Browse Prior Art Database

Hybrid Key Distribution Scheme Giving Key Record Recovery

IP.com Disclosure Number: IPCOM000111006D
Original Publication Date: 1994-Feb-01
Included in the Prior Art Database: 2005-Mar-26

Publishing Venue

IBM

Related People

Johnson, DB: AUTHOR [+5]

Abstract

This article describes a method of hybrid key distribution wherein a key belonging to a symmetric key algorithm (e.g., a DEA key) is encrypted with a public key belonging to an asymmetric key algorithm (e.g., with an RSA or Rabin public key). The encrypted DEA key is transmitted to a receiving device where it is decrypted with the private key belonging to the asymmetric key algorithm (e.g., with an RSA or Rabin private key) and typically re-encrypted with a master key belonging to the receiving device and then stored in a key data set. For the specific example, it shall be assumed the symmetric and asymmetric algorithms are the Data Encryption Algorithm and the RSA algorithm, respectively.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 14% of the total text.

Hybrid Key Distribution Scheme Giving Key Record Recovery

      This article describes a method of hybrid key distribution
wherein a key belonging to a symmetric key algorithm (e.g., a DEA
key) is encrypted with a public key belonging to an asymmetric key
algorithm (e.g., with an RSA or Rabin public key).  The encrypted DEA
key is transmitted to a receiving device where it is decrypted with
the private key belonging to the asymmetric key algorithm (e.g., with
an RSA or Rabin private key) and typically re-encrypted with a master
key belonging to the receiving device and then stored in a key data
set.  For the specific example, it shall be assumed the symmetric and
asymmetric algorithms are the Data Encryption Algorithm and the RSA
algorithm, respectively.  In broad terms, a to-be-distributed DEA key
is first stored in a key record, then processed to form a key block
whose length is equal to the block size of the public key algorithm
(for RSA and Rabin, the block size is the modulus length), and then
encrypted with the RSA public key.  Documenting the method of key
processing ensures that users of an arbitrary cryptosystem supporting
the same public key algorithm and key processing method are able to
meet potential interoperability requirements associated with the IBM*
method of hybrid key distribution.  The method also has certain
security and operational advantages over more direct methods.

      Fig. 1 illustrates the high-level overview of the subprocesses
for producing an encrypted key block from a key record.  The
subprocesses consist of (1) a checking subprocess that performs
consistency checking on the key record bit length (n) and the modulus
bit length (k), (2) an expanding subprocess that produces a k-bit
expanded record from an n-bit key record, (3) a masking subprocess
that Exclusive-OR's a mask with the expanded key record to produce a
k-bit masked record, (4) an overwriting subprocess that sets certain
fields in the masked record to prescribed values to produce a k-bit
overwritten record, and (5) an encrypting subprocess that encrypts
the overwritten record to produce a k-bit encrypted key block.

      The method of key processing requires the following conditions
be satisfied.  The key record length (n) must be greater than or
equal to 64.  That is, the key record must at least contain a 64-bit
key.  The key must be, and is assumed to be, right-justified within
the key record.  The modulus length (k) must be greater than or equal
to the key record length (n) plus 96.  This ensures that the key
processing algorithm can build an expanded record containing the
minimum necessary information.

      The key processing algorithm makes use of a 64-bit random
number RN to produce a k-bit mask.  The mask ensures that the same
key record results in different overwritten records, whenever a key
record is encrypted under multiple different public keys for
distribution to multiple different receiving devices. ...