Browse Prior Art Database

Dynamic Communication Key Accumulated from Previous Message Content

IP.com Disclosure Number: IPCOM000049548D
Original Publication Date: 1982-Jun-01
Included in the Prior Art Database: 2005-Feb-09
Document File: 1 page(s) / 12K

Publishing Venue

IBM

Related People

Svigals, J: AUTHOR

Abstract

A method of providing an encryption key at a terminal to encrypt messages moving between the terminal and the host computer uses a master key loaded in the terminal at installation time. The master key is battery protected and is used to restart. Using the master key, communication keys are encrypted and sent to the terminal for use in encrypting subsequent messages. In those cases where it may not be possible or desirable to load a master key in a terminal, a communication key can be generated using parts of a plurality of previous messages. For example, the personal identification number values from the current and three preceding messages can be concatenated to provide a 56-bit encryption key.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 78% of the total text.

Page 1 of 1

Dynamic Communication Key Accumulated from Previous Message Content

A method of providing an encryption key at a terminal to encrypt messages moving between the terminal and the host computer uses a master key loaded in the terminal at installation time. The master key is battery protected and is used to restart. Using the master key, communication keys are encrypted and sent to the terminal for use in encrypting subsequent messages. In those cases where it may not be possible or desirable to load a master key in a terminal, a communication key can be generated using parts of a plurality of previous messages. For example, the personal identification number values from the current and three preceding messages can be concatenated to provide a 56-bit encryption key. Registers in the protected memory areas of the terminal and the host computer continually accumulate these personal identification number values and use them as the communication encryption key. The register is shifted four digits for each new transaction. Upon receipt of a message at the host computer, a key consisting of parts of the prior four messages is used to decrypt the initial values, for example, the current personal identification number and transaction count. The new personal identification number when verified is then shifted into the register for use with the next message encryption in either direction.

To restart or resynchronize the communication encryption key, the first personal identif...