Browse Prior Art Database

PASSWORD PROTECTION KEY DISCLOSURE

IP.com Disclosure Number: IPCOM000007050D
Original Publication Date: 1993-Oct-01
Included in the Prior Art Database: 2002-Feb-21
Document File: 4 page(s) / 207K

Publishing Venue

Motorola

Related People

Alan Lee Wilson: AUTHOR

Abstract

This invention is a password protection key to allow a Key Management Controller (KMC) to unlock a radio for a user in the event that the user has forgotten the password. This invention provides the following features: 1. A user can gain access to a radio aRer the password has been forgotten or corrupted. 2. The secrecy of the password is maintained, only the protection key is known by the KMC. This requires a cryptanalyst to possess both the protection key known only to the KMC as well as the radio itself; in order to gain access to the radio's shadow keys. 3. An audit trail is created so that a password change record can be tested in a security audit. This allows bona fide users to know that the password has been changed in the event that a cryptanalyst has breached the security ofthe password.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 40% of the total text.

Page 1 of 4

0 M

MOTOROLA INC. Technical Developments Volume 20 October 1993

PASSWORD PROTECTION KEY DISCLOSURE

by Alan Lee Wilson

  This invention is a password protection key to allow a Key Management Controller (KMC) to unlock a radio for a user in the event that the user has forgotten the password. This invention provides the following features:

1. A user can gain access to a radio aRer the password has been forgotten or corrupted.
2. The secrecy of the password is maintained, only the protection key is known by the KMC. This requires a cryptanalyst to possess both the protection key known only to the KMC as well as the radio itself; in order to gain access to the radio's shadow keys.
3. An audit trail is created so that a password change record can be tested in a security audit. This allows bona fide users to know that the password has been changed in the event that a cryptanalyst has breached the security ofthe password.

  Astro radios use a password to encrypt the traE tic and shadow keys in the radio. A user must enter the correct password to .gain access to these keys. The password is not stored in the radio, nor is it stored in part of the radio system. The password is

known only to the legitimate user of the radio. Unauthorized users cannot gain access to the keys without the password. The only key that is not protected with the password is the Key Loss Key (KLK).

  It is possible for the KMC to reload all the encryption keys in the radio using the KLK to encrypt the keys. This key loading can be done over the air with Over the Air Rekeying (OTAR) in Advanced Securenet or Astro radio systems. If the legitimate user of the radio forgets the password, then there is no way to operate the radio in the secure mode with- out erasing all of the keys and reloading them via OTAR from the KMC.

  This invention allows a KMC to assist a user to gain access to the encryption keys without compro- mising the secrecy of the password. It may be used by authorized users to access the keys in the event that they forget their password. This invention avoids the transfer of all of the keys via OTAR. It allows a system security manager to distinguish between a simple password loss, and a deliberate key erasure by the radio's legitimate user.

@Motorola. 1°C. ,993 129

[This page contains 15 pictures or other non-text objects]

Page 2 of 4

Password Protection Key System

Current Astro Subscriber Radio,

/

RADIO USER

password ,, ,i expander

4 (hash fun)

key

Working Mem SL -Non-vol Mem

~rafyi;: HUH z:Fj

Traffic K

New 1 1

Key Management Center

Elemc~ ~:- 1 '

2nts I I-I' ,,,.,

KLK

KLK[PPK]

, * ,., .,,, ,,/ ,... m/s*, ,,, e, ,.z: .a, ., ,,,, ,<a/ c, \I.I ,., >, 8, ,', ">,, s. ,,.. ,, m ,, ,, ,

[This page contains 15 pictures or other non-text objects]

Page 3 of 4

MOTOROLA INC. Technical Developments Volume 20 October 1993

  An Astro radio currently protects all of its encryption keys, except the KLK, with an encryption key derived by expanding a password. The password is ent...