Browse Prior Art Database

Public Key Enciphering/ Deciphering Transformations Using a Conventional Algorithm

IP.com Disclosure Number: IPCOM000050020D
Original Publication Date: 1982-Aug-01
Included in the Prior Art Database: 2005-Feb-09
Document File: 8 page(s) / 53K

Publishing Venue

IBM

Related People

Lennon, RE: AUTHOR [+3]

Abstract

A method is disclosed for performing pseudo public-key enciphering/ deciphering transformations using a conventional cryptographic algorithm. In the present article, a data-encrypting key (K) is enciphered under a variant (KMX) of a host master key (KM0), with the resulting encipherment, i.e., E(KMX) (K), being used only for enciphering data. With this arrangement, the user who possesses the quantity E(KMX) (K) can only encipher data, whereas the user who possesses the quantity E(KM0) (K) can encipher and decipher data. Thus, E(KMX) (K) logically corresponds to a public (non-secret) key used in a public key cryptosystem while E(KM0) (K) logically corresponds to the private (secret) key used in the public key cryptosystem.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 14% of the total text.

Page 1 of 8

Public Key Enciphering/ Deciphering Transformations Using a Conventional Algorithm

A method is disclosed for performing pseudo public-key enciphering/ deciphering transformations using a conventional cryptographic algorithm. In the present article, a data-encrypting key (K) is enciphered under a variant (KMX) of a host master key (KM0), with the resulting encipherment, i.e., E(KMX) (K), being used only for enciphering data. With this arrangement, the user who possesses the quantity E(KMX) (K) can only encipher data, whereas the user who possesses the quantity E(KM0) (K) can encipher and decipher data. Thus, E(KMX) (K) logically corresponds to a public (non-secret) key used in a public key cryptosystem while E(KM0) (K) logically corresponds to the private (secret) key used in the public key cryptosystem.

ENCIPHER ONLY (ENCO) OPERATION: The 'public' attribute of a key is achieved in part by defining a host ENCIPHER ONLY (ENCO) operation as: ENCO:E(KMX) (K),DATA--->E(K) (DATA). In this type of notation the input parameters appear to the left of the arrow while the output parameter appears to the right of the arrow. Data is recovered by a standard DECIPHER DATA (DCPH) operation: DCPH: E(KM0) (K),E(K)(DATA)--->DATA. Fig. 1 illustrates the present method for executing an ENCO operation at a sending station to encipher data using the public key and executing the DCPH operation at the receiving station to decipher the enciphered data using the private key. A cryptographic facility is provided at each station which includes a secure cipher device, key and data registers, a non-volatile memory for storing a master key, and control functions to control the facility and set the cipher device in either an encipher (E) or decipher (D) mode of operation, as more fully described in (1).

Thus, when the ENCO function is invoked, the crypto facility at the sending station is first set to the decipher (D) mode of operation and the public key E(KMX) (K) is first deciphered under control of the variant (KMX) of the host master key, obtained by inverting specified bits of the host master key (KM0), to obtain the data-encrypting key (K) as the working key for the next cipher operation. Next, the crypto facility is set to the encipher (E) mode of operation, and DATA is enciphered under control of (K) to obtain the enciphered result E(K) (DATA). At the receiving station, when the decipher data (DCPH) function is invoked, the crypto facility at the receiving station is set to (D) and the private key E(KM0) B(K) is deciphered under control of the host master key KM0 to obtain the data-encrypting key (K) as the working key for the next cipher operation where E(K)(DATA) is deciphered under control of (K) to obtain the DATA in clear form.

GENERATE KEY (GKEY)/GENERATE VARIANT-X KEY (GXKEY) OPERATIONS: To allow a user to create a public and private key pair, i.e., E(KMX) (K) and E(KM0) (K), a key generation function is defined called GENERATE KEY (GKEY):()--->E(K...