provided to the second user. The first user applies the first user's private user key portion to decrypt the first encrypted session key and the second user applies the second user's private user key portion to decrypt the second encrypted session key. The first user and the second user apply the decrypted common session key to encrypt and decrypt messages exchanged during a communications session. The method and system also provide for authorized wiretapping, video and data distribution and private enhanced messaging (PEM).

Method to protect information on a computer storage device

Abstract: A method, using a secret key, to protect information in a storage disk of a computer, where the secret key is derived from a password entered into the computer by an authorized user. The method begins by applying a length-increasing pseudorandom function to the secret key and an index to generate a pseudorandom bit string having a length that is a function of the size of a sector of the storage disk. The sector is associated or otherwise identified by the index used by the pseudorandom function to generate the pseudorandom bit string. The pseudorandom bit string is then used to encrypt and decrypt data accesses to and from the sector.

Method and apparatus for efficient real-time authentication and encryption in a communication system

Abstract: Radio frequency based cellular telecommunication systems often require both subscriber units (100) and communication units (130) of a fixed network communication system to maintain secret data which may be used to verify authenticity as well as provide encrypting variables for message encryption processes. An efficient real-time authentication method and apparatus are provided which use a single message (210) to provide authentication and communication link setup information. Further, an authentication method and apparatus are provided which uses instant-specific information such as a time of day, radio frequency carrier frequency, a time slot number, a radio port number, access manager identifier, a radio port control unit identifier, or a base site controller identifier to enhance the reliability of the authentication process. Furthermore, a method and apparatus are provided for maintaining secure packet data communications through an encryption process by utilizing a packetized message encryption key (502) and a unique packet number (504) as encryption variables.

Fingerprint controlled public key cryptographic system

Abstract: A public key cryptographic system is implemented as follows. In an enrolment apparatus, the unique number for use in generating the public key and private key of the system is generated by manipulation of fingerprint information of a subscriber. A filter is then generated which is a function both of the Fourier transform of the subscriber's fingerprint(s) and of the unique number. This filter is stored on a subscriber card. When the subscriber wishes to generate his public or private key, he inputs his card to a card reader of an apparatus and places his finger(s) on a fingerprint input. The apparatus generates an optical Fourier transform from the fingerprint input. The Fourier transform signal is incident on to a spatial light modulator programmed with the filter information from the card. An inverse transform is generated from the filtered signal and this is used to regenerate the unique number. The apparatus also has a subsystem for utilizing the private key to decrypt an input encrypted message.

System and method for key distribution using quantum cryptography

Abstract: A method of communication based on quantum cryptography is modified to include an initial step of outputting from, eg, a transmitter (T), a single-photon signal, which may be unmodulated A receiver (R1-R3) then randomly selects one of a plurality of encryption alphabets corresponding to different, non-commuting quantum mechanical operators The receiver modulates the single-photon signal with the selected operator and returns the signal to the transmitter The transmitter in turn randomly selects a quantum mechanical operator and uses that operator in detecting the returned signal modulated by the receiver Alternatively, the transmitter may randomly select one of a plurality of encryption alphabets and use that encryption alphabet in modulating the signal The signal is then further modulated at the receiver using a predetermined encryption alphabet When the signal is received back at the transmitter, it is detected using the same quantum mechanical operator as was initially used to modulate it Comparison is made of the states of the single-photon signals as transmitted and received to detect the presence of any eavesdropper

Computer network encryption/decryption device

Abstract: A computer network encryption/decryption device includes at least one microprocessor, microprocessor support hardware, at least two network ports for connecting to upstream and downstream networks, memory hardware for storing program, configuration, and keylist data, and data encryption/decryption hardware. Both network ports have the same network address, making the device transparent to the local area network in which it is spliced. The device operates by selectively encrypting or decrypting only the data portion of a data packet, leaving the routing information contained in the header and trailer portions of the data packet unchanged.

Method and apparatus for performing concryption

Abstract: A method and apparatus for the integrated compression and encryption (concryption) of clear data and for the deconcryption of concrypted data to obtain the clear data for utilization. For concryption, the clear data and an encryption key are obtained, at least one compression step is performed and at least one encryption step is performed utilizing the encryption key. The encryption step is preferably performed on the final or intermediate results of a compression step, with compression being a multistep operation. For deconcryption, decompression and deencryption steps are performed on concrypted data in essentially the reverse order for the performance of corresponding compression and encryption steps during the concryption operation.

Authenticated encryption schemes with low communication costs

Abstract: A possible application of the Nyberg-Rueppel digital signature scheme is for authenticated encryption. The authors present schemes in which the communication costs are low in comparison to the basic scheme and which can be constructed from the Nyberg-Rueppel digital signature scheme.

Method for providing mutual authentication of a user and a server on a network

Abstract: An authentication method (30) that permits a user (12) and a file serving workstation (13) to mutually authenticate themselves. This is accomplished by exchanging a random number that is encrypted by a password (22) that is known to the user (12) and stored in a password file on the file serving workstation (13). A logon ID (21) is sent from the client workstation (11) to the server workstation (13). The stored user password (22) corresponding to the user ID (21) is retrieved from the password file. A random number is created that is encrypted by a symmetric encryption algorithm on the server workstation (13) using the retrieved user password (22), and which provides an encrypted password (24). The user (12) is then requested to enter the password (22) into the user workstation (11). The entered password (22) is used to decrypt the encrypted password (24) received from the server workstation (13) and retrieve the random number therefrom to authenticate the server workstation (13). The random number is then used as the encryption and decryption key for communication between the user and server workstations (11, 13). An encrypted message is transmitted using the random number from the client workstation (12) to the server workstation (13). The encrypted message is decrypted at the server workstation (13) to authenticate the user (11).

System and method for trusted path communications

Abstract: A system and method for identifying and authenticating users and for controlling the access of those users to privileged instructions within a data enclave The data enclave includes a plurality of controllers, such as workstations, connected over a network to a security server; each data enclave is assigned a cryptographic key A personal keying device having an encrypted user unique identifier is assigned to each user; provisions are made for temporarily connecting the personal keying device to one of the controllers and for transmitting an encrypted message, including the user unique identifier and the last countersign, to the security server to authenticate the user and establish his/her access rights A mechanism for updating the countersign is provided so that trusted path communications can be established between the user and the security server

Method and means for combining and managing personal verification and message authentication encrytions for network transmission

Abstract: The method and means of transmitting a user's transaction message to a destination node in a computer-secured network operates on the message, and a sequence number that is unique to the transaction message to form a message authentication code in combination with the user's personal identification number. The message authentication code is encrypted with a generated random number and a single session encryption key which also encrypts the user's personal identification number. An intermediate node may receive the encryptions to reproduce the personal identification number that is then used to encrypt the received message and sequence number to produce the random number and a message authentication code for comparison with a decrypted message authentication code. Upon favorable comparison, the random number and the message authentication code are encrypted with a second session encryption key to produce an output code that is transmitted to the destination node along with an encrypted personal identification number. There, the received encryptions are decrypted using the second session key to provide the personal identification number for use in encrypting the message and sequence number to produce a message authentication code for comparison with a decrypted message authentication code. Upon favorable comparison, the transaction is completed and a selected portion of the decrypted random number is returned to the originating node for comparison with the corresponding portion of the random number that was generated there. Upon unfavorable comparison at the destination node or at an intermediate node, a different portion of the decrypted random number is returned to the originating node for comparison with the corresponding portion of the random number that was generated there. The comparisons at the originating node provide an unambiguous indication of the completion or non-completion of the transaction at the destination node.

Method and apparatus for controlling access to digital signals

Abstract: A method and apparatus are provided for controlling access to digital signals sent via a first communication path and retransmitted over a second communication path. The digital signals, having been encrypted by a first encryption scheme and sent over the first communication path, are received and decrypted. The decrypted signals are then retransmitted over the second communication path using a second encryption scheme that differs from the first encryption scheme.

System and method for authenticating software carriers

Abstract: A disk player that will play only authorized disks. Predetermined data blocks, including those in the lead-in section of the disk which contain content-related data, are processed to derive an authorization code. The authorization code is stored on the disk in encrypted form, using the private key of a public-key cryptosystem pair. The player processes the same disk data to derive a computed code; the player also uses the paired public key to decrypt the encrypted authorization code on the disk. Play of the disk ensues only if the decrypted authorization code matches the computed code. The same technique can be used to control not play of the disk as a whole, but play in certain specific modes.

A 177 Mb/s VLSI implementation of the International Data Encryption Algorithm

Abstract: A VLSI implementation of the International Data Encryption Algorithm is presented. Security considerations led to novel system concepts in chip design including protection of sensitive information and on-line failure detection capabilities. BIST was instrumental for reconciling contradicting requirements of VLSI testability and cryptographic security. The VLSI chip implements data encryption and decryption in a single hardware unit. All important standardized modes of operation of block ciphers, such as ECB, CBC, CFB, OFB, and MAC, are supported. In addition, new modes are proposed and implemented to fully exploit the algorithm's inherent parallelism. With a system clock frequency of 25 MHz the device permits a data conversion rate of more than 177 Mb/s. Therefore, the chip can be applied to on-line encryption in high-speed networking protocols like ATM or FDDI. >

Method and apparatus for secure identification of a mobile user in a communication network

Abstract: Communication between mobile users of and in a computer network is subject to a variety of security issues; user identification and user tracking are two particularly important ones This invention provides a method and an apparatus for securely identifying a mobile user while avoiding trackability of his/her movements, ie it provides a way for a secure user identification in secrecy The gist is to encrypt the user's identifier, and/or his/her password, and a synchronization indication, preferably a fixed time interval, under a secret one-way function and sending the encrypted message, herein called 'dynamic user identifier', to the user's 'home authority' where he/she is registered The home authority comprises correspondence tables listing, pre-computed for every time interval (or another chosen synchronization), the dynamic user identifiers and the corresponding true identity of the user and can thus quickly decide whether the received encrypted message originates from a registered user On the other hand, an intruder is neither able to detect from the encrypted messages the identity of the user nor can he/she track a user's moves

Space requirements for broadcast encryption

Abstract: Fiat and Naor [5] presented at Crypto '93 a new encryption scheme designed for broadcast transmissions. The feature of this scheme is to allow a central broadcast site to broadcast secure transmissions to an arbitrary set of recipients. In this paper we model the problem of unconditionally secure broadcast encryption schemes with an information theoretic framework. We obtain tight limitations both on the number of private keys associated with each user and on the number of keys generated by the center. Finally, we consider the model where interaction is allowed in the common key computation phase proving that the interaction cannot help in decreasing the size of the pieces of information given to the users in the broadcast encryption schemes.

Non-deterministic public key encrypton system

Abstract: A non-deterministic public key encryption system whereby a public key is generated from a private key using mathematical operations equivalent to exponentiation in finite fields Thus an attacker is required to compute logarithms over finite fields Encryption involves generating a random initialization key (R) which is used to (1) exponentiate the message receiver's public key (E) to produce initial values (K) for a pseudorandom binary mixture generator, and to (2) compute an open key (Q) by exponentiating an initial known generator state (a 0 ) A ciphertext (C) is produced from plaintext (P) by clocking the mixture generator from the initial value (K) and combining the output keystream with the plaintext (P) The open key (Q) is attached to the ciphertext prior to transmission Decryption involves extracting the open key (Q) and exponentiating this by the message receiver's private key (D) to compute (K) which is then used to set the initial value of a mixture generator The mixture generator is clocked and its output keystream combined with the ciphertext (C) to produce plaintext (P) The invention may be implemented in special purpose hardware or in software for a general purpose processor

System and method for quantum cryptography

Abstract: In a method of communication using quantum cryptography an encryption alphabet is used for coding signals for transmission on a quantum channel. The encryption alphabet comprises pairs of operators applied successively to single-photon signals transmitted onto the quantum channel with a pre-determined delay between them. When the signals are detected, the different signals of each pair are split according to their encoded state and directed to different detectors via paths giving a differential delay. The delay is substantially complementary to the original pre-determined delay. Coincidence detection is employed at the detectors to eliminate spurious detection counts.

Designated Confirmer Signatures and Public-Key Encryption are Equivalent

Abstract: The concept of designated confirmer signatures was introduced by Chaum [Cha94] to improve a shortcoming of undeniable signatures. The present paper formalizes the definition of designated confirmer signatures and proves that a designated confirmer signature scheme is equivalent to a public-key encryption scheme with respect to existence. In addition, the paper proposes practical designated confirmer signature schemes which are more efficient in signing than the previous scheme [Cha94].