Browse Prior Art Database

Secret Key Distribution With 0(1) System Definition

IP.com Disclosure Number: IPCOM000100906D
Original Publication Date: 1990-Jun-01
Included in the Prior Art Database: 2005-Mar-16
Document File: 1 page(s) / 53K

Publishing Venue

IBM

Related People

Janson, PA: AUTHOR

Abstract

The invention described below allows the distribution of secrets (e.g., secret DES encryption keys) to multiple parties using only a common one-way secret channel to simplify system definition.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 58% of the total text.

Secret Key Distribution With 0(1) System Definition

       The invention described below allows the distribution of
secrets (e.g., secret DES encryption keys) to multiple parties using
only a common one-way secret channel to simplify system definition.

      Of all existing cryptographic techniques used in computer
net-working, DES is the most popular and easiest to implement at low
cost and with high performance.  Its main drawback is that it
requires two communicating parties to somehow acquire a common secret
cryptographic key.  In a network of N parties where any one would
want to communicate with any other, N*(N-1) secret keys would have to
be distributed, which is a fair size system definition problem. Known
methods exist (e.g., the Diffie-Hellman scheme) whereby this O(N**2)
problem may be reduced to an O(N) problem by providing every one of
the N parties with its own secret, from which it can compute a
suitable secret DES key to communicate with any other party.

      This invention proposes a technique to reduce the system
definition problem further to O(1).  The technique assumes that a
trusted key distribution service is available at one of the network
stations.  To distribute the necessary secret DES keys, that service
uses a public key cryptographic system, such as RSA, for instance.
At initialization, it must be given only its own single secret RSA
key.  Thereafter, its matching public RSA key may be freely given to
any other network party...