Browse Prior Art Database

Secure Source Data Transport in a Three Party System

IP.com Disclosure Number: IPCOM000112313D
Original Publication Date: 1994-Apr-01
Included in the Prior Art Database: 2005-Mar-27
Document File: 4 page(s) / 88K

Publishing Venue

IBM

Related People

Graves, JS: AUTHOR [+3]

Abstract

A method is disclosed which allows information suppliers to securely distribute data to information customers who, in turn, use the data in third party tools. Shown is a means for allowing a tool to analyze the original data, while allowing the information customer to act only as a carrier of an unreadable form of the data.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 53% of the total text.

Secure Source Data Transport in a Three Party System

      A method is disclosed which allows information suppliers to
securely distribute data to information customers who, in turn, use
the data in third party tools.  Shown is a means for allowing a tool
to analyze the original data, while allowing the information customer
to act only as a carrier of an unreadable form of the data.

      The disclosed methodology requires that an independent party
first build a standard encryption package in the form of a software
program.  The Figure denotes this package as "Std Encryption
Package." It is this software package which will actually cipher the
original data into a human unreadable form.  Any Information Supplier
who wishes to distribute data using the disclosed methodology will
possess this standard encryption package.

STEP 1

The information supplier uses the package by supplying a minimum of
three inputs:

1.  Clear textual data.

2.  Well known name(s) for a Tool Supplier(s).

3.  Confidential key(s) provided by the Tool Supplier(s) (Key(T) in
    the Figure).

      A random key (Key(R) in the Figure) will be produced during
runtime, perhaps seeded by the system clock, but in no way traceable.
This random key will be used to seed a well known encryption
algorithm for encrypting the subject textual data.  The choice of
encryption algorithm is not critical to this program, but it must be
available to the Tool Supplier(s) and should be accepted as a
relatively sophisticated and secure algorithm (e.g., DES.)  This
disclosure will call the algorithms ENCRYPT or DECRYPT.

The program will now cipher the clear textual data using the randomly
generated key:

          ciphered_text = ENCRYPT( clear_text, Key(R) )

Once the text has been ciphered, the random key will itself be
encrypted:

          Key(RT) = ENCRYPT( Key(R), Key(T) )

A different Key(RT) should be generated for each Tool Key provided.

STEP 2

Once the package has finished these two encryption steps, it can
begin writing output to a file or disk.  The output file will be
broken into three sections:

1.  Length of ciphered text fi...