Browse Prior Art Database

Cryptographic Initialization Test

IP.com Disclosure Number: IPCOM000119621D
Original Publication Date: 1991-Feb-01
Included in the Prior Art Database: 2005-Apr-02
Document File: 4 page(s) / 61K

Publishing Venue

IBM

Related People

Holloway, C: AUTHOR [+2]

Abstract

To increase the security of cryptographic key entry, more than one person should be involved in the key entry process. In that case it takes the collaboration of all people to compromise the key.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 72% of the total text.

Cryptographic Initialization Test

      To increase the security of cryptographic key entry, more
than one person should be involved in the key entry process. In that
case it takes the collaboration of all people to compromise the key.

      To implement such a concept, the trivial key (KEY) is split up
into components, which are then given to the designated people.

      The invention covers one (or more) of these components for a
dual purpose.  It not only enables the construction of the
appropriate key, but is also allows to test if the proper  trivial
key was generated.

      The concept will be demonstrated by using dual key entry, but
is easily expandable to more than 2 people. Let
 KEY = KA O KB
where O indicates modulo 2 addition and KA, KB are the two components
which determine the key (KA is given to person A and KB to person B).
By defining KA = f(KEY) such that knowledge of KA does not reveal
KEY, KA can be used to check correct key entry.  For example, let
 KA = EKEY(ID)
where E indicates encipherment and ID is an identifier.

      Then
KB = KEY O EKEY(ID)
Given KEY, the component KA and KB can then be evaluated and given to
the two people.  At the entry point, person A provides KA, person B
provides KB, and the system mode constricts.
      Reference = KA O KB.
      Next, it is checked if
      KA = EReference(ID)
If this is true, it is concluded that Reference = KEY; otherwise, the
key entry process is aborted.

 ...