GB2456509A - Using a human readable code communicated using a trusted channel to verify that a distributed public key was issued by the party who claims to have issued it - Google Patents
Using a human readable code communicated using a trusted channel to verify that a distributed public key was issued by the party who claims to have issued it Download PDFInfo
- Publication number
- GB2456509A GB2456509A GB0800630A GB0800630A GB2456509A GB 2456509 A GB2456509 A GB 2456509A GB 0800630 A GB0800630 A GB 0800630A GB 0800630 A GB0800630 A GB 0800630A GB 2456509 A GB2456509 A GB 2456509A
- Authority
- GB
- United Kingdom
- Prior art keywords
- public key
- issued
- sender
- data
- recipient
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/302—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3249—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
Abstract
This application concerns a public key distribution system which is resilient against man-in-the-middle attacks. It overcomes the problem of determining whether a public key received at a recipient was sent by the sender who claims to have sent it, or by a party impersonating the sender. This is achieved by generating an identity code from a hash of the public key and communicating this between recipient and sender out-of-band, for example using spoken means, written means or any other form of trusted channel. The invention obviates the use of certificates, a central authority, permanent storage of secret information or exchange of secret information. The public key may be used for encryption or digital signing.
Description
2456509
Title:
Certificate-Free Encryption and Digital Signing using Public Key Cryptography
Background
There are many people who would like to be able to send e-mail to a correspondent so that only they would be able to read it and for them to be certain of the originator. They would also like received data to be free from virus or other corruption. This means digital signing and encryption. There are a number of products which can do this.
Analysis of these products has shown that they achieve these objectives using certificates of some kind. These are vehicles for proof of identity of the user who will own them and the public and private elements of Public Key sets. They can be obtained from known companies or sometimes are locally generated and registered with a known company or authority. In either case the user must disclose sensitive details to allow the central authority to verify the user's identity.
These certificates must be stored and managed by the user. The public elements must be sent to intended correspondents and the private elements stored in some safe way on the user's computer. This 'safe' way is often left to the user's discretion and whatever method is chosen falls within a spectrum of vulnerabilities. There is always the possibility that such secret data can be stolen either manually or via malicious software.
There comes a time when the use of existing certificates must be discontinued: the assumption is that there is a theoretical possibility that, given sufficient time and computing power, the secret element of a key may be discovered from its public elements. Hence original certificates must be revoked and new ones obtained/generated and registered.
The procedures required to administer a system using certificates are seen by many to be onerous and can impede or prevent understanding of the principles and benefits of the technology.
There is increasing awareness of the issues of privacy and of the obligations placed on individuals and companies with respect to data and intellectual property protection. E-mail can be and is monitored legally. Personal data has been lost or stolen.
1
The invention employs some manual steps to be carried out by parties corresponding by this means in order to achieve the identification validation objectives normally carried out in a system using a central authority.
The invention offers solutions to the following problems.
a) The cost in terms of services, manpower and elapsed time in obtaining, registering, managing and revoking certificates.
b) The disclosure of sensitive data to a central authority, which may turn out not to be trustworthy c) The vulnerability of storing secret data on a computer.
d) The vulnerability of exchanging secret data between correspondents.
e) The height of the barrier against utilising Public Key technology presented by the general complexity of operating the procedures attendant on the use of certificates.
2
Statement of Invention
A method is provided for the operation of Encryption and Digital Signing procedures using Public Key Cryptography techniques for the purposes of authenticated and confidential storage and exchange of data among participating parties hereafter called correspondents a) without the generation, issue, storage, management or revocation of certificates.
b) without the auspices of a central organisation or authority thus avoiding the need, to trust such a body, to register any details with such a body; to obtain digital certificates or key data of any kind from such a body.
c) without the permanent storage on computer system, removable medium, hard copy or any other medium, of secret information d) without the exchange of secret information between participating parties.
For the purposes of this invention 'Encryption and Digital Signing procedures using Public Key Cryptography techniques' is defined to include:
i) Generation of public/private key sets for use in an asymmetric encryption algorithm.
ii) Encryption of data by the sender using the recipient's public key elements, or encryption of data using symmetric keys, usually onetime keys, by the sender, the symmetric keys being encrypted by the sender using the recipient's public key elements.
iii) Decryption of data by the recipient using the recipient's private key element or decryption of symmetric keys by the recipient using the recipient's private key elements, the data being decrypted by the recipient using these symmetric keys.
iv) Signing of data by the sender by taking a digest of the data using a secure hash algorithm and encrypting this using the sender's private key element to produce the signature
3
v) Authenticating data by the recipient by taking a digest of the data using a secure hash algorithm, decrypting the signature using the sender's public key elements and verifying that this equals the digest.
vi) Venfication by one correspondent of another's identity.
4"
Elements of the Method
The elements of the method are achieved using the following techniques:
A one-way mathematical function is used to convert a word, phrase, sentence or a combination of letters, numerals and symbols, used as a secret pass phrase, into a seed for a pseudo-random number generator. There is no requirement to retain the pass phrase once this has been done. The one-way function may be a well-known method such as a hash algorithm which may be deployed a number of times in the seed-generation cycle.
The pseudo-random number generator may be any well-known method satisfying the definition The repeatable series of outputs from the random number generator are used by a prime number generator to produce a series of prime numbers as may be required for subsequent operations in the process. The prime number generator may be any well-known means of generating primes. Such a method is the Rabin-Miller algorithm. A requirement of such a means is that for a given stream of input values a repeatable set of output values is produced.
These prime numbers are used in any well-known method of producing the public elements e and m and the private element d of an asymmetric key set satisfying the properties.
(i) B = Ae mod m for all 0 < A < m
(ii) A = Bd mod m
(iii) m is the product of two prime numbers
Such a method may be that used to generate keys for the RSA algorithm.
e and m are defined as the public elements of the key set. d is defined as the private element of the key set.
For the asymmetric encryption of plain data A into encrypted data B the formula is
B = Ae mod m
For the asymmetric decryption of encrypted data B into encrypted data A the formula is:
A = Bd mod m
For the digital signing process the plain data digest B is transformed into the encrypted data digest A using the formula:
A = Bd mod m
For the signature verification process the encrypted data digest A is transformed into the plain data digest B using the formula:
B = Ae mod m
A one-way mathematical function is used to convert the public elements of the key set into a short-form code susceptible to spoken or written communication between human beings. This will be referred to hereafter as the Identity Code. The one-way function may be a well-known method such as a secure hash algorithm.
&
Deployment of the Method
In the description which follows, the term document may refer to any piece of data represented by a computer-generated file.
Each correspondent chooses a description of his/her identity by which he/she is known to other correspondents. Further, each correspondent establishes an alternative trusted channel with each of the other correspondents using spoken or written means: the purpose of this is for each to assure the other's identity to their mutual satisfaction
Each correspondent chooses a pass phrase unique to the correspondent and not disclosed to any other party. The correspondent uses the pass phrase to produce asymmetric key elements as described above and retains a record of his/her public key elements.
A correspondent wishing to prepare data for transmission to other correspondents uses his/her secret pass phrase to generate the secret element of his/her asymmetric key set, destroying this at the end of the data preparation session.
Initial contact between a sender and a recipient consists of a sender signing a document using his/her private key element and sending the document and signature, together with his/her identity and public key elements. The recipient verifies the signature of the received document using the sender's public key elements and retains a record of the sender's identity and public key elements. The recipient produces the Identity Code of the sender as described above and uses the trusted channel to verify that this is indeed the recognised sender's Identity Code. The recipient may now have trust in the sender on the basis of received documents whose signatures are validated by the recorded public key elements. Subsequent communication from the sender does not automatically require the Identity Code verification procedure.
A correspondent wishing to encrypt a document to send to a recipient will have obtained the public key elements in the way described in the previous paragraph. The sender produces a signature of the document using the sender's private key element The document is then encrypted using the recipient's public key elements (symmetric keys may be used to encrypt the data, the symmetric keys being in turn encrypted by the asymmetric key) and sent to the recipient together with the signature, the sender's identity and public key elements.
1
The recipient of the encrypted data uses his/her private key element to decrypt the data and the sender's public key elements to verify the signature of the decrypted data. If the recipient does not already possess the sender's public key elements these are recorded and the Identity Code verification procedure described for initial contact is carried out.
Any correspondent may send signed documents to any other correspondent or keep them in his/her own store.
Any correspondent possessing the public key elements of another correspondent may send encrypted data to this correspondent. If a person wishes to encrypt data for keeping in his/her own store, the person may choose himself/herself as the recipient.
Claims (4)
1. The operation of Encryption and Digital Signing procedures using Public Key Cryptography techniques without the use of certificates.
2. The operation of Encryption and Digital Signing procedures using Public Key Cryptography techniques without the use of a central organisation or authority.
3. The operation of Encryption and Digital Signing procedures using Public Key Cryptography techniques without the permanent storage of secret information.
4. The operation of Encryption and Digital Signing procedures using Public Key Cryptography techniques without the exchange of secret information between participating parties.
9
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB0800630A GB2456509A (en) | 2008-01-15 | 2008-01-15 | Using a human readable code communicated using a trusted channel to verify that a distributed public key was issued by the party who claims to have issued it |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB0800630A GB2456509A (en) | 2008-01-15 | 2008-01-15 | Using a human readable code communicated using a trusted channel to verify that a distributed public key was issued by the party who claims to have issued it |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| GB0800630D0 GB0800630D0 (en) | 2008-02-20 |
| GB2456509A true GB2456509A (en) | 2009-07-22 |
Family
ID=39144909
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB0800630A Withdrawn GB2456509A (en) | 2008-01-15 | 2008-01-15 | Using a human readable code communicated using a trusted channel to verify that a distributed public key was issued by the party who claims to have issued it |
Country Status (1)
| Country | Link |
|---|---|
| GB (1) | GB2456509A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2487503A (en) * | 2012-04-19 | 2012-07-25 | Martin Tomlinson | Authentication of digital files and associated identities using biometric information |
| US8522349B2 (en) | 2007-05-25 | 2013-08-27 | International Business Machines Corporation | Detecting and defending against man-in-the-middle attacks |
| US8683609B2 (en) | 2009-12-04 | 2014-03-25 | International Business Machines Corporation | Mobile phone and IP address correlation service |
| US8762724B2 (en) | 2009-04-15 | 2014-06-24 | International Business Machines Corporation | Website authentication |
| US8838988B2 (en) | 2011-04-12 | 2014-09-16 | International Business Machines Corporation | Verification of transactional integrity |
| US8917826B2 (en) | 2012-07-31 | 2014-12-23 | International Business Machines Corporation | Detecting man-in-the-middle attacks in electronic transactions using prompts |
| US9438589B2 (en) | 2012-04-19 | 2016-09-06 | Martin Tomlinson | Binding a digital file to a person's identity using biometrics |
| US10122710B2 (en) | 2012-04-19 | 2018-11-06 | Pq Solutions Limited | Binding a data transaction to a person's identity using biometrics |
| CN114826656A (en) * | 2022-03-02 | 2022-07-29 | 国家电网有限公司大数据中心 | Trusted data link transmission method and system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1128597A1 (en) * | 2000-02-22 | 2001-08-29 | Telefonaktiebolaget Lm Ericsson | Method and arrangement in a communication network |
| US7054447B1 (en) * | 2000-09-01 | 2006-05-30 | Pgp Corporation | Method and apparatus for periodically removing invalid public keys from a public key server |
-
2008
- 2008-01-15 GB GB0800630A patent/GB2456509A/en not_active Withdrawn
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1128597A1 (en) * | 2000-02-22 | 2001-08-29 | Telefonaktiebolaget Lm Ericsson | Method and arrangement in a communication network |
| US7054447B1 (en) * | 2000-09-01 | 2006-05-30 | Pgp Corporation | Method and apparatus for periodically removing invalid public keys from a public key server |
Non-Patent Citations (3)
| Title |
|---|
| Andrew S Tanenbaum, "Computer Networks", 4e, 2003, Pearson Education International. * |
| Paul Hoffman, "Out-of-Band Certificate and Key Identifier Protocol (OCKID)", downloaded from http://tools.ietf.org/id/draft-ietf-pkix-okid-01.txt on 21 May 2008. * |
| Richard E Smith, "Internet Cryptography", Addison Wesley, 1997. * |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8522349B2 (en) | 2007-05-25 | 2013-08-27 | International Business Machines Corporation | Detecting and defending against man-in-the-middle attacks |
| US8533821B2 (en) | 2007-05-25 | 2013-09-10 | International Business Machines Corporation | Detecting and defending against man-in-the-middle attacks |
| US8762724B2 (en) | 2009-04-15 | 2014-06-24 | International Business Machines Corporation | Website authentication |
| US8683609B2 (en) | 2009-12-04 | 2014-03-25 | International Business Machines Corporation | Mobile phone and IP address correlation service |
| US8838988B2 (en) | 2011-04-12 | 2014-09-16 | International Business Machines Corporation | Verification of transactional integrity |
| GB2487503A (en) * | 2012-04-19 | 2012-07-25 | Martin Tomlinson | Authentication of digital files and associated identities using biometric information |
| GB2487503B (en) * | 2012-04-19 | 2013-01-02 | Martin Tomlinson | Digital file authentication using biometrics |
| US9166957B2 (en) | 2012-04-19 | 2015-10-20 | Martin Tomlinson | Digital file authentication using biometrics |
| US9438589B2 (en) | 2012-04-19 | 2016-09-06 | Martin Tomlinson | Binding a digital file to a person's identity using biometrics |
| US10122710B2 (en) | 2012-04-19 | 2018-11-06 | Pq Solutions Limited | Binding a data transaction to a person's identity using biometrics |
| US8917826B2 (en) | 2012-07-31 | 2014-12-23 | International Business Machines Corporation | Detecting man-in-the-middle attacks in electronic transactions using prompts |
| CN114826656A (en) * | 2022-03-02 | 2022-07-29 | 国家电网有限公司大数据中心 | Trusted data link transmission method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| GB0800630D0 (en) | 2008-02-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Barker et al. | Nist special publication 800-57 part 1, revision 4 | |
| CN104796265B (en) | A kind of Internet of Things identity identifying method based on Bluetooth communication access | |
| CN108199835B (en) | Multi-party combined private key decryption method | |
| US7634085B1 (en) | Identity-based-encryption system with partial attribute matching | |
| GB2456509A (en) | Using a human readable code communicated using a trusted channel to verify that a distributed public key was issued by the party who claims to have issued it | |
| US20110145576A1 (en) | Secure method of data transmission and encryption and decryption system allowing such transmission | |
| CN101136046B (en) | Electric signing verification system and method thereof | |
| Roy et al. | A survey on digital signatures and its applications | |
| CN107733648A (en) | The RSA digital signature generation method and system of a kind of identity-based | |
| Chen et al. | Public-key quantum digital signature scheme with one-time pad private-key | |
| GB2487503A (en) | Authentication of digital files and associated identities using biometric information | |
| CN109887150A (en) | The agency of approval voting system signs decryption method again | |
| CN104993924A (en) | Method for encryption and decryption of digital copyright | |
| Al-Janabi et al. | for Securing E-Mail | |
| Sinnhofer et al. | Patterns to establish a secure communication channel | |
| KR101793528B1 (en) | Certificateless public key encryption system and receiving terminal | |
| Rasmussen et al. | Weak and strong deniable authenticated encryption: on their relationship and applications | |
| Boonkrong | Authentication and Access Control | |
| Wong et al. | E–mail protocols with perfect forward secrecy | |
| Srivastava et al. | Using a Blend of Brassard and Benett 84 & Elliptic Curve Digital Signature for Secure Cloud Data Communication | |
| Das et al. | Cryptanalysis of Signcryption Protocols Based On Elliptic Curve | |
| CN111385095A (en) | Privacy protection-oriented digital certificate signature method | |
| Masadeh et al. | A novel paradigm in authentication system using swifi encryption/decryption approach | |
| Marcella Jr | Encryption Essentials | |
| TWI405450B (en) | Password authentication method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |