Browse Prior Art Database

General Method of Key Confirmation

IP.com Disclosure Number: IPCOM000117573D
Original Publication Date: 1996-Apr-01
Included in the Prior Art Database: 2005-Mar-31
Document File: 2 page(s) / 57K

Publishing Venue

IBM

Related People

Johnson, DB: AUTHOR [+2]

Abstract

Disclosed is a general method of key confirmation.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

General Method of Key Confirmation

      Disclosed is a general method of key confirmation.

There is a general requirement for key confirmation in the following
scenarios:
  1.  When a key has been derived by 2 parties from a shared secret
       (perhaps a key agreement protocol) and is supposed to be the
       sam value.
  2.  When a key has been sent from one party to another and the
       recipient wishes to ensure the correct value has been
recovered.
  3.  When a key has been unused for some time and one wishes to
check
       that it has not been inadvertantly altered.

      In a network of cryptographic systems, key is distributed.
However, symmetric kys must be the same on all systems where they
exist, if the keys are different, erroneous and possibly
unrecoverable processing could result.  For example, once symmetric
keys are agreed upon using a key agreement protocol, there is often a
desire to verify  that the symmetric keys are actually the same
value.  Also, asymmetric  private keys need to be able to be tested
to ensure they have integrity  and their value has not been altered.
This is called the key confirmation problem.

Some goals of a key confirmation method:
  1.  It is undesirable to reveal information about a key that allows
a
       key exhaustion attack to be able to execute faster than
without
       the key confirmation information.
  2.  The key confirmation process needs to allow an arbitrary level
of
       assurance that the key values agree.  For example, for some
       solutions a error possibility of 2**-16 is acceptable and for
       others this ma...