EP3973660A1 - Generating unique cryptographic keys from a pool of random elements - Google Patents

Generating unique cryptographic keys from a pool of random elements

Info

Publication number
EP3973660A1
EP3973660A1 EP20929673.0A EP20929673A EP3973660A1 EP 3973660 A1 EP3973660 A1 EP 3973660A1 EP 20929673 A EP20929673 A EP 20929673A EP 3973660 A1 EP3973660 A1 EP 3973660A1
Authority
EP
European Patent Office
Prior art keywords
elements
matrix
array
row
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP20929673.0A
Other languages
German (de)
French (fr)
Other versions
EP3973660A4 (en
Inventor
Denis Mandich
Christopher Knapp
Austin Bradley
Samuel Wolfson
Matthew Neal
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qrypt Inc
Original Assignee
Qrypt Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qrypt Inc filed Critical Qrypt Inc
Publication of EP3973660A1 publication Critical patent/EP3973660A1/en
Publication of EP3973660A4 publication Critical patent/EP3973660A4/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Definitions

  • This invention relates to the generation and encryption of communications, their transmission over a communications network, and the receipt and decryption of the messages sent; and, more particularly, to the creation and use of unique keys.
  • Data stores and computing devices are increasingly the target of hackers and other security threats, including both witting and unwitting insiders.
  • a basic defensive tactic is to encrypt all of this data and entire devices to render them useless and the data inaccessible if compromised or stolen.
  • Many asymmetric and symmetric key-based encryption algorithms rely on the secure generation, distribution and storage of cryptographic keys. These cryptographic keys are used to reliably encrypt and decrypt data based on algorithms assessed to be hard and number generators considered to be truly random.
  • a set or pool of random elements can be a collection of numbers, symbols or any representation of unique elements that may be efficiently converted into binary digits. This random pool may be arbitrarily large and used as the basis for choosing or generating a subset of random numbers defined as the keys. The entire random pool may also be transformed to produce keys larger than the random set.
  • a set of X random elements may be organized into matrices M of A rows and B columns, where B is the number of elements in X divided by A, where A is greater than one. Using the entire set of X requires A and B to be integers or the extra elements of X may be not be used.
  • a and B are adjustable parameters and may vary for any set X.
  • a key K of length L may be extracted from the matrix using several distinct procedures, individually or in tandem.
  • a linear sequence or one-dimensional array J of length L may be selected from the first row of the matrix starting at any element I, including the first. If (B-I) is less than L, selection of the (B-I+l) element begins at the first column of A and continues sequentially until L is complete.
  • the linear sequence J may be used as the OTP.
  • Additional sequences or keys K may be sampled from some or all of the rows in the matrix, beginning at the same column I or at random columns, varying row to row. These may be individually used as OTPs or they may be XORed together in total or in varying combinations of rows, to produce a single OTP of length L. Individual linear sequences may be non- sequentially selected from each row to produce a variety of combinations. For example, instead of choosing elements sequentially, every second or third element may be used to assemble the sequence J. This selection criteria may be randomized or based on known functions. The random numbers may be generated from quantum entropy sources which produce keys from a verifiably random process.
  • This matrix system introduces randomization to classical random sources and preserves the quantum randomness of quantum random sources. Combining multiple random sources, both quantum and classical, to supply each row in a matrix or separate matrices which are later combined, is a natural extension of this system. More complex combinations including truncated keys and one-dimensional arrays of different sizes are also equally valid.
  • One example of the invention is method for encryption key generation which can have the steps of receiving a plaintext message comprising a fixed character length and receiving, from a source, a plurality of random numbers.
  • a matrix can be created from the plurality random numbers having either or both of a number of rows and a number of columns equal to or greater than the character length.
  • An array can be generated by selecting an initial element within the matrix, selecting subsequent elements using a selection technique until the number of elements in the array is equal to the character length; and rejecting any previously selected elements from the array.
  • the array generating step can include selecting the subsequent elements from one of the same row and the same column, where the row or the column used is the one with the dimension that is equal to or greater than the character length.
  • the generating step can include wrapping back to the initial element in the one of the row or the column of the initial element once the final in that row or column is reached.
  • the selection technique can be selecting sequentially from the initial element or the array is selected from the row of the initial element using any predictable selection technique without reusing elements from any columns.
  • Additional arrays can be generated from the same row or column, and in one example a key or final array can be formed by XORing a plurality of the additional arrays to create a final array. Alternately, a plurality of matrices can be created, each used to generate a plurality of additional arrays and then XORing the plurality of additional arrays together to create a final array.
  • a system can also be used to implement the above method, the system having
  • Figure 1 illustrates an exemplary encrypted communication
  • Figure 2 is a block diagram illustrating an example of the system of the present invention
  • Figure 3 illustrates different examples of patterns used to generate key sequences from a matrix
  • Figures 4A and 4B illustrate examples of intermediate sequences and generating key sequences from the intermediate sequences
  • Figure 5 illustrates examples generating multiple keys and a final key
  • Figure 6 illustrates an example of encrypting an exemplary encrypted communication
  • Figure 7 is an example of a method of encrypting an exemplary communication
  • Figure 8 illustrates additional examples of a method of encrypting a communication
  • Figure 9 illustrates another example of a system to encrypt communications according to the present invention.
  • example devices, systems, and methods presented herein can allow secure end-to-end message transfer between communication devices over an unsecure channel, a basic configuration of which is illustrated in Figure 1.
  • a first user 10 (“Alice”) wants to send a communication to a second user 20 (“Bob”) over an unsecured network 30 (e.g., the Internet).
  • Alice 10 creates a plaintext message 40 which is encrypted into a secure message 45 by the use of an encryption key 50.
  • This key 50 is generated by an encryption engine 55 either resident on Alice’s hardware or supplied by a third-party.
  • the encrypted text 45 is transmitted over the network 30, decrypted using a second key 50’ and the plaintext 40 is available for Bob 20 to access.
  • the second key 50’ can be identical to the first key 50 or mathematically related (e.g. asymmetric keys) to decrypt the encrypted text 45.
  • the communications between Bob 20 and Alice 10 can continue using the same keys, different keys, or any other key exchange to secure the plaintext 40.
  • the present invention focuses on the generation of the keys to secure or authenticate any data exchange using any key exchange method.
  • the system and method uses a one-time pad (OTP) methodology in which the length of the key is the same length as the plaintext which is the same length as the encrypted message.
  • OTP one-time pad
  • Figure 2 illustrates plaintext message 100 having n elements E.
  • the number of elements n is the length L of the message.
  • An OTP encryption/decryption (crypto) engine 200 receives the plaintext message 100 and begins the encryption process.
  • Crypto engine 200 either generates or receives random numbers, preferably from quantum entropy sources 202.
  • the quantum entropy sources 202 can be those as described in US Patent Nos. 9,425,954, 9,660,803 and US Application No. 16/288,722.
  • quantum or classical entropy sources, semiquantum or random number generators can also be used and be generated by software, hardware or any combination thereof. Note while only one source 202 is illustrated, any number of sources can be used.
  • the random numbers R can be pooled 204 and retrieved at the time of encryption or called on demand and pooled. There can be X random numbers R.
  • Crypto engine 200 forms a matrix 206 of A rows 208 and B columns 210 from the random number pool 204.
  • a x B ⁇ X and the dimensionality of matrix 206 may be determined by the encryption function at the beginning of any session.
  • the matrix 206 is formed with a number B of columns 210 equal to or greater than the length of said character length L and the number A of rows 208 is at least 1.
  • the matrix 206 can be populated linearly from pool 204 without using all of the random numbers R.
  • the random numbers can also be “bits” and the extra bits may be selected at random or at discrete points in in the pool 204 and discarded.
  • Matrix 206 may be square or non-square.
  • the random elements populating each matrix 206 element, row 208 or column 210 can be done according to any prescribed method, sequential or otherwise. All elements Y of the pool 204 that exceed A x B elements, may be discarded or incorporated into the matrix through additional operations. For example, extra elements Y may be sequentially XORed into matrix 206 starting with the first or any element until all of Y is consumed. Any algorithmic method based on mathematical sequences or functions may be used to integrate the extra elements Y into the matrix 206 so all random numbers R in the pool 204 are used.
  • the crypto engine 200 can form new pools 204 for each plaintext string 100 or reserve the random numbers Y in the pool 204 for later use.
  • the crypto engine 200 can then form the key 212.
  • the key 212 is formed from by creating a new one-dimensional array.
  • the key array 212 can be created by selecting an initial element within the matrix 206 and selecting subsequent additional elements from the same row as said starting element. In other examples, depending on the initial element, the key 212 can be formed by wrapping back to the first element in the row of said initial element once the final column 210B is reached.
  • the key sequence is created from the matrix 206, until the number of elements in the new onedimensional array 212 is equal to character length L of the plaintext message without reusing elements from any columns 210. In the illustrated example in Figure 2, the key 212 is formed from the first row 208i and starts at the first column 210i .
  • Figure 3 illustrates other examples of matrix 206 and the resulting key 312.
  • the key 312 (which can still be a one-dimensional array) is selected from any row 208 in the matrix 206 either sequentially or non- sequentially.
  • a first key 312A can be created from the elements marked KAI through KA V taken from multiple rows and out of sequence.
  • additional keys 312 can be formed, as exemplified from the hatched areas using sequential or non- sequential techniques.
  • Figure 4A illustrates forming an intermediate sequence 214 pulled from the matrix 206 using any of the above techniques.
  • the sequence 214 can have Q elements and can be a onedimensional array.
  • the sequence 214 can be sampled or assembled from elements of the matrix 206.
  • the sequence 214 may also be used as the key 212 or used as the random elements for creating daughter matrices 212’ and/or additional sequences 214’ of any dimension.
  • Q one-to-one correspondence
  • Figure 4B illustrates a set of arrays/sequences 214 may be XORed together to produce a final key sequence 412 of length L.
  • the individual sequences 214i - 214i V may all be of the same length or they may be varied. If the sequences 214 are of nonuniform length, they may be concatenated, padded or additional linear operations may be applied to achieve all sequences 214 of the same length Q. These operations apply equally when the length of the key sequence 412 is less than the length of the intermediate sequences 214. Meaning, in one example, all sequences 214 must be decreased to the length of the key sequence 412 prior to the XOR application on the set of sequences 214.
  • the first sequence 214i may be individually XORed with aprivate key unique to every user in a multiparty encryption key system. Additional elements may be appended or added to every sequence 214 prior to generating the key sequence 412.
  • Figure 3 illustrates both sequential and non-sequential ordering.
  • Non-sequential patterns can order the elements E from each row, every second, third or any predictable, regular or random column ordering.
  • any element A in rows 208 may only be used once, meaning, each element must be considered consumed before selecting the next element in the sequence 212, 214.
  • the application of functions or known sequences may be iteratively applied to the same row 208 after placing an element A from that row 208 into the sequence 212, 214, for example.
  • Each step used to populate the sequence 212, 214 is effectively diminishing the available elements A in the row 208 to choose from.
  • Additional mixing or concatenation functions can be applied to the remaining elements A in row 208 prior to selecting the next element of the sequence 212, 214.
  • a sequential example is in row 208i, a wrap-around sequence in row 2083, and non-sequential patterns in rows 2084 to 208A.
  • Another example of generating a sequence 212, 214 utilizes the entire pool 204 of random numbers R. In this example, there are Y excess random numbers.
  • the entire pool 204 can be transformed to produce sequences 212, 214 larger than the pool set X.
  • the set of X random elements can be organized into one or more matrices 206 of A rows 208 and B columns 210, where B is the number of elements in X divided by A and where A is greater than one.
  • Using the entire set of X random elements requires A and B to be integers or the extra elements Y of the full pool set X may be not be used.
  • Row and column lengths A and B are adjustable parameters and may vary for any set X.
  • a key 212 of length L may be extracted from the matrix 206 using several distinct procedures, individually or in tandem.
  • a linear sequence or one-dimensional array 212, 214 of length L may be selected from the first row of the matrix starting at any element i including the first. If (B-i) is less than L, selection of the (B-i+1) element begins at the first column 210 of that row 208 and continues sequentially until L is complete.
  • the linear sequence 212, 214 may be used as the OTP.
  • Figure 5 illustrates the sequence concept at the matrix 206 and key set 212 level.
  • Multiple matrices 206i - 206 n of various dimensions may be individually created from the random pool 204, or from a series of sequences 214 manipulated out of a previous matrix 206.
  • the classical or quantum entropy sources 202 used to generate the pool 204 can each be associated with an individual matrix 206 or several matrices 206, each correlated with an individual random number generator or any combination. Although the pool 204 is effectively a large pool of random numbers R, the pool 204 can be subdivided into smaller sets with complex relationships to their entropy origin, quantum or classical. These may be used to generate the plurality of matrices 206 prior to producing the individual key sets 212 correlated with each matrix 206.
  • the key set 212 produced from each matrix 206 may be of uniform or nonuniform length prior to XORing into a final key set 512, analogous to using individual sequences 214.
  • Figure 6 illustrates an example where the plaintext 600 is “hello”.
  • the crypto engine 600 draws the random elements from the pool to form the matrix 606.
  • a simple substitution key 612 is formed from a nonsequential selection from the matrix 606.
  • a sequential key 612 could be “FGHIJ” from row 6O82, while a single array non- sequential key can be “KMOLN” from row 6O83.
  • Figures 7 and 8 illustrate different methods for computer-implemented encryption key generation.
  • any computational device can include, but is not limited to, general purpose computers and servers, field programmable gate arrays (FPGA), processor arrays and networks, dedicated application specific integrated circuits (ASIC) and virtual machines (VM), etc.
  • Specific devices can also include portable electronic devices such as a cellular telephone, tablet computer, laptop computer, and the like.
  • a computer system can be provided that can include a processor and a non-transient memory that stores computerexecutable instructions that when executed by the processor, the processor can perform various operations including manipulating, recording, expanding, and aggregating random numbers from entropy sources into a pool, creating a matrix with such aggregate random numbers, creating key or intermediate sequences, and distributing the sequence.
  • a single device e.g. system on a chip in a mobile or field deployed device
  • Several of such computer systems can be assembled in groups of systems creating a larger network structure of individual nodes that can be physical or virtualized.
  • Figure 7 illustrates an example of a method including selecting a plaintext to be encrypted, wherein said plaintext has a fixed character length (step 700). Establishing a source of random numbers from a single or plurality of hardware and or software entropy sources (step 702) and generating a matrix from said random numbers (step 704).
  • the single or plurality of hardware or software sources 202 can be quantum random number generators.
  • the matrix 206, 606 can be a two-dimensional array and can have a number B of columns 210, 610 equal to or greater than the length L of the plaintext message 100.
  • the number B of columns 210, 610 can equal the plaintext length L
  • the number A of rows 208, 608 can be 1.
  • the number A of rows is equal to or greater than the plaintext length L
  • the number B of columns 210, 610 is equal to 1.
  • at least one dimension A, B of the matrix 206, 606 can be equal to or greater than the plaintext length L.
  • a possible key can be “CHMRW” taken from multiple rows 608 that are part of column 6IO3.
  • the method can include generating an encryption key 212, 512, 612 or intermediate sequence 214 or a one-time pad (step 706). This can be created with a new one-dimensional array key sequence 212, 512, 612 or intermediate sequence 214 by selecting an initial element Ki, Ji within the matrix 206, 606 and selecting subsequent additional elements K n , J n from the matrix 206, 606 (step 708).
  • the selecting step 708 can include sub-steps of taking the initial element Ki, Ji from the same row or column as the starting element (step 710) and/or wrapping back to the first element Ki, Ji in the row or column of the initial element Ki, Ji once a final row or column is reached (step 712).
  • Other sub-steps include sequentially selecting subsequent elements after the initial element Ki, Ji (step 714) or selecting from the row or column the initial element Ki, Ji using any predictable ordering or function (step 716).
  • Another step can be rejecting previously used elements from the matrix (step 718) or said differently, the new one-dimensional array/key sequence/intermediate sequence is created is without reusing elements from any rows and/or columns.
  • Further steps include matching the number of elements K n , J n in the new onedimensional array/key sequence 212, 512, 612 or intermediate sequence 214 to be equal to the plaintext character length L without reusing elements from any columns or rows (step 720).
  • Figure 8 illustrates further examples of methods stemming from the previous steps where selecting the new one-dimensional array/key sequence 212, 312, 512, 612/intermediate sequence 214 is from any row/column 208, 210 in the matrix 206 to generate additional encryption keys 212 (step 800). Other examples can then use a plurality of new onedimensional arrays/key sequences 212, 612/intermediate sequences 214 to create a single final encryption key sequence 512 or one-time pad (step 802).
  • the new one-dimensional array/key sequence 212, 512, 612/intermediate sequence 214, as above, can be generated from the matrix 206, 606 using single or multiple sequential or non- sequential techniques.
  • New arrays/sequences can be XORed together to form the final key sequence 512 (step 804).
  • New arrays/sequences can be generated from a plurality of matrices 206 n and in one example, the plurality of matrices each generate at least one new one-dimensional array/sequence (step 806). As above, the new arrays/sequences can be subsequently XORed together to create a single final one-dimensional array/sequence as the new encryption key 512 or OTP.
  • Figure 9 illustrates an example of a system 1000 for computer-implemented encryption key generation.
  • a plaintext message 900 is received by the system 1000 for encryption and the plaintext 900 has a fixed character length L.
  • the crypto engine 901 accesses one or more entropy/random number sources 902 to receive random numbers R.
  • the entropy/random number sources 902 can be based in hardware or software or a combination of both.
  • the random numbers can be pooled 904 either at the time of access or in advance. Alternate examples do not pool, but the accessed random numbers R are used directly to form a matrix.
  • the matrix 906 can be created from a set of random numbers generated from the random number sources 902 and can have number A of rows 908 and/or a number B of columns 910 equal to or greater than the plaintext character length L.
  • the system 1000 creates an encryption key 912 (which can be used for a one-time pad) from the matrix 906.
  • the encryption key 912 can be a one-dimensional array commencing from an initial element Ki within said matrix and continuing with subsequent additional elements until the length of the key is at least equal to the character length L.
  • the remaining key elements K n can be extracted from the same row 908 or column 910 as the starting element Ki, including wrapping back to the first element in the row 908 or column 910 once the final row/column is reached.
  • the number of key elements K n in the key sequence 912 can be equal to said plaintext character length L without reusing elements from any matrix row 908 or column 910.
  • the key 912 is then applied to the plaintext message 900 to form the encrypted message 945.
  • the encrypted message 945 can then be transmitted.
  • Alice 10 types the plaintext message 900 to send to Bob 20 over a network 30 (unsecured or otherwise).
  • the system 1000 can contain all of the elements needed to receive the plaintext input from Alice 10 and transmit it to Bob 10, or only the elements needed to encrypt/decrypt the message 945.
  • the use of the key 912 by Bob 20 to then decrypt the message 945 can be though a number of known means.
  • the key 912 can be passed to Bob 20 in any known prior art method for his use.
  • both Alice 10 and Bob 20 can share the matrix 906 and only Alice’s and Bob’s systems 1000 know which technique (single or multiple, sequential or nonsequential) to use to form the key 612 from the matrix 906.
  • the matrix 906 can be passed in the clear or encrypted using a different key.
  • the single or plurality of hardware or software random number sources 902 can be quantum random number generators.
  • Subsequent additional elements for the key or intermediate sequences 912 can be selected sequentially in that the new onedimensional array is selected sequentially from the initial element Ki.
  • the new onedimensional array can be selected from the row or column of the initial element Ki using any predictable ordering or function without reusing elements from any row and/or column.
  • the new one-dimensional array can be selected from any row and/or column in said matrix to generate additional encryption keys.
  • the plurality of new onedimensional arrays can be generated from the matrix using a single sequential or non-sequential technique, and the new one-dimensional arrays can be XORed together to create a single final one-dimensional array as the new encryption key or one-time pad.
  • a plurality of matrices each generate new one-dimensional arrays, wherein said new onedimensional arrays are subsequently XORed together to create a single final one-dimensional array as the new encryption key or one-time pad.
  • the matrix can have any number of dimensions (one, two, thee, etc.) and at least one of the dimensions, in certain examples, equals the plaintext character length. This also holds true for the both the intermediate and key sequences.
  • the invention contemplates many variations and modifications of an encryption system, including random number generation, collection, pooling, matrix generation, and sequence generation, additional control functionality, additional communication functionality, additional functionality to meet end user needs not specifically described herein, additional and/or alternative random number sources, additional and/or alternative schemes and means for generating random bit streams, additional and/or alternative schemes for encrypting and/or encapsulating random numbers for secure transfer over an unsecure network, additional and/or alternative schemes for creating virtual entropy sources, etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A system and method for encryption key generation by receiving a plaintext message having a fixed character length and receiving, from a source, a plurality of random number. A matrix is created from the plurality random numbers and has at least one of the number of rows or columns equal to or greater than the character length. An array that can be used as an encryption key or a seed for an encryption key is generated by selecting an initial element within the matrix, selecting subsequent elements using a selection technique until a number of elements in the array is equal to the character length and rejecting any previously selected elements from the array.

Description

Generating Unique Cryptographic Keys from a Pool of Random Elements
Cross Reference to Related Application
This application claims priority of U.S. Patent Application No. 16/375,921 filed April 5, 2019. The entire contents of which are hereby incorporated by reference.
Field of the Invention
This invention relates to the generation and encryption of communications, their transmission over a communications network, and the receipt and decryption of the messages sent; and, more particularly, to the creation and use of unique keys.
Background
Data stores and computing devices are increasingly the target of hackers and other security threats, including both witting and unwitting insiders. A basic defensive tactic is to encrypt all of this data and entire devices to render them useless and the data inaccessible if compromised or stolen. Many asymmetric and symmetric key-based encryption algorithms rely on the secure generation, distribution and storage of cryptographic keys. These cryptographic keys are used to reliably encrypt and decrypt data based on algorithms assessed to be hard and number generators considered to be truly random.
The advent of quantum computers has revealed two flaws in this approach. The mathematical hardness of most algorithms, particularly asymmetric encryption schemes, has no rigorous mathematical proof that it cannot be efficiently broken by advances in mathematics. Further, in most cases, most algorithms can easily be broken by a quantum computer with sufficiently large computing resources. The second flaw is most random number generators are not sampling true probabilistic events to generate provably random numbers. This problem has been solved by the development of quantum random number generators measuring fundamental quantum effects for each bit of random extracted. This has evolved into a new controversy over the “quantumness” of some technological claims. All modem electronics are quantum at some level, even though the randomness they generate would be considered classical noise. The risk is a quantum computer or advances in mathematical analysis could discover the pattern in this classical noise and predict the spectrum of keys produced.
Large random key generators from sources of classical or quantum entropy are an essential measure of security against quantum computers and other scientific advances impacting cryptography. In general, longer keys offer greater cryptographic strength for similar or analogous algorithms. Claude Shannon proved in 1949 the ideal solution is a Vemam cipher, also known as a one-time pad, where keys are as long as the plaintext requiring encryption and the plaintext is of arbitrary size. However, in practice, the cryptographic strength may vary and be tuned up to a one-time pad or something weaker like Advanced Encryption Standard (AES). In either case, appropriate length keys are necessary and must be supported by a disclosed generator design.
Summary
It is an object of the present invention to provide systems, devices, and methods to generate, track and manage encryption keys. A set or pool of random elements can be a collection of numbers, symbols or any representation of unique elements that may be efficiently converted into binary digits. This random pool may be arbitrarily large and used as the basis for choosing or generating a subset of random numbers defined as the keys. The entire random pool may also be transformed to produce keys larger than the random set. In one embodiment, a set of X random elements may be organized into matrices M of A rows and B columns, where B is the number of elements in X divided by A, where A is greater than one. Using the entire set of X requires A and B to be integers or the extra elements of X may be not be used. A and B are adjustable parameters and may vary for any set X.
To encrypt plaintext of length L using a one-time pad (OTP), a key K of length L may be extracted from the matrix using several distinct procedures, individually or in tandem. A linear sequence or one-dimensional array J of length L may be selected from the first row of the matrix starting at any element I, including the first. If (B-I) is less than L, selection of the (B-I+l) element begins at the first column of A and continues sequentially until L is complete. The linear sequence J may be used as the OTP.
Additional sequences or keys K may be sampled from some or all of the rows in the matrix, beginning at the same column I or at random columns, varying row to row. These may be individually used as OTPs or they may be XORed together in total or in varying combinations of rows, to produce a single OTP of length L. Individual linear sequences may be non- sequentially selected from each row to produce a variety of combinations. For example, instead of choosing elements sequentially, every second or third element may be used to assemble the sequence J. This selection criteria may be randomized or based on known functions. The random numbers may be generated from quantum entropy sources which produce keys from a verifiably random process. This is in contrast to pseudo-random number generators and non-quantum electronic noise sources of entropy which are deterministic at some level. There are no proofs or guarantees that advances in mathematics, computer science and physics will not reveal a reproducible pattern in these pseudo random systems.
This matrix system introduces randomization to classical random sources and preserves the quantum randomness of quantum random sources. Combining multiple random sources, both quantum and classical, to supply each row in a matrix or separate matrices which are later combined, is a natural extension of this system. More complex combinations including truncated keys and one-dimensional arrays of different sizes are also equally valid.
One example of the invention is method for encryption key generation which can have the steps of receiving a plaintext message comprising a fixed character length and receiving, from a source, a plurality of random numbers. A matrix can be created from the plurality random numbers having either or both of a number of rows and a number of columns equal to or greater than the character length. An array can be generated by selecting an initial element within the matrix, selecting subsequent elements using a selection technique until the number of elements in the array is equal to the character length; and rejecting any previously selected elements from the array.
The array generating step can include selecting the subsequent elements from one of the same row and the same column, where the row or the column used is the one with the dimension that is equal to or greater than the character length. In another example, the generating step can include wrapping back to the initial element in the one of the row or the column of the initial element once the final in that row or column is reached.
In other examples the selection technique can be selecting sequentially from the initial element or the array is selected from the row of the initial element using any predictable selection technique without reusing elements from any columns.
Additional arrays can be generated from the same row or column, and in one example a key or final array can be formed by XORing a plurality of the additional arrays to create a final array. Alternately, a plurality of matrices can be created, each used to generate a plurality of additional arrays and then XORing the plurality of additional arrays together to create a final array.
A system can also be used to implement the above method, the system having
Brief Description of the Drawings The above and further aspects of this invention are further discussed with reference to the following description in conjunction with the accompanying drawings, in which like numerals indicate like structural elements and features in various figures. The drawings are not necessarily to scale, emphasis instead being placed upon illustrating principles of the invention. The figures depict one or more implementations of the inventive devices, by way of example only, not by way of limitation.
Figure 1 illustrates an exemplary encrypted communication;
Figure 2 is a block diagram illustrating an example of the system of the present invention;
Figure 3 illustrates different examples of patterns used to generate key sequences from a matrix;
Figures 4A and 4B illustrate examples of intermediate sequences and generating key sequences from the intermediate sequences;
Figure 5 illustrates examples generating multiple keys and a final key;
Figure 6 illustrates an example of encrypting an exemplary encrypted communication;
Figure 7 is an example of a method of encrypting an exemplary communication;
Figure 8 illustrates additional examples of a method of encrypting a communication; and
Figure 9 illustrates another example of a system to encrypt communications according to the present invention.
Detailed Description
Generally, example devices, systems, and methods presented herein can allow secure end-to-end message transfer between communication devices over an unsecure channel, a basic configuration of which is illustrated in Figure 1. Here, a first user 10 (“Alice”) wants to send a communication to a second user 20 (“Bob”) over an unsecured network 30 (e.g., the Internet). Alice 10 creates a plaintext message 40 which is encrypted into a secure message 45 by the use of an encryption key 50. This key 50 is generated by an encryption engine 55 either resident on Alice’s hardware or supplied by a third-party. The encrypted text 45 is transmitted over the network 30, decrypted using a second key 50’ and the plaintext 40 is available for Bob 20 to access. The second key 50’ can be identical to the first key 50 or mathematically related (e.g. asymmetric keys) to decrypt the encrypted text 45. The communications between Bob 20 and Alice 10 can continue using the same keys, different keys, or any other key exchange to secure the plaintext 40.
The present invention focuses on the generation of the keys to secure or authenticate any data exchange using any key exchange method. The system and method uses a one-time pad (OTP) methodology in which the length of the key is the same length as the plaintext which is the same length as the encrypted message.
Figure 2 illustrates plaintext message 100 having n elements E. The number of elements n is the length L of the message. An OTP encryption/decryption (crypto) engine 200 receives the plaintext message 100 and begins the encryption process. Crypto engine 200 either generates or receives random numbers, preferably from quantum entropy sources 202. The quantum entropy sources 202 can be those as described in US Patent Nos. 9,425,954, 9,660,803 and US Application No. 16/288,722. Further, quantum or classical entropy sources, semiquantum or random number generators can also be used and be generated by software, hardware or any combination thereof. Note while only one source 202 is illustrated, any number of sources can be used. Further, the random numbers R can be pooled 204 and retrieved at the time of encryption or called on demand and pooled. There can be X random numbers R.
Crypto engine 200 forms a matrix 206 of A rows 208 and B columns 210 from the random number pool 204. In this example, A x B < X and the dimensionality of matrix 206 may be determined by the encryption function at the beginning of any session. In one example, the matrix 206 is formed with a number B of columns 210 equal to or greater than the length of said character length L and the number A of rows 208 is at least 1. The matrix 206 can be populated linearly from pool 204 without using all of the random numbers R. The random numbers can also be “bits” and the extra bits may be selected at random or at discrete points in in the pool 204 and discarded. Matrix 206 may be square or non-square. The random elements populating each matrix 206 element, row 208 or column 210 can be done according to any prescribed method, sequential or otherwise. All elements Y of the pool 204 that exceed A x B elements, may be discarded or incorporated into the matrix through additional operations. For example, extra elements Y may be sequentially XORed into matrix 206 starting with the first or any element until all of Y is consumed. Any algorithmic method based on mathematical sequences or functions may be used to integrate the extra elements Y into the matrix 206 so all random numbers R in the pool 204 are used. The crypto engine 200 can form new pools 204 for each plaintext string 100 or reserve the random numbers Y in the pool 204 for later use.
Once the matrix 206 is formed, the crypto engine 200 can then form the key 212. In one example, the key 212 is formed from by creating a new one-dimensional array. The key array 212 can be created by selecting an initial element within the matrix 206 and selecting subsequent additional elements from the same row as said starting element. In other examples, depending on the initial element, the key 212 can be formed by wrapping back to the first element in the row of said initial element once the final column 210B is reached. The key sequence is created from the matrix 206, until the number of elements in the new onedimensional array 212 is equal to character length L of the plaintext message without reusing elements from any columns 210. In the illustrated example in Figure 2, the key 212 is formed from the first row 208i and starts at the first column 210i . Other examples include picking the key elements K for the key 212 from the matrix 206 using again only from the row 208 of the initial element and then using any predictable ordering or function without reusing elements from any columns 210. Thus, the sequence can be, as an example, KI = (208i, 2IO2), (2081, 2IO3), (208i, 210i), (208i, 210B), etc. until the key 212 is the same length as the plaintext length L.
Figure 3 illustrates other examples of matrix 206 and the resulting key 312. Here, the key 312 (which can still be a one-dimensional array) is selected from any row 208 in the matrix 206 either sequentially or non- sequentially. So, in one example, a first key 312A can be created from the elements marked KAI through KAV taken from multiple rows and out of sequence. Given the remaining elements in the matrix 206, additional keys 312 can be formed, as exemplified from the hatched areas using sequential or non- sequential techniques.
Figure 4A illustrates forming an intermediate sequence 214 pulled from the matrix 206 using any of the above techniques. The sequence 214 can have Q elements and can be a onedimensional array. The sequence 214 can be sampled or assembled from elements of the matrix 206. The sequence 214 may also be used as the key 212 or used as the random elements for creating daughter matrices 212’ and/or additional sequences 214’ of any dimension. The length Q of the sequence 214 can determined by the required key size or, in the case of OTP based systems, the size of the plaintext L requiring encryption, with a one-to-one correspondence (e.g. Q=L). Once the size Q of the sequence 214 is calculated, additional operations and transforms may be applied prior to incorporation into an encryption key or XORing with other sequences 214.
Figure 4B illustrates a set of arrays/sequences 214 may be XORed together to produce a final key sequence 412 of length L. The individual sequences 214i - 214iV may all be of the same length or they may be varied. If the sequences 214 are of nonuniform length, they may be concatenated, padded or additional linear operations may be applied to achieve all sequences 214 of the same length Q. These operations apply equally when the length of the key sequence 412 is less than the length of the intermediate sequences 214. Meaning, in one example, all sequences 214 must be decreased to the length of the key sequence 412 prior to the XOR application on the set of sequences 214. Additional operations are valid on any individual sequences 214 or as intermediate steps to the XOR operation to achieve the final key sequence 412. For example, the first sequence 214i may be individually XORed with aprivate key unique to every user in a multiparty encryption key system. Additional elements may be appended or added to every sequence 214 prior to generating the key sequence 412.
Additional examples of generating both key sequences 212 and intermediate sequences 214, Figure 3 illustrates both sequential and non-sequential ordering. Non-sequential patterns can order the elements E from each row, every second, third or any predictable, regular or random column ordering. When generating the sequences 212, 214, any element A in rows 208 may only be used once, meaning, each element must be considered consumed before selecting the next element in the sequence 212, 214. The application of functions or known sequences may be iteratively applied to the same row 208 after placing an element A from that row 208 into the sequence 212, 214, for example. Each step used to populate the sequence 212, 214 is effectively diminishing the available elements A in the row 208 to choose from. Additional mixing or concatenation functions can be applied to the remaining elements A in row 208 prior to selecting the next element of the sequence 212, 214. A sequential example is in row 208i, a wrap-around sequence in row 2083, and non-sequential patterns in rows 2084 to 208A.
Another example of generating a sequence 212, 214 utilizes the entire pool 204 of random numbers R. In this example, there are Y excess random numbers. The entire pool 204 can be transformed to produce sequences 212, 214 larger than the pool set X. In one example, the set of X random elements can be organized into one or more matrices 206 of A rows 208 and B columns 210, where B is the number of elements in X divided by A and where A is greater than one. Using the entire set of X random elements requires A and B to be integers or the extra elements Y of the full pool set X may be not be used. Row and column lengths A and B are adjustable parameters and may vary for any set X.
To encrypt plaintext 100 of length L using a one-time pad (OTP), a key 212 of length L may be extracted from the matrix 206 using several distinct procedures, individually or in tandem. A linear sequence or one-dimensional array 212, 214 of length L may be selected from the first row of the matrix starting at any element i including the first. If (B-i) is less than L, selection of the (B-i+1) element begins at the first column 210 of that row 208 and continues sequentially until L is complete. The linear sequence 212, 214 may be used as the OTP. Figure 5 illustrates the sequence concept at the matrix 206 and key set 212 level. Multiple matrices 206i - 206n of various dimensions may be individually created from the random pool 204, or from a series of sequences 214 manipulated out of a previous matrix 206. Each matrix 206 producing a key 212, which in turn can be XORed together to produce a final key 512 or OTP used for encryption.
The classical or quantum entropy sources 202 used to generate the pool 204 can each be associated with an individual matrix 206 or several matrices 206, each correlated with an individual random number generator or any combination. Although the pool 204 is effectively a large pool of random numbers R, the pool 204 can be subdivided into smaller sets with complex relationships to their entropy origin, quantum or classical. These may be used to generate the plurality of matrices 206 prior to producing the individual key sets 212 correlated with each matrix 206. The key set 212 produced from each matrix 206 may be of uniform or nonuniform length prior to XORing into a final key set 512, analogous to using individual sequences 214.
Figure 6 illustrates an example where the plaintext 600 is “hello”. The plaintext character length L is 5 and thus n=5. In the illustrated example, the crypto engine 600 forms a matrix 606 as a square matrix where the number of rows 608 and columns 610 are equal and thus A=L, B=L and is thus a 5x5 matrix 606. The crypto engine 600 draws the random elements from the pool to form the matrix 606. A simple substitution key 612 is formed from a nonsequential selection from the matrix 606. A sequential key 612 could be “FGHIJ” from row 6O82, while a single array non- sequential key can be “KMOLN” from row 6O83.
Figures 7 and 8 illustrate different methods for computer-implemented encryption key generation. Herein any computational device can include, but is not limited to, general purpose computers and servers, field programmable gate arrays (FPGA), processor arrays and networks, dedicated application specific integrated circuits (ASIC) and virtual machines (VM), etc. Specific devices can also include portable electronic devices such as a cellular telephone, tablet computer, laptop computer, and the like. In some examples, a computer system can be provided that can include a processor and a non-transient memory that stores computerexecutable instructions that when executed by the processor, the processor can perform various operations including manipulating, recording, expanding, and aggregating random numbers from entropy sources into a pool, creating a matrix with such aggregate random numbers, creating key or intermediate sequences, and distributing the sequence. This can be performed by a single device (e.g. system on a chip in a mobile or field deployed device) or across a network. Several of such computer systems can be assembled in groups of systems creating a larger network structure of individual nodes that can be physical or virtualized.
Figure 7 illustrates an example of a method including selecting a plaintext to be encrypted, wherein said plaintext has a fixed character length (step 700). Establishing a source of random numbers from a single or plurality of hardware and or software entropy sources (step 702) and generating a matrix from said random numbers (step 704). As above, the single or plurality of hardware or software sources 202 can be quantum random number generators.
As noted above, the matrix 206, 606 can be a two-dimensional array and can have a number B of columns 210, 610 equal to or greater than the length L of the plaintext message 100. Note in all examples, while the number B of columns 210, 610 can equal the plaintext length L, and the number A of rows 208, 608 can be 1. The reverse can also be true, wherein the number A of rows is equal to or greater than the plaintext length L and the number B of columns 210, 610 is equal to 1. Thus, at least one dimension A, B of the matrix 206, 606 can be equal to or greater than the plaintext length L. As an example, turning back to Figure 6, a possible key can be “CHMRW” taken from multiple rows 608 that are part of column 6IO3.
Turning back to Figure 7, the method can include generating an encryption key 212, 512, 612 or intermediate sequence 214 or a one-time pad (step 706). This can be created with a new one-dimensional array key sequence 212, 512, 612 or intermediate sequence 214 by selecting an initial element Ki, Ji within the matrix 206, 606 and selecting subsequent additional elements Kn, Jn from the matrix 206, 606 (step 708).
The selecting step 708 can include sub-steps of taking the initial element Ki, Ji from the same row or column as the starting element (step 710) and/or wrapping back to the first element Ki, Ji in the row or column of the initial element Ki, Ji once a final row or column is reached (step 712). Other sub-steps include sequentially selecting subsequent elements after the initial element Ki, Ji (step 714) or selecting from the row or column the initial element Ki, Ji using any predictable ordering or function (step 716). Another step can be rejecting previously used elements from the matrix (step 718) or said differently, the new one-dimensional array/key sequence/intermediate sequence is created is without reusing elements from any rows and/or columns.
Further steps include matching the number of elements Kn, Jn in the new onedimensional array/key sequence 212, 512, 612 or intermediate sequence 214 to be equal to the plaintext character length L without reusing elements from any columns or rows (step 720).
Figure 8 illustrates further examples of methods stemming from the previous steps where selecting the new one-dimensional array/key sequence 212, 312, 512, 612/intermediate sequence 214 is from any row/column 208, 210 in the matrix 206 to generate additional encryption keys 212 (step 800). Other examples can then use a plurality of new onedimensional arrays/key sequences 212, 612/intermediate sequences 214 to create a single final encryption key sequence 512 or one-time pad (step 802). The new one-dimensional array/key sequence 212, 512, 612/intermediate sequence 214, as above, can be generated from the matrix 206, 606 using single or multiple sequential or non- sequential techniques. These new arrays/sequences can be XORed together to form the final key sequence 512 (step 804). New arrays/sequences can be generated from a plurality of matrices 206n and in one example, the plurality of matrices each generate at least one new one-dimensional array/sequence (step 806). As above, the new arrays/sequences can be subsequently XORed together to create a single final one-dimensional array/sequence as the new encryption key 512 or OTP.
Figure 9 illustrates an example of a system 1000 for computer-implemented encryption key generation. A plaintext message 900 is received by the system 1000 for encryption and the plaintext 900 has a fixed character length L. The crypto engine 901 accesses one or more entropy/random number sources 902 to receive random numbers R. The entropy/random number sources 902 can be based in hardware or software or a combination of both. The random numbers can be pooled 904 either at the time of access or in advance. Alternate examples do not pool, but the accessed random numbers R are used directly to form a matrix. The matrix 906 can be created from a set of random numbers generated from the random number sources 902 and can have number A of rows 908 and/or a number B of columns 910 equal to or greater than the plaintext character length L. The system 1000 creates an encryption key 912 (which can be used for a one-time pad) from the matrix 906. The encryption key 912 can be a one-dimensional array commencing from an initial element Ki within said matrix and continuing with subsequent additional elements until the length of the key is at least equal to the character length L. In an example, the remaining key elements Kn can be extracted from the same row 908 or column 910 as the starting element Ki, including wrapping back to the first element in the row 908 or column 910 once the final row/column is reached. Other hatching in the illustration of the matrix 906 represents different key generation techniques, as discussed above. The number of key elements Kn in the key sequence 912 can be equal to said plaintext character length L without reusing elements from any matrix row 908 or column 910. The key 912 is then applied to the plaintext message 900 to form the encrypted message 945. The encrypted message 945 can then be transmitted. In one example, Alice 10 types the plaintext message 900 to send to Bob 20 over a network 30 (unsecured or otherwise). The system 1000 can contain all of the elements needed to receive the plaintext input from Alice 10 and transmit it to Bob 10, or only the elements needed to encrypt/decrypt the message 945.
The use of the key 912 by Bob 20 to then decrypt the message 945 can be though a number of known means. The key 912 can be passed to Bob 20 in any known prior art method for his use. Alternately, both Alice 10 and Bob 20 can share the matrix 906 and only Alice’s and Bob’s systems 1000 know which technique (single or multiple, sequential or nonsequential) to use to form the key 612 from the matrix 906. The matrix 906 can be passed in the clear or encrypted using a different key.
In other examples, the single or plurality of hardware or software random number sources 902 can be quantum random number generators. Subsequent additional elements for the key or intermediate sequences 912 can be selected sequentially in that the new onedimensional array is selected sequentially from the initial element Ki. The new onedimensional array can be selected from the row or column of the initial element Ki using any predictable ordering or function without reusing elements from any row and/or column. The new one-dimensional array can be selected from any row and/or column in said matrix to generate additional encryption keys. Another example is that the plurality of new onedimensional arrays can be generated from the matrix using a single sequential or non-sequential technique, and the new one-dimensional arrays can be XORed together to create a single final one-dimensional array as the new encryption key or one-time pad. Instead of a single matrix, a plurality of matrices each generate new one-dimensional arrays, wherein said new onedimensional arrays are subsequently XORed together to create a single final one-dimensional array as the new encryption key or one-time pad.
Further, the matrix can have any number of dimensions (one, two, thee, etc.) and at least one of the dimensions, in certain examples, equals the plaintext character length. This also holds true for the both the intermediate and key sequences.
The descriptions contained herein are examples of embodiments of the invention and are not intended in any way to limit the scope of the invention. As described herein, the invention contemplates many variations and modifications of an encryption system, including random number generation, collection, pooling, matrix generation, and sequence generation, additional control functionality, additional communication functionality, additional functionality to meet end user needs not specifically described herein, additional and/or alternative random number sources, additional and/or alternative schemes and means for generating random bit streams, additional and/or alternative schemes for encrypting and/or encapsulating random numbers for secure transfer over an unsecure network, additional and/or alternative schemes for creating virtual entropy sources, etc. These modifications would be apparent to those having ordinary skill in the art to which this invention relates and are intended to be within the scope of the claims which follow.

Claims

What is Claimed is:
1. A method for encryption key generation, comprising the steps of: receiving a plaintext message comprising a fixed character length; receiving, from a source, a plurality of random numbers; creating a matrix from the plurality random numbers, comprising at least one of a number of rows and a number of columns equal to or greater than the character length; and generating an array, comprising the step of: selecting an initial element within the matrix; selecting subsequent elements using a selection technique until a number of elements in the array is equal to the character length; and rejecting any previously selected elements from the array.
2. The method of claim 1, wherein the generating step further comprises the step of selecting the subsequent elements from one of the same row and the same column, wherein the row or the column used is at least the one with the dimension that is equal to or greater than the character length.
3. The method of claim 1, wherein the generating step further comprises the step of wrapping back to the initial element in the one of the row or the column of the initial element once the final in that row or column is reached.
4. The method of claim 1, wherein the selection technique comprises selecting sequentially from the initial element.
5. The method of claim 1 , wherein the array is selected from the row of the initial element using any predictable selection technique without reusing elements from any columns.
6. The method of claim 1 further comprising the step of generating additional arrays from the same row or column.
7. The method of claim 6, further comprising the steps of XORing a plurality of the additional arrays to create a final array.
8. The method of claim 1, further comprising the step of: creating a plurality of matrices, each used to generate a plurality of additional arrays; and
XORing the plurality of additional arrays together to create a final array.
9. A system for encryption key generation, comprising: a plaintext message comprising a fixed character length; a random number source generating a plurality of random numbers; a matrix created from the random numbers comprising a number of at least one of rows and columns equal to or greater than the character length; an encryption key comprising: an initial element from matrix; at least one subsequent element from the matrix; a key length equal to the character length; and nonrepeated elements from the matrix.
10. The system of claim 9, wherein the subsequent element further comprises: elements from the same row as initial element.
11. The system of claim 9, wherein the random number source comprises: a plurality of random number sources based in at least one of hardware or software; and a quantum random number generator.
12. The system of claim 9, wherein the subsequent element sequentially follows the initial element.
13. The system of claim 9, wherein the initial and subsequent elements of the encryption key are unique elements from any of the rows and the columns.
14. The system of claim 9, further comprising: an array comprising an additional element from the matrix; an additional encryption key comprising at least one of the additional element or new elements formed from mathematical operations on the additional element.
EP20929673.0A 2020-08-11 2020-08-11 Generating unique cryptographic keys from a pool of random elements Pending EP3973660A4 (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2020/045747 WO2022035422A1 (en) 2020-08-11 2020-08-11 Generating unique cryptographic keys from a pool of random elements

Publications (2)

Publication Number Publication Date
EP3973660A1 true EP3973660A1 (en) 2022-03-30
EP3973660A4 EP3973660A4 (en) 2022-04-20

Family

ID=80248081

Family Applications (1)

Application Number Title Priority Date Filing Date
EP20929673.0A Pending EP3973660A4 (en) 2020-08-11 2020-08-11 Generating unique cryptographic keys from a pool of random elements

Country Status (4)

Country Link
EP (1) EP3973660A4 (en)
JP (1) JP2023546302A (en)
KR (1) KR20230046921A (en)
WO (1) WO2022035422A1 (en)

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6909783B2 (en) * 1999-10-29 2005-06-21 Joseph Samuel Incarnato Alphabet soup cryptography
US7170997B2 (en) * 2000-12-07 2007-01-30 Cryptico A/S Method of generating pseudo-random numbers in an electronic device, and a method of encrypting and decrypting electronic data
CZ2008812A3 (en) * 2008-12-17 2010-06-30 Orsák@Radek Synchronization method of at least two random key generators separated from each another, particularly for information encryption and method of information encryption using a random key
WO2012154129A1 (en) * 2011-05-10 2012-11-15 Nanyang Technological University Devices for computer-based generating of a mixing matrix for cryptographic processing of data, encrypting devices, methods for computer-based generating of a mixing matrix for cryptographic processing of data and encrypting methods
US10019235B2 (en) * 2011-09-30 2018-07-10 Los Alamos National Security, Llc Quantum random number generators
KR101914028B1 (en) * 2017-04-28 2018-11-01 삼성에스디에스 주식회사 Apparatus and method for performing operation being secure against side channel attack

Also Published As

Publication number Publication date
JP2023546302A (en) 2023-11-02
KR20230046921A (en) 2023-04-06
EP3973660A4 (en) 2022-04-20
WO2022035422A1 (en) 2022-02-17

Similar Documents

Publication Publication Date Title
US11997200B2 (en) Generating unique cryptographic keys from a pool of random elements
Fu et al. A new chaos‐based color image encryption scheme with an efficient substitution keystream generation strategy
US8553880B2 (en) Pseudorandom number generating system, encryption system, and decryption system
KR101267109B1 (en) Cryptographic primitives, error coding, and pseudo-random number improvement methods using quasigroups
US11381394B2 (en) High speed encryption key generating engine
KR100994841B1 (en) METHOD OF GENERATING A STREAM CIPHER USING MULTIPLE KEYS and RECORDING MEDIUM
US11095442B1 (en) Generating unique cryptographic keys from a pool of random elements
JP2020537191A (en) Cryptographic device with updatable shared matrix
WO1994016509A1 (en) A method and apparatus for generating a cipher stream
Manucom et al. Analysis of key randomness in improved one-time pad cryptography
Verma et al. 3D-Playfair cipher with additional bitwise operation
CN107078900B (en) Cryptographic system based on reproducible random sequences
CN109902498B (en) Data encryption method, data decryption method, and corresponding devices and equipment
EP3973660A1 (en) Generating unique cryptographic keys from a pool of random elements
JP5207153B2 (en) Pseudo random number generation system
CN110336667B (en) Communication physical layer encryption communication method and device based on pseudo-random sequence control
JP5586758B1 (en) Dynamic encryption key generation system
RU2277759C2 (en) Method for generation of encoding-decoding key
RU2683689C1 (en) Nonlinear three-dimensional multi-round data transformation method
KR101076747B1 (en) Method and apparatus for random accessible encryption and decryption by using a hierarchical tree structure of stream cipher module
RU2359415C2 (en) Method for cryptographic transformation of digital data units
Han et al. A chaos robustness criterion for 2D piecewise smooth Map with applications in pseudorandom number generator and image encryption with avalanche effect
Ali et al. Modified Advanced Encryption Standard algorithm for fast transmitted data protection
Pandey et al. An Improved AES Cryptosystem Based Genetic Method on S-Box, With, 256 Key Sizes and 14-Rounds
Kumari et al. Lightweight encryption with data and device integrity using NLFSR and PUF for the Internet of Medical Things

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20211012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

A4 Supplementary search report drawn up and despatched

Effective date: 20220322

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 9/14 20060101ALI20220316BHEP

Ipc: H04L 9/12 20060101ALI20220316BHEP

Ipc: H04L 9/08 20060101ALI20220316BHEP

Ipc: H04L 9/00 20220101AFI20220316BHEP

P01 Opt-out of the competence of the unified patent court (upc) registered

Effective date: 20230513

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)