Suche Bilder Maps Play YouTube News Gmail Drive Mehr »
Erweiterte Patentsuche | Abbildungen der Seite | Webprotokoll | Anmelden

Patente

  

United States Patent [w]

Johnson et al.

Ill

US006052469A [ii] Patent Number: [45] Date of Patent:

6,052,469 Apr. 18,2000

[54] INTEROPERABLE CRYPTOGRAPHIC KEY RECOVERY SYSTEM WITH VERIFICATION BY COMPARISON

[75] Inventors: Donald Byron Johnson, Pleasant Valley, N.Y.; Paul Ashley Karger, Acton; Charles William Kaufman, Jr., Norfhborough, both of Mass.; Stephen Michael Matyas, Jr., Poughkeepsie, N.Y.; David Robert Safford, Brewster, N.Y.; Marcel Mordechay Yung, New York City, N.Y.; Nevenko Zunic, Wappingers Falls, N.Y.

[73] Assignee: International Business Machines Corporation, Armonk, N.Y.

[21] Appl. No.: 09/133,877 [22] Filed: Aug. 14, 1998

Related U.S. Application Data

[63] Continuation of application No. 08/681,679, Jul. 29, 1996, Pat. No. 5,796,830.

[51] Int. CI.7 H04L 9/08; H04L 9/14;

H04L 9/28

[52] U.S. CI 380/286; 380/278; 380/28;

713/171

[58] Field of Search 380/21, 23, 28,

380/30, 49, 26 B, 278, 286; 713/171

[56] References Cited

U.S. PATENT DOCUMENTS

5,724,425 3/1998 Chang et al 380/25

5,761,305 6/1998 Vanstone et al 380/21

5,848,156 12/1998 Murakami 380/21

5,857,022 1/1999 Sudia 380/23

5,901,227 5/1999 Perlman 380/21

5,933,504 8/1999 Vanstone et al 380/30

Primary Examiner—-Tod R. Swann

Assistant Examiner—-Justin T. Darrow

Attorney, Agent, or Firm—-William A. Kinnaman Jr.

[57] ABSTRACT

A cryptographic key recovery system that is interoperable with existing systems for establishing keys between communicating parties. The sender uses a reversible key inversion function to generate key recovery values P, Q and (optionally) R as a function of a session key and public information, so that the session key may be regenerated from the key recovery values P, Q and (if generated) R. Key recovery values P and Q are encrypted using the respective public recovery keys of a pair of key recovery agents. The encrypted P and Q values are included along with other recovery information in a session header accompanying an encrypted message sent from the sender to the receiver. The key recovery agents may recover the P and Q values for a law enforcement agent by decrypting the encrypted P and Q values in the session header, using their respective private recovery keys corresponding to the public keys. The R value, if generated, is not made available to the key recovery agents, but is ascertained using standard cryptanalytic techniques in order to provide a nontrivial work factor for law enforcement agents. The receiver checks the session header of a received message to ensure that the sender has included valid recovery information. Only when the receiver has verified that the sender has included valid recovery information does the receiver decrypt the received message.

20 Claims, 11 Drawing Sheets

[graphic][subsumed][table][merged small][graphic][merged small][graphic]
[merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][graphic][merged small][merged small][merged small][graphic][merged small][merged small][table][merged small][merged small][merged small][merged small][merged small]
[merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][table][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small]
[table][merged small][merged small][merged small][merged small][merged small][merged small][merged small][table]

n+b-(b/2) BITS n+(b/2) BITS r BITS n+b-(b/2) BITS n+(b/2) BITS

[merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][table][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small]
« ZurückWeiter »