GB2329096A - Creating sub-keys from hashed cryptographic master key - Google Patents

Creating sub-keys from hashed cryptographic master key Download PDF

Info

Publication number
GB2329096A
GB2329096A GB9718200A GB9718200A GB2329096A GB 2329096 A GB2329096 A GB 2329096A GB 9718200 A GB9718200 A GB 9718200A GB 9718200 A GB9718200 A GB 9718200A GB 2329096 A GB2329096 A GB 2329096A
Authority
GB
United Kingdom
Prior art keywords
sub
keys
facility
key
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB9718200A
Other versions
GB9718200D0 (en
Inventor
Ian Nigel Harvey
Someren Nicholas Benedict Van
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
nCipher Corp Ltd
Thales Reading 1 Ltd
Original Assignee
nCipher Corp Ltd
nCipher Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by nCipher Corp Ltd, nCipher Ltd filed Critical nCipher Corp Ltd
Priority to GB9718200A priority Critical patent/GB2329096A/en
Publication of GB9718200D0 publication Critical patent/GB9718200D0/en
Priority to ZA986026A priority patent/ZA986026B/en
Priority to EP98935142A priority patent/EP1008251A1/en
Priority to PCT/GB1998/002129 priority patent/WO1999012309A1/en
Priority to AU84501/98A priority patent/AU8450198A/en
Publication of GB2329096A publication Critical patent/GB2329096A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/24Key scheduling, i.e. generating round keys or sub-keys for block encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

A facitity for enhancing data security comprises a plurality of encryption modules, an interface and a data processing machine (10). The encryption modules are each responsible to a sub-key for encrypting data. The interface is operative to receive a master key, and the data processing machine (10) is operative to create a series of sub-keys for use with the modules. The machine (10) is operative to create each of the sub-keys by means of a hash function of the master key.

Description

Title: This invention is concemed with data security, and in particular to the security of data transferred in the course of commercial activities such as banking.
In the field of banking, data is transferred along data carriers in such a manner that a data stream can be intesw by an unauthorised person. Hence, there is a need to disguise the data so that it can only be comprehended by the intended and authorised user.
In one method of disguising data, a cryptographic cipher system is used. If data is to be sent between a sender and a recipient along a channel which is of questionable security, then it is encrypted using a cipher implemented by the system.
Most ciphers require a secret "master key" to be shared between sender and recipient. In many systems, the master key is used by the cipher to generate a plurality of sub-keys which are used by internal fimctions of the cipher in the encryption process.
In the past, sub-keys have been derived either by re-ordering selected bits of the key data or by using a simple mathematical function such as an arithmetic progression.
The type of system described above is lacking in versatility, in that it expects a master key of a predetermined length, and cannot accommodate master keys of different lengths. It cannot deal with the generation of a variable number of sub-keys, which would improve security.
Furthermore, where there is a simple relationship between two master keys used with the above system, there may be a correspondingly simple relationship between the sets of sub-keys so produced. That relationship could easily be found by a cryptanalyst, and the security of a system protected in that manner could be compromised.
It is an object of the present invention to provide a system which ameliorates the above problems.
According to the invention there is provided a facility for enhancing data security, the facility comprising a plurality of encryption modules each being responsive to a sub-key for encrypting data, an interface for receiving a master key, and a data processing machine operative to create a series of sub-keys for use with the modules, the machine being operative to create each of the sub-keys by means of a hash function of the master key.
In that way, the series of sub-keys corresponding to a master key will not be evident to an unauthorised user.
Preferably, the hash function operates on a concatenation of the master key with at least one other piece of data. Therefore, the complexity of the result of the hash function is substantially increased which makes it more difficult for a pattem between the sub-keys and master key to be established.
The other data may comprise at least one of a constant, the position of the sub-key in the series, a function of the position of the sub-key in the series, preceding sub-keys in the series, and a function of preceding sub-keys in the series.
In a preferred embodiment of the invention, the concatenation comprises a first string of other data preceding the master key and a second string of other data following the master key, at least one of the first and second strings varies with the position in the series of the sub-key being calculated. In that way, the security of the cipher defined by the series of sub-keys is enhanced.
The hash function is preferably a one way hash function. In a preferred embodiment, the hash function is collision free.
In a preferred embodiment of the invention, the data processing machine derives the sub-keys of the series and then stores the series for later use by the sections.
Alternatively, the sub-keys are derived as they are required by the sections.
Preferably, the sub-keys are derived in the order in which they are to be used.
In a preferred embodiment of the invention, the hash function produces results the same length as the desireFlengtll of hash key. Alternatively, if the hash function results are shorter than the desired length of sub-key, then a sub-key can be constructed from a concatenation of hash function results. Furthermore, if the hash function results are longer than the desired length of sub-key, then more than one sub-key could be derived from a hash function result.
Further preferred aspects and features of the invention will be appreciated from the following description of a specific and preferred embodiment of the invention, with reference to the drawing appended hereto which shows a schematic diagram ilustrating the function of a data processing machine contained in a cryptographic system in accordance with the invention.
A cryptographic system comprises n sections, each acting on target data in response to a sub-key supplied to that section. Hence, the system as a whole is operated by a key schedule comprising a set of n sub-keys i (K,,K2 K,J.
The figure illustrates a sub-key data processing machine 10 having a series of interconnected modules.
A counter 12 generates a counter signal having value between I and n, where n is the number of sections of the system and thus the number of sub-keys to be generated.
A prefix generator 14 and a suffix generator 16 are provided, the generators 14, 16 being operative to generate values S, and Tj respectively.
Si, Tt, and a master key K are fed forward to a concatenation module 18 where the data is concatenated, and then the concatenated data is fed to a hash function module 20 A key schedule is derived from the master key K, by means of a hash function embodied in the hash function module 20 as follows: Kj=H(SilKl Ti) 1 # i # n, where HO is a hash function, the l symbol represents concatenation of data and Si and Ti are generated in the prefix and suffix generators 14, 16 as indicated above. S and Ti may be constructed from some or any of: (1) a constant value; (2) the value i; (3) a function of the value i; (4) any of the values Kl, ,Kj ,; (5) a function of the values Kj, ,Kj .
The sub-keys are used in order, so that the first use of Ki is after the first use of each of K, ...,KI This is an optional arrangement which allows sequential production of sub-keys, such as in the case where a sub-key is a function of preceding sub-keys. As shown in the drawing, the result output by the hash function module 20 is fed back to the prefix and suffix generators 14, 16 so that they can utilise the result in later iterations. The machine can thus derive each sub-key as it is needed. However, it may be more useful for the machine to derive all of the sub-keys at an initial stage and store them in tum for later use.
In some cases, the length of the sub-keys required for the sections of the system is less than the length of the output of the hash function. In that case, the result of each hash operation can be used to make more than one sub-key. If the length of the sub-key required is greater than the length of the output of the hash function, the outputs of several hash operations can be concatenated to construct the sub-key.
In order to ensure that the key schedule is "strong", i.e. that it is not susceptible to deciphering, at least one of S1 and Tri varies with the value of i.
For optimal security, the hash function HO should be chosen to be one way and collision free.
The system described above is useful in that it is capable of defining a master key of arbitrary length. Moreover, a variable number of sub-keys of variable length can be generated from each master key. The system avoids "weak" keys from which a pattern can be derived easily, and is generally more robust against cryptanalysis than previous encryption systems, since there is no simple relationship between sub-keys generated from master keys which have a simple relationship.

Claims (11)

1. A facility for enhancing data security, the facility comprising a plurality of encryption modules each being responsive to a sub-key for encrypting data, an interface for receiving a master key, and a data processing machine operative to create a series of sub-keys for use with the modules, the machine being operative to create each of the sub-keys by means of a hash function of the master key.
2. A facility in accordance with claim 1 wherein the hash function operates on a concatenation of the master key with at least one other piece of data.
3. A facility in accordance with claim 2 wherein the other place of data comprises at least one of a constant, the position of the sub-key in the series, a function of the position of the sub-key in the series, preceding sub-keys in the series, and a function of preceding sub-keys in the series.
4. A facility in accordance with claim 2 or claim 3 wherein the concatenation comprises a first string of other data preceding the master key and a second string of other data following the master key, at least one of the first and second strings varies with the position in the series of the sub-key being calculated.
5. A facility in accordance with any preceding claim wherein the hash function is a one way hash function.
6. A facility in accordance with claim 5 wherein the hash function is collision free.
7. A facility in accordance with any preceding claim wherein the data processing machine derives the sub-keys of the series and then stores the series for later use by the sections.
8. A facility in accordance with any one of claims 1 to 6 wherein the sub-keys are derived as they are required by the sections.
9. A facility in accordance with claim 7 or claim 8 wherein the sub-keys are derived in the order in which they are to be used.
10. A facility in accordance with any preceding claim the hash function produces results the same length as the desired length of sub-key.
11. A facility of enhancing data securing as described with reference to the accompanying drawing.
GB9718200A 1997-08-29 1997-08-29 Creating sub-keys from hashed cryptographic master key Withdrawn GB2329096A (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
GB9718200A GB2329096A (en) 1997-08-29 1997-08-29 Creating sub-keys from hashed cryptographic master key
ZA986026A ZA986026B (en) 1997-08-29 1998-07-08 Data security
EP98935142A EP1008251A1 (en) 1997-08-29 1998-07-17 System for generating sub-keys
PCT/GB1998/002129 WO1999012309A1 (en) 1997-08-29 1998-07-17 System for generating sub-keys
AU84501/98A AU8450198A (en) 1997-08-29 1998-07-17 System for generating sub-keys

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB9718200A GB2329096A (en) 1997-08-29 1997-08-29 Creating sub-keys from hashed cryptographic master key

Publications (2)

Publication Number Publication Date
GB9718200D0 GB9718200D0 (en) 1997-11-05
GB2329096A true GB2329096A (en) 1999-03-10

Family

ID=10818133

Family Applications (1)

Application Number Title Priority Date Filing Date
GB9718200A Withdrawn GB2329096A (en) 1997-08-29 1997-08-29 Creating sub-keys from hashed cryptographic master key

Country Status (5)

Country Link
EP (1) EP1008251A1 (en)
AU (1) AU8450198A (en)
GB (1) GB2329096A (en)
WO (1) WO1999012309A1 (en)
ZA (1) ZA986026B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001095545A2 (en) * 2000-06-05 2001-12-13 Phoenix Technologies Ltd. Systems, methods and software for remote password authentication using multiple servers
EP1418701A1 (en) * 2002-11-11 2004-05-12 STMicroelectronics Limited Transmission and storage of encryption keys

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105610848B (en) * 2016-01-08 2018-05-25 北京工业大学 Possess the centralized data security method and system of source data Security Assurance Mechanism

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2293737A (en) * 1994-09-29 1996-04-03 Pitney Bowes Inc Postage evidencing system with encrypted hash summary reports
US5608801A (en) * 1995-11-16 1997-03-04 Bell Communications Research, Inc. Efficient cryptographic hash functions and methods for amplifying the security of hash functions and pseudo-random functions
GB2308282A (en) * 1995-12-15 1997-06-18 Lotus Dev Corp Secret crytptographic key is split to reduce work factor
EP0781003A2 (en) * 1995-12-22 1997-06-25 General Instrument Corporation Of Delaware Generation of cryptographic signatures using hash keys

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5172414A (en) * 1991-09-13 1992-12-15 At&T Bell Laboratories Speech and control message encrypton in cellular radio
US5483598A (en) * 1993-07-01 1996-01-09 Digital Equipment Corp., Patent Law Group Message encryption using a hash function
US5796839A (en) * 1995-10-16 1998-08-18 Sony Corporation Encryption method, encryption apparatus, recording method, decoding method, decoding apparatus and recording medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2293737A (en) * 1994-09-29 1996-04-03 Pitney Bowes Inc Postage evidencing system with encrypted hash summary reports
US5608801A (en) * 1995-11-16 1997-03-04 Bell Communications Research, Inc. Efficient cryptographic hash functions and methods for amplifying the security of hash functions and pseudo-random functions
GB2308282A (en) * 1995-12-15 1997-06-18 Lotus Dev Corp Secret crytptographic key is split to reduce work factor
EP0781003A2 (en) * 1995-12-22 1997-06-25 General Instrument Corporation Of Delaware Generation of cryptographic signatures using hash keys

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001095545A2 (en) * 2000-06-05 2001-12-13 Phoenix Technologies Ltd. Systems, methods and software for remote password authentication using multiple servers
WO2001095545A3 (en) * 2000-06-05 2002-07-04 Phoenix Tech Ltd Systems, methods and software for remote password authentication using multiple servers
JP2003536320A (en) * 2000-06-05 2003-12-02 フィーニックス テクノロジーズ リミテッド System, method and software for remote password authentication using multiple servers
US7139917B2 (en) 2000-06-05 2006-11-21 Phoenix Technologies Ltd. Systems, methods and software for remote password authentication using multiple servers
KR100769482B1 (en) 2000-06-05 2007-10-24 피닉스 테크놀로지 리미티드 Systems, methods and software for remote password authentication using multiple servers
JP4833489B2 (en) * 2000-06-05 2011-12-07 フィーニックス  テクノロジーズ  リミテッド System, method and software for remote password authentication using multiple servers
EP1418701A1 (en) * 2002-11-11 2004-05-12 STMicroelectronics Limited Transmission and storage of encryption keys

Also Published As

Publication number Publication date
WO1999012309A1 (en) 1999-03-11
EP1008251A1 (en) 2000-06-14
ZA986026B (en) 1999-01-28
GB9718200D0 (en) 1997-11-05
AU8450198A (en) 1999-03-22

Similar Documents

Publication Publication Date Title
US4471164A (en) Stream cipher operation using public key cryptosystem
CA2218148C (en) Generating unique and unpredictable values
US5703952A (en) Method and apparatus for generating a cipher stream
US8712036B2 (en) System for encrypting and decrypting a plaintext message with authentication
KR100296958B1 (en) Apparatus for encoding block data
US7715553B2 (en) Encrypting a plaintext message with authentication
US5222139A (en) Cryptographic method and apparatus
US11546135B2 (en) Key sequence generation for cryptographic operations
US7321659B2 (en) Simple universal hash for plaintext aware encryption
EP2197144A1 (en) Methods and devices for a chained encryption mode
CA2150683A1 (en) A Cryptographic Method
KR970008912A (en) Encryption device with dual feed forward hash function
US20090245510A1 (en) Block cipher with security intrinsic aspects
WO2008115476A1 (en) A simple and efficient one-pass authenticated encryyption scheme
Mahendran et al. Generation of key matrix for hill cipher encryption using classical cipher
US6463150B1 (en) Encryption device for information in binary code
Alabdulrazzaq et al. Performance evaluation of cryptographic algorithms: DES, 3DES, blowfish, twofish, and threefish
US7093126B1 (en) Encryption schemes with almost free integrity awareness
EP3996321A1 (en) Method for processing encrypted data
GB2329096A (en) Creating sub-keys from hashed cryptographic master key
Suresh et al. ETSET: Enhanced Tiny Symmetric Encryption Techniques to Secure Data Transmission among IoT Devices
Singh et al. Hybrid Encryption Scheme (HES): An approach for transmitting secure data over internet
JPH0738558A (en) Ciphering device, communication system using the same and method therefor
KR100434558B1 (en) A fast block encryption algorithm
JP2000047580A (en) Encipher converting device, decipher converting device, cryptographic communication equipment and automatic toll collecting device

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)