WO1984004639A1 - Appareil pour transferer une information secrete d'une station centrale a un terminal - Google Patents

Appareil pour transferer une information secrete d'une station centrale a un terminal Download PDF

Info

Publication number
WO1984004639A1
WO1984004639A1 PCT/SE1984/000165 SE8400165W WO8404639A1 WO 1984004639 A1 WO1984004639 A1 WO 1984004639A1 SE 8400165 W SE8400165 W SE 8400165W WO 8404639 A1 WO8404639 A1 WO 8404639A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
word
central station
secret information
identity
Prior art date
Application number
PCT/SE1984/000165
Other languages
English (en)
Inventor
Nils Herbert Edstroem
Freddie Sven Olof Ekberg
Original Assignee
Ericsson Telefon Ab L M
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ericsson Telefon Ab L M filed Critical Ericsson Telefon Ab L M
Publication of WO1984004639A1 publication Critical patent/WO1984004639A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]

Definitions

  • the invention relates to an apparatus for transferring secret information from a central station to a terminal at the request of a person entitled to receive the information.
  • the object of the invention is to provide a method of protecting the trans ⁇ mission of smaller quantities of information, e.g. cryptokeys, over customary 25 telecommunication media from a central station to a plurality of users, where the consequences of forcing a key will be limited and where it will be possible to discover any attempt, both in time and place, to break the key.
  • information e.g. cryptokeys
  • the key code for communication between the terminal and the central station consists of an open and a closed part, of which only the first is sent to the central station which, from the information obtained, determines the closed part and with the aid of it enciphers the transferred key word, deciphering in the terminal taking place with the aid of the closed, untransmitted part of the code.
  • the drawing illustrates a terminal T in accordance with the invention, in which, with the aid of a code a key word from a central station C, can be obtained without analysis by listening being possible.
  • the terminal contains four registers Al, Bl, A2, B2 for storing the code, which is divided into two parts. One part, called the open part in continuation, and which is to be transmitted to the central station is stored in the registers Al, Bl, while the registers A2, B2 are intended for storing the so-called closed part, which is not transmitted.
  • the central station C contains a data memory DM with memory fields Fl, F2, etc., each intended for one of the codes being used, the code being stored divided into four partial fields corresponding to the registers Al, Bl, A2, B2 in the terminals.
  • the memory DM also contains a memory field FR for storing the key word which is to be transmitted to a terminal from which an authorized user has sent the code.
  • a conventional electronic control circuit SK is used for reading from the memory DM and for remaining control functions in the central station.
  • the code may comprise a part registered on an information carrier such as a plastic card, and a memorized part known solely to the user. According to the embodiment, it is assumed that both the registered and the memorized part are included in both the open and the closed part of the code. If the part registered on the card consists of the binary words 11100110 and 1001, the first word is included in the closed part and is written into the register A2 and the second word is included in the open part and is written into the register Al. If the memorized part consists of the binary words 0111 and 00 the first word is included in the closed part and is written into the register B2, while the second word is included in the open part and is written into the register Bl.
  • the content of the register Al is sent at first through the telecommunication connection SMT-SMC to the central station, where it is written into a register RA and is compared in a comparator circuit JKA with the partial memory field Al in all fields Fl, F2 etc. under the control of the circuit SK. If there is agreement, e.g. in the memory field Fl, the scanning is stopped, and the comparator circuit JKA sends a signal to the terminal where the gate Gl is opened for transferring the content of the register Bl to the central station. A random number is simultaneously sent from a counter TGC in the central station to a memory TGT in the terminal and the counter is stopped.
  • the content of the register Bl is written into the central station register RB and is compared in a comparator circuit JKB with the content in the register Bl in the partial field Fl. If agreement is found, which is a sign that the user is authorized to receive information, the comparator circuit JKB activates the feed-out of the key word from the memory location FR and also feed-out of the partial fields A2 and B2 to an enciphering device KRC.
  • This device can use optional mathematical functions for enciphering and contains the necessary electronic circuits, e.g. multiplication circuits, for the functions, which may vary for different users. However, for the sake of simplicity there is described here an example of an enciphering device which contains adding circuits AD1, AD2, AD3.
  • the key word from the field FR and the code word from the partial field A2 corresponds to the content of the register A2 in the terminal, and this will enable decoding in the terminal deciphering device KRT by a corresponding addition carried out in the central station.
  • the content of the register A2 included in the closed part of the code thus does not need to be transferred from the terminal. In principle, this form of coding and decoding would already enable a secret transfer without risk of analysis, in accordance with the basic conception of the invention.
  • the adding circuit AD2 of the encipheirng device KRC there is a further addition in the adding circuit AD2 of the encipheirng device KRC between the word enciphered in the adding circuit ADl and the content of the partial field B2 corresponding to the content of the register B2 in the terminal.
  • the content of the register B2 is added in the adding circuit AD2 of the decryption device to the enciphered message obtained by two additions.
  • the random number 0001 in the counter TGC is added to the enciphered information obtained from the adding circuit AD2 in the central station adding circuit AD 3.
  • the random number stored in the terminal memory TGT is added in the corresponding adding circuit AD3 in the decryption device KRT to the information coming over the line.
  • the result of the processes is indicated on the drawing for the illustrated practical embodiment. It is obvious that by introducing further coding with a random number there is obtained further security against possible analysis of the code.
  • the basic principle of the invention is that the closed code associated with the calling code and comprising one or more parts is never transferred on the line but is read in the central station with guidance from the open part of the code for use in encoding.

Abstract

Le terminal (T) comporte un registre formé de deux parties (A1, B1, et A2, B2) pour écrire un mot de passe composé d'une première et d'une seconde partie, ainsi qu'un organe de transmission pour expédier la première partie du mot de passe à la station centrale. La station possède une mémoire (DM) contenant à la fois la première et la seconde parties de tous les mots de passe utilisés, ainsi que l'information secrète qui doit être envoyée. A la réception de la première partie du mot de passe, la seconde partie associée à celle-ci est envoyée de la mémoire de données (DM) à un dispositif de chiffrage (KRC) avec l'information secrète afin de la chiffrer et d'envoyer l'information chiffrée au terminal. Le terminal comporte un dispositif de déchiffrage (KRT) qui, en même temps qu'il obtient l'information chiffrée de la station centrale, obtient la seconde partie du mot de passe grâce au registre du terminal lui-même, si bien que le message peut être déchiffré.
PCT/SE1984/000165 1983-05-05 1984-05-03 Appareil pour transferer une information secrete d'une station centrale a un terminal WO1984004639A1 (fr)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
SE8302627A SE8302627A0 (sv) 1983-05-05 1983-05-05 Kryptosystem

Publications (1)

Publication Number Publication Date
WO1984004639A1 true WO1984004639A1 (fr) 1984-11-22

Family

ID=20351126

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE1984/000165 WO1984004639A1 (fr) 1983-05-05 1984-05-03 Appareil pour transferer une information secrete d'une station centrale a un terminal

Country Status (5)

Country Link
EP (1) EP0145737A1 (fr)
ES (1) ES532199A0 (fr)
IT (1) IT8420819A0 (fr)
SE (1) SE8302627A0 (fr)
WO (1) WO1984004639A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0018129A1 (fr) * 1979-04-02 1980-10-29 Motorola, Inc. Procédé pour assurer les données sur une voie de transmission
US4283599A (en) * 1979-01-16 1981-08-11 Atalla Technovations Method and apparatus for securing data transmissions
US4288659A (en) * 1979-05-21 1981-09-08 Atalla Technovations Method and means for securing the distribution of encoding keys

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4283599A (en) * 1979-01-16 1981-08-11 Atalla Technovations Method and apparatus for securing data transmissions
EP0018129A1 (fr) * 1979-04-02 1980-10-29 Motorola, Inc. Procédé pour assurer les données sur une voie de transmission
US4288659A (en) * 1979-05-21 1981-09-08 Atalla Technovations Method and means for securing the distribution of encoding keys

Also Published As

Publication number Publication date
EP0145737A1 (fr) 1985-06-26
ES8507302A1 (es) 1985-02-01
SE8302627D0 (sv) 1983-05-05
SE8302627L (fr)
IT8420819A0 (it) 1984-05-04
SE8302627A0 (sv) 1984-11-07
ES532199A0 (es) 1985-02-01

Similar Documents

Publication Publication Date Title
US3798360A (en) Step code ciphering system
US4484025A (en) System for enciphering and deciphering data
US5402490A (en) Process for improving public key authentication
US5960086A (en) Unified end-to-end security methods and systems for operating on insecure networks
EP0123360B1 (fr) Procédé de distribution et d'utilisation de clés de chiffrage
US5564106A (en) Method for providing blind access to an encryption key
US6529886B1 (en) Authenticating method for an access and/or payment control system
CZ9700881A3 (cs) Způsob zajiątění identifikace pohyblivého uľivatele v komunikačním systému a přenosný vstupní přístroj k provádění tohoto způsobu
JPH04213242A (ja) 限定同報通信システム
JPH05227152A (ja) 機密通信リンクを確立する方法および装置
KR19990045057A (ko) 암호화 정보 액세스 방법, 복호화 모듈 및 통신 시스템
GB2047506A (en) Method and apparatus for securing data transmissions
EP1040630A1 (fr) Transmission de donnees
CH656761A5 (de) Datenuebertragungsanlage, die eine verschluesselungs/entschluesselungs-vorrichtung an jedem ende wenigstens einer datenverbindung aufweist.
CA2695019A1 (fr) Procede et systeme pour le cryptage de donnees
CZ283178B6 (cs) Způsob mezibodových komunikací v bezpečných komunikačních systémech
CN109190404A (zh) 一种数据脱敏系统
WO2018186543A1 (fr) Procédé et système de chiffrement de données utilisant une clé d'authentification de dispositif
US6081703A (en) Communication system including debiting provisions for communicating with a subsystem that charges a fee
EP0018129B1 (fr) Procédé pour assurer les données sur une voie de transmission
EP0959584A2 (fr) Procédé de transmission sécurisée de données
JPS61228745A (ja) デ−タ拡散方法およびそのシステム
JPH11122238A (ja) ネットワークシステム
WO1984004639A1 (fr) Appareil pour transferer une information secrete d'une station centrale a un terminal
US20010009583A1 (en) Secret key registration method, secret key register, secret key issuing method, cryptographic communication method and cryptographic communication system

Legal Events

Date Code Title Description
AK Designated states

Designated state(s): DK FI JP NO US

AL Designated countries for regional patents

Designated state(s): BE CH DE FR GB NL