CHOSEN-PLAINTEXT SECURE CRYPTOSYSTEM AND AUTHENTICATION
20230096233 · 2023-03-30
Inventors
Cpc classification
H04L9/085
ELECTRICITY
H04L9/0656
ELECTRICITY
H04L9/002
ELECTRICITY
International classification
H04L9/32
ELECTRICITY
H04L9/06
ELECTRICITY
Abstract
Aspects and features of a cryptosystem and authentication for the cryptosystem, and a method or process for the cryptosystem, are described. In one example, a method for cryptographic communications includes storing a secret key, generating a system randomization number, and encrypting a plain data package into an encrypted data package by application of the plain data package, the secret key, and the system randomization number to a system of equations for encryption. The system of equations can be a system of linearly dependent equations in one example. Among other benefits, the cryptosystem relies upon the system of linearly dependent equations and the system randomization number to provide additional strength against known-plaintext attacks, chosen-plaintext attacks, and other types of attacks. The system is more semantically secure and offers ciphertext indistinguishability in a new approach using the system of linearly dependent equations.
Claims
1. A method for cryptographic communications, comprising: storing a secret key; generating a randomization number; encrypting, by a first computing device, a plain data package into an encrypted data package by application of the plain data package, the secret key, and the randomization number to a system of equations for encryption; and communicating the encrypted data package to a second computing device.
2. The method according to claim 1, wherein the system of equations comprises a system of linearly dependent equations.
3. The method according to claim 1, wherein: the secret key comprises a set of secret key packages; the randomization number comprises a set of random number packages; and encrypting the plain data package comprises applying the plain data package, the set of secret key packages, and the set of random number packages to the system of equations for encryption.
4. The method according to claim 1, further comprising dividing plain data comprising the plain data package into a set of plain data packages for encryption.
5. The method according to claim 4, further comprising dividing the secret key into a set of secret key packages.
6. The method according to claim 5, further comprising dividing the randomization number into a set of random numbers.
7. The method according to claim 6, further comprising encrypting the set of plain data packages into sets of encrypted data packages by applying the set of plain data packages, the secret key packages, and the set of random numbers to the system of equations for encryption.
8. The method according to claim 1, wherein: x is the plain data package; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, and k.sub.3; the randomization number comprises a set of random number packages r.sub.1 and r.sub.2; and the system of equations for encryption comprises:
(k.sub.1+r.sub.1)⊕k.sub.2=m.sub.1,
(x+r.sub.2)⊕k.sub.3=m.sub.2, and
r.sub.1+r.sub.2=m.sub.3, where the encrypted data package comprises m.sub.1, m.sub.2, m.sub.3.
9. The method according to claim 1, wherein: x is the plain data package; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, k.sub.3, k.sub.4, k.sub.5, k.sub.6, k.sub.7, k.sub.8, and k.sub.9; the randomization number comprises a set of random number packages r.sub.1, r.sub.2, r.sub.3, and r.sub.4; and the system of equations for encryption comprises:
(k.sub.1++r.sub.3)⊕k.sub.2+k.sub.4=m.sub.1,
(x+r.sub.2+r.sub.4)⊕k.sub.3+k.sub.5=m.sub.2,
(r.sub.1+r.sub.2)⊕k.sub.6+k.sub.7=m.sub.3, and
(r.sub.3+r.sub.4)⊕k.sub.8+k.sub.9=m.sub.4, where the encrypted data package comprises m.sub.1, m.sub.2, m.sub.3, and m.sub.4.
10. The method according to claim 1, wherein the secret key is shared between the first computing device and the second computing device.
11. The method according to claim 1, further comprising decrypting, by the second computing device, the encrypted data package to the plain data package, by application of the encrypted data package and the secret key to an equation for decryption.
12. The method according to claim 11, wherein: x is the plain data package; the encrypted data package comprises m.sub.1, m.sub.2, and m.sub.3; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, and k.sub.3; and the equation for decryption comprises:
x=m.sub.1⊕k.sub.2+m.sub.2⊕k.sub.3−k.sub.1−m.sub.3.
13. The method according to claim 11, wherein: x is the plain data package; the encrypted data package comprises the numbers m.sub.1, m.sub.2, m.sub.3, and m.sub.4; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, k.sub.3, k.sub.4, k.sub.5, k.sub.6, k.sub.7, k.sub.8, and k.sub.9; and the equation for decryption comprises:
x=(m.sub.1−k.sub.4)⊕k.sub.2+(m.sub.2−k.sub.5)⊕k.sub.3−(m.sub.3−k.sub.7)⊕k.sub.6−(m.sub.4−k.sub.9)⊕k.sub.8−k.sub.1.
14. A computing device for cryptographic communications, comprising: a memory device configured to store computer-readable instructions thereon; and a processing device configured, through execution of the computer-readable instructions, to: generate a randomization number; encrypt a plain data package into an encrypted data package by application of the plain data package, a secret key, and the randomization number to a system of equations for encryption; and communicate the encrypted data package to a second computing device.
15. The computing device according to claim 14, wherein the system of equations comprises a system of linearly dependent equations.
16. The computing device according to claim 14, wherein: the secret key comprises a set of secret key packages; the randomization number comprises a set of random number packages; and the processing device is further configured to apply the plain data package, the set of secret key packages, and the set of random number packages to the system of equations for encryption.
17. The computing device according to claim 14, wherein the processing device is further configured to divide plain data comprising the plain data package into a set of plain data packages for encryption.
18. The computing device according to claim 17, wherein the processing device is further configured to divide the secret key into a set of secret key packages.
19. The computing device according to claim 18, wherein the processing device is further configured to divide the randomization number into a set of random numbers.
20. The computing device according to claim 19, wherein the processing device is further configured to encrypt the set of plain data packages into sets of encrypted data packages by applying the set of plain data packages, the secret key packages, and the set of random numbers to the system of equations for encryption.
21. The computing device according to claim 14, wherein: x is the plain data package; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, and k.sub.3; the randomization number comprises a set of random number packages r.sub.1 and r.sub.2; and the system of equations for encryption comprises:
(k.sub.1+r.sub.1)⊕k.sub.2=m.sub.1,
(x+r.sub.2)⊕k.sub.3=m.sub.2, and
r.sub.1+r.sub.2=m.sub.3, where the encrypted data package comprises m.sub.1, m.sub.2, m.sub.3.
22. The computing device according to claim 14, wherein: x is the plain data package; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, k.sub.3, k.sub.4, k.sub.5, k.sub.6, k.sub.7, k.sub.8, and k.sub.9; the randomization number comprises a set of random number packages r.sub.1, r.sub.2, r.sub.3, and r.sub.4; and the system of equations for encryption comprises:
(k.sub.1+r.sub.1+r.sub.3)⊕k.sub.2+k.sub.4=m.sub.1,
(x+r.sub.2+r.sub.4)⊕k.sub.3+k.sub.5=m.sub.2,
(r.sub.1+r.sub.2)⊕k.sub.6+k.sub.7=m.sub.3, and
(r.sub.3+r.sub.4)⊕k.sub.8+k.sub.9=m.sub.4, where the encrypted data package comprises m.sub.1, m.sub.2, m.sub.3, and m.sub.4.
23. The computing device according to claim 14, wherein the secret key is shared between the computing device and the second computing device.
24. A computing device for cryptographic communications, comprising: a memory device configured to store computer-readable instructions thereon; and a processing device configured, through execution of the computer-readable instructions, to decrypt an encrypted data package to a plain data package, by application of the encrypted data package and a secret key to an equation for decryption, wherein: x is the plain data package; the encrypted data package comprises m.sub.1, m.sub.2, and m.sub.3; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, and k.sub.3; and the equation for decryption comprises:
x=m.sub.1⊕k.sub.2+m.sub.2⊕k.sub.3−k.sub.1−m.sub.3.
25. A computing device for cryptographic communications, comprising: a memory device configured to store computer-readable instructions thereon; and a processing device configured, through execution of the computer-readable instructions, to decrypt an encrypted data package to a plain data package, by application of the encrypted data package and a secret key to an equation for decryption, wherein: x is the plain data package; the encrypted data package comprises m.sub.1, m.sub.2, m.sub.3, and m.sub.4; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, k.sub.3, k.sub.4, k.sub.5, k.sub.6, k.sub.7, k.sub.8, and k.sub.9; and the equation for decryption comprises:
x=(m.sub.1−k.sub.4)⊕k.sub.2+(m.sub.2−k.sub.5)⊕k.sub.3−(m.sub.3−k.sub.7)⊕k.sub.6−(m.sub.4−k.sub.9)⊕k.sub.8−k.sub.1.
26. A non-transitory computer readable medium storing computer-readable instructions thereon that, when executed by a processing device, direct the processing device to: generate a randomization number; encrypt a plain data package into an encrypted data package by application of the plain data package, a secret key, and the randomization number to a system of equations for encryption; and communicate the encrypted data package to a second computing device.
27. The non-transitory computer readable medium according to claim 26, wherein the system of equations comprises a system of linearly dependent equations.
28. The non-transitory computer readable medium according to claim 26, wherein: the secret key comprises a set of secret key packages; the randomization number comprises a set of random number packages; and the instructions further direct the processing device to apply the plain data package, the set of secret key packages, and the set of random number packages to the system of equations for encryption.
29. The non-transitory computer readable medium according to claim 26, wherein the instructions further direct the processing device to divide plain data comprising the plain data package into a set of plain data packages for encryption.
30. The non-transitory computer readable medium according to claim 29, wherein the instructions further direct the processing device to divide the secret key into a set of secret key packages.
31. The non-transitory computer readable medium according to claim 30, wherein the instructions further direct the processing device to divide the randomization number into a set of random numbers.
32. The non-transitory computer readable medium according to claim 31, wherein the instructions further direct the processing device to encrypt the set of plain data packages into sets of encrypted data packages by applying the set of plain data packages, the secret key packages, and the set of random numbers to the system of equations for encryption.
33. The non-transitory computer readable medium according to claim 26, wherein: x is the plain data package; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, and k.sub.3; the randomization number comprises a set of random number packages r.sub.1 and r.sub.2; and the system of equations for encryption comprises:
(k.sub.1+r.sub.1)⊕k.sub.2=m.sub.1,
(x+r.sub.2)⊕k.sub.3=m.sub.2, and
r.sub.1+r.sub.2=m.sub.3, where the encrypted data package comprises m.sub.1, m.sub.2, m.sub.3.
34. The non-transitory computer readable medium according to claim 26, wherein: x is the plain data package; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, k.sub.3, k.sub.4, k.sub.5, k.sub.6, k.sub.7, k.sub.8, and k.sub.9; the randomization number comprises a set of random number packages r.sub.1, r.sub.2, r.sub.3, and r.sub.4; and the system of equations for encryption comprises:
(k.sub.1+r.sub.1+r.sub.3)⊕k.sub.2+k.sub.4=m.sub.1,
(x+r.sub.2+r.sub.4)⊕k.sub.3+k.sub.5=m.sub.2,
(r.sub.1+r.sub.2)⊕k.sub.6+k.sub.7=m.sub.3, and
(r.sub.3+r.sub.4)⊕k.sub.8+k.sub.9=m.sub.4, where the encrypted data package comprises m.sub.1, m.sub.2, m.sub.3, and m.sub.4.
35. A non-transitory computer readable medium storing computer-readable instructions thereon that, when executed by a processing device, direct the processing device to: decrypt an encrypted data package to a plain data package, by application of the encrypted data package and a secret key to an equation for decryption, wherein: x is the plain data package; the encrypted data package comprises m.sub.1, m.sub.2, and m.sub.3; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, and k.sub.3; and the equation for decryption comprises:
x=m.sub.1⊕k.sub.2+m.sub.2⊕k.sub.3−k.sub.1−m.sub.3.
36. A non-transitory computer readable medium storing computer-readable instructions thereon that, when executed by a processing device, direct the processing device to: decrypt an encrypted data package to a plain data package, by application of the encrypted data package and a secret key to an equation for decryption, wherein: x is the plain data package; the encrypted data package comprises m.sub.1, m.sub.2, m.sub.3, and ma; the secret key comprises a set of secret key packages k.sub.1, k.sub.2, k.sub.3, k.sub.4, k.sub.5, k.sub.6, k.sub.7, k.sub.8, and k.sub.9; and the equation for decryption comprises:
x=(m.sub.1−k.sub.4)⊕k.sub.2+(m.sub.2−k.sub.5)⊕k.sub.3−(m.sub.3−k.sub.7)⊕k.sub.6−(m.sub.4−k.sub.9)⊕k.sub.8−k.sub.1.
37. A method for cryptographic authentication, comprising: registering a first computing device with an authentication system; registering a second computing device with the authentication system; obtaining, by the authentication system, a first authentication credential from the first computing device; obtaining, by the authentication system, a second authentication credential from the second computing device; and operating, by the authentication system, on the first authentication credential and on the second authentication credential, to generate a combined credential for the first computing device and the second computing device.
38. The method for cryptographic authentication according to claim 37, further comprising: receiving, by the authentication system, an identity credential from the first computing device; generating a verification credential for the second computing device based on the identity credential and the combined credential; and communicating the verification credential to the second computing device.
39. A method for cryptographic communications with authentication, comprising: generating an identity number; combining plain data with the identity number, to generate identified data; encrypting, by a first computing device, the identified data into an encrypted data package by application of the identified data, a secret key, and a randomization number to a system of equations for encryption; and communicating the encrypted data package to a second computing device.
40. The method for cryptographic communications according to claim 39, further comprising: preparing, by the first computing device, an identity credential based on a combination of an authentication identifier of the first computing device and the identity number; and communicating, by the first computing device, the identity credential to an authentication system.
Description
BRIEF DESCRIPTION OF THE DRAWINGS
[0019] Many aspects of the present disclosure can be better understood with reference to the following drawings. The components in the drawings are not necessarily to scale, with emphasis instead being placed upon clearly illustrating the principles of the disclosure. Moreover, in the drawings, like reference numerals designate corresponding parts throughout the several views.
[0020]
[0021]
[0022]
[0023]
[0024]
[0025]
DETAILED DESCRIPTION
[0026] As noted above, cryptography is related to the study of protocols, techniques, and approaches that prevent third parties from accessing, reading, and/or interpreting the communication of secret data between parties. Among others, asymmetric key algorithms and symmetric key algorithms are two well-known approaches in cryptography.
[0027] Public-key or asymmetric key algorithms rely upon public/private key pairs. The public key can be distributed widely, and the private key is held by one user or party as a secret. Security in an asymmetric cryptography system relies upon maintaining the privacy of the private key, but the public key can be distributed without compromising security. Asymmetric cryptosystems are based on complexity but can, theoretically, be cracked, broken, and decrypted. For example, the Rivest-Shamir-Adleman (RSA) cryptosystem, the elliptic curve cryptography (ECC) cryptosystem, and other asymmetric (and even some symmetric) methods of secure key exchange can be cracked.
[0028] Symmetric key algorithms rely upon a single key for both encryption and decryption processes. Symmetric key algorithms are generally more complex, secure, and difficult to break than asymmetric key algorithms. Some symmetric key algorithms are considered virtually unbreakable, even using quantum computing devices. In terms of processing demands, symmetric key algorithms are also relatively less demanding and, thus, faster and cheaper to implement. Symmetric key algorithms are often used for the encryption and decryption of significant amounts of data where strong cryptography is desired. There are many different symmetric key algorithms, such as the data encryption standard (DES), advanced encryption standard (AES), international data encryption algorithm (IDEA), and the RC4 and RC5 stream cipher algorithms, among others.
[0029] However, like asymmetric cryptosystems, symmetric cryptosystems can also be subject to attack and, in some cases, broken and decrypted. Various weaknesses of asymmetric and symmetric cryptosystems are known in the field. Known-plaintext and chosen-plaintext attacks, among other approaches, can be used by attackers to evaluate weaknesses in and defeat cryptosystems. In a known-plaintext or chosen-plaintext attack, the attacker either a priori knows—or even choses—the blocks of plaintext data corresponding to the encrypted cyphertext blocks. The cyphertext blocks can then be analyzed in connection with the plaintext blocks, in an attempt to determine the cryptographic key or other operational aspects of the cryptosystem, which can then be used to further attack the cryptosystems or even decrypt other messages.
[0030] The embodiments described herein are directed to aspects and features of a new cryptosystem. The cryptosystem provides certain improvements as compared to conventional techniques. In one aspect, the cryptosystem relies upon a system of linearly dependent equations and a system randomization number to provide additional strength against known-plaintext attacks, chosen-plaintext attacks, and other types of attacks. The system is more semantically secure and offers ciphertext indistinguishability in a new approach using the system of linearly dependent equations, randomization numbers, authentication numbers, and other aspects. The system is also suitable for use with identity authentication techniques, and a centralized authentication system and processes performed by the authentication system are also described herein.
[0031] In one example, a method for cryptographic communications includes storing a secret key, generating a system randomization number, and encrypting a plain data package into an encrypted data package by application of the plain data package, the secret key, and the system randomization number to a system of equations for encryption. The system of equations can be a system of linearly dependent equations in one example. Among other benefits, the cryptosystem relies upon the system of linearly dependent equations and the system randomization number to provide additional strength against known-plaintext attacks, chosen-plaintext attacks, and other types of attacks. The system is more semantically secure and offers ciphertext indistinguishability in a new approach using the system of linearly dependent equations. Additional features and benefits of the embodiments are described in further detail below.
[0032] Turning to the drawings,
[0033] The authentication system 100 can be embodied as one or more computing environments, computer systems, computing devices, or processing systems or devices. The authentication system 100 can include one or more computing devices arranged, for example, in one or more server or computer banks. The computing device or devices can be located at a single installation site or distributed among different geographical locations. The authentication system 100 can include a plurality of computing devices that together embody a hosted computing resource, a grid computing resource, or other distributed computing arrangement. In some cases, the authentication system 100 can be embodied as an elastic computing resource where an allotted capacity of processing, network, storage, or other computing-related resources varies over time. As further described below, the authentication system 100 can also be embodied, in part, as certain functional or logical (e.g., computer-readable instruction) elements or modules. Those elements can be executed to direct the authentication system 100 to act as an authentication or identity-verification system in the networked environment 10, as described in further detail below.
[0034] As also shown in
[0035] The network 150 can include the Internet, intranets, extranets, wide area networks (WANs), local area networks (LANs), wired networks, wireless networks, cable networks, satellite networks, other suitable networks, or any combinations thereof. As one example, the authentication system 100 and the computing devices 160-164 can be respectively coupled to one or more public or private LANs or WANs and, in turn, to the Internet for communication of data among each other. Although not shown in
[0036] In the networked environment 10, the authentication system 100 and the computing devices 160-164 can communicate data among each other using one or more network transfer protocols or interconnect frameworks, such as hypertext transfer protocol (HTTP), simple object access protocol (SOAP), representational state transfer (REST), real-time transport protocol (RTP), real time streaming protocol (RTSP), real time messaging protocol (RTMP), user datagram protocol (UDP), internet protocol (IP), transmission control protocol (TCP), other protocols and interconnect frameworks, and combinations thereof.
[0037] As noted above, the authentication system 100 and the computing devices 160-164 can communicate data between each other over the network 150. The data can be sensitive in many cases, such as when account numbers, passwords, identifying information (e.g., full names, addresses, social security numbers, etc.), and other sensitive data is communicated. In that context, the cryptographic concepts and processes described herein can be relied upon to securely share secret data between and among the authentication system 100 and the computing devices 160-164 over the network 150.
[0038] The computing devices 160-164 are representative of various types of computing devices, processing devices, and/or processor-based device or systems, including those in the form of a server computer, desktop computer, a laptop computer, a tablet computer, a personal digital assistant, a cellular telephone, a wearable computing device, a set-top box, and other example computing devices and systems. Each of the computing devices 160-164 can include one or more processors or processing devices, cryptographic trusted platform modules (TPMs), memory devices, local interfaces, various peripheral devices, and other components. The peripheral devices can include input or communications devices or modules, such as keyboards, keypads, touch pads, touch screens, microphones, cameras, network communications interfaces, wireless network communications modules (e.g., infra-red, WI-FI®, or BLUETOOTH®), buttons, switches, sensors, etc. The peripheral devices can also include a display, indicator lights, speakers, global positioning system (GPS) circuitry, accelerometers, gyroscopes, and other peripheral devices.
[0039] As shown in
[0040] The application 180 is an example of one application program executable on the computing device 160. The computing device 160 can host and execute any number of applications concurrently, as would be understood in the field of computing. As one example, the application 180 can be embodied as a hypertext-based network browser, such as the Internet Explorer®, Firefox®, Chrome®, Safari®, or Silk® browsers, among other types of browsers. Additionally or alternatively, the application 180 can be embodied as an e-mail client, messaging client, or other application(s) for other purpose(s). In any case, when executed on the computing device 160, the application 180 can receive user input and data, process data, interpret and render various interfaces on display devices, and conduct other processes and tasks. As shown in
[0041] The computing device 161 includes a data store 175 and an application 190. The data store 175 can be embodied as any suitable type of memory and can be used to store data and data files, including sensitive or secret data, executable code, and other information. The application 190 is an example of one application program executable on the computing device 161. The computing device 161 can host and execute any number of applications concurrently, as would be understood in the field of computing. As one example, the application 190 can be embodied as a hypertext-based network browser, such as the Internet Explorer®, Firefox®, Chrome®, Safari®, or Silk® browsers, among other types of browsers. Additionally or alternatively, the application 190 can be embodied as an e-mail client, messaging client, or other application(s) for other purpose(s). In any case, when executed on the computing device 161, the application 190 can receive user input and data, process data, interpret and render various interfaces on display devices, and conduct other processes and tasks. As shown in
[0042]
[0043] As also shown in
[0044] The secret keys 171 and 176 can be a key for cryptographic operations, stored respectively by the computing devices 160 and 161. As one example, the secret keys 171 and 176 can be the same, common key K. The key K can be identical at both the computing devices 160 and 161, or a relatively simple transformation can exist between the secret key 171 and the secret key 176. In one example, the key K can be a symmetric key, and it can be generated by a TPM of either of the computing devices 160 and 161 and shared between the computing devices 160 and 161 using asymmetric keys, during an authentication process between the computing devices 160 and 161, with the authentication system 100, or in another way using other suitable techniques. However, the key K can be generated and exchanged in other suitable ways.
[0045] The authentication identifiers 172 and 177 can be unique identifiers of the computing devices 160 and 161, respectively. As described below with reference to
[0046] The plain data 173 and 178 can be any unencrypted data stored by the computing devices 160 and 161, respectively, for secure communication between the computing devices 160 and 161. The plain data 173 and 178 may be referred to as “plaintext,” for example, data in the field of cryptography. The plain data 173 and 178 can be organized in any suitable way, and the computing devices 160 and 161 can process the plain data 173 and 178 in any suitable chunks, such as blocks of bits of any size. Although several examples are provided of the secure communication of the plain data 173 from the computing device 160 to the computing device 161, the computing device 161 can also securely communicate the plain data 178 to the computing device 160.
[0047] The cryptography engine 182 of the computing device 160 is configured to perform a number of different operations that facilitate secure communications. Similarly, the cryptography engine 192 of the computing device 161 is configured to perform a number of different operations that facilitate secure communications. The operations of the cryptography engines 182 and 192 are described in further detail below.
[0048] The cryptography engines 182 and 192 can rely, in part, on the generation of random numbers for certain cryptographic operations. Thus, the number generators 184 and 194 of the computing devices 160 and 161 can be embodied as random number generators, respectively, for the cryptography engines 182 and 192. Each of the number generators 184 and 194 can be configured to generate a number of different random numbers, over time. The random numbers can be generated in any suitable bit length, uniformly distributed in bit values in a string of bits, uniformly distributed as compared to each other, and carry other attributes. The cryptography engines 182 and 192 can request and obtain random numbers from the number generators 184 and 194 at any time in the cryptographic processes described herein. Random numbers generated by the number generators 184 and 194 can be relied upon to provide semantic security, ciphertext indistinguishability, protect or obscure the secret keys 171 and 176, protect or obscure the authentication identifiers 172 and 177, protect the integrity of the cryptographic operations performed by the computing devices 160 and 161, and add other benefits to the embodiments.
[0049] Turning to an operational example, the computing device 160 can securely communicate the plain data 173 to the computing device 161 over the network 150. Before communicating the plain data 173, the cryptography engine 182 can encrypt the plain data 173 using a system of equations for encryption, the secret key K 171, and a randomization number R generated by the number generator 184. In one example, the system of equations can be a system of linearly dependent equations. The system of equations can include three equations and rely upon three random number packages as described in further detail below. In another example, the system of equations can include four equations and rely upon four random number packages. However, the system of equations is not limited to any particular size or complexity, and other, larger systems can be relied upon. For decryption, the cryptography engine 192 of the computing device 161 can rely upon a system of equations for decryption, which is also described in further detail below.
[0050] The cryptography engine 182 can be configured to format, divide, or segment the plain data 173, the randomization number R, the secret key K 171, and possibly other data, into segmented data chunks or packages suitable for operation using the system of equations. To that end, the cryptography engine 182 is configured to divide or separate the plain data X.sub.S 173 into segmented plain data packages x.sub.i, as follows:
X.sub.S={x.sub.1,x.sub.2, . . . ,x.sub.m}. (1)
[0051] Each of the segmented plain data packages x.sub.i can be two bytes in length in one example, although the size of each x.sub.i, in bits, can vary based on the type(s) of processors used in the computing devices 160 and 161, among other factors. Example bit sizes for each segmented plain data package x.sub.i are described in detail below. The number of plain data packages x.sub.i, on the other hand, depends on the amount of data to be securely communicated.
[0052] The cryptography engine 182 is also configured to divide or segment the secret key K 171 into segmented secret key packages k.sub.i, as follows:
K={k.sub.i}.sub.i=1.sup.n. (2)
[0053] Each of the segmented secret key packages k.sub.i can be two bytes in length in one example, although the size of each k.sub.i can vary based on the type(s) of processors used in the computing devices 160 and 161, among other factors. Example bit sizes for the secret key packages k.sub.i are described in detail below.
[0054] As also described below, when using a system of three equations (e.g., the Equations (4)), the cryptography engine 182 of the computing device 160 can operate with three (3) segmented secret key packages k.sub.1, k.sub.2, and k.sub.3 for each data package x.sub.i. When using a system of four equations (e.g., the Equations (5)), the cryptography engine 182 can operate with nine (9) segmented secret key packages k.sub.1-k.sub.9 for each data package x.sub.i, and other numbers of secret key packages can be relied upon for other systems of linear equations. The full size of the secret key K 171 in bits, before being segmented, can thus depend on a number of factors, including the type(s) of processors used in the computing devices 160 and 161, the system of equations used, and other factors. Both the computing device 160 and the computing device 161 share (i.e., know and store) the same secret key K. That is, the secret key K 171, which is stored by the computing device 160, and the secret key K 176, which is stored by the computing device 161, are the same secret key K, and the computing devices 160 and 161 can exchange the secret key K with each other in any suitable way.
[0055] The cryptography engine 182 can also direct the number generator 184 to generate a random number R, and the random number R can serve as a randomization number. The random number R can be a uniformly distributed random number in one example. The cryptography engine 182 is also configured to divide or segment the random number R into a set of random number packages r.sub.l, as follows:
R={r.sub.l}.sub.l=1.sup.p. (3)
[0056] Each r.sub.l can also be two bytes in length in one example, although the size can vary based on the type(s) of processors used in the computing devices 160 and 161, among other factors. Example bit sizes for each random number package r.sub.l are described in detail below. As also described below, when using a system of three equations, the cryptography engine 182 of the computing device 160 can operate with a set of two (2) random number packages r.sub.1 and r.sub.2 for each data package x.sub.i. When using a system of four equations, the cryptography engine 182 can operate with a set of four (4) random number packages r.sub.1-r.sub.4 for each data package x.sub.i. The full size of the random or randomization number R in bits, before being segmented, can thus depend on a number of factors, including the type(s) of processors used in the computing devices 160 and 161, the system of equations used, and other factors.
[0057] The plain data packages x.sub.i, the secret key packages k.sub.i, and the random number packages r.sub.l can be stored in the data store 170, as needed, for further processing by the cryptography engine 182. The cryptography engine 182 is also configured to apply or process the plain data packages x.sub.i, the secret key packages k.sub.i, and the random number packages r.sub.l to the system of equations for encryption. For the three equation system, one example of the system of equations (“Equations (4)”) is as follows:
(k.sub.1+r.sub.1)⊕k.sub.2=m.sub.1,
(x.sub.i+r.sub.2)⊕k.sub.3=m.sub.2, and
r.sub.1+r.sub.2=m.sub.3, where (4)
⊕ is logical XOR and m.sub.1, m.sub.2, and m.sub.3 are parts or segments of an encrypted data package M.sub.i. The values of m.sub.1, m.sub.2, and m.sub.3 can be concatenated or strung together as a single encrypted data package M.sub.i, which corresponding to the plain data package x.sub.i (i.e., M.sub.i is the ciphertext of the x.sub.i plaintext). The computing device 160 can securely communicate the encrypted bit package M.sub.i to the computing device 161 over the network 150.
[0058] After processing the plain data package x.sub.1 to obtain the encrypted data package M.sub.1, the cryptography engine 182 can process subsequent plain data packages x.sub.2, x.sub.3, . . . x.sub.m, in turn, using the system of Equations (4), to generate the encrypted data packages M.sub.2, M.sub.3, . . . M.sub.m. In one case, the cryptography engine 182 can process the next plain data package x.sub.2, among others, with the same secret key packages k.sub.1, k.sub.2, and k.sub.3 and the same random numbers r.sub.1 and r.sub.2 as used for the plain data package x.sub.1. In another example, the cryptography engine 182 is configured to process each respective plain data package x.sub.i with the same set of secret key packages k.sub.1, k.sub.2, and k.sub.3 but with a different set of random numbers from the number generator 184. The use of a different set of random numbers for each plain data package x.sub.i can provide better semantic security and ciphertext indistinguishability. In still other examples, the cryptography engine 182 can process each respective plain data package x, with a different set of secret key packages, with a different set of random numbers, or with both a different set of secret key packages and a different set of random numbers. In any case, each of the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m can be communicated from the computing device 160 to the computing device 161, as shown in
[0059] For the four equation system, one example of the system of equations (“Equations (5)”) is as follows:
(k.sub.1+r.sub.1+r.sub.3)⊕k.sub.2+k.sub.4=m.sub.1,
(x.sub.i+r.sub.2+r.sub.4)⊕k.sub.3+k.sub.5=m.sub.2,
(r.sub.1+r.sub.2)⊕k.sub.6+k.sub.7=m.sub.3, and
(r.sub.3+r.sub.4)⊕k.sub.8+k.sub.9=m.sub.4, where (5)
[0060] ⊕ is logical XOR and m.sub.1, m.sub.2, m.sub.3, and m.sub.4 are parts or segments of an encrypted data package M. The values of and m.sub.1, m.sub.2, m.sub.3, and m.sub.4 can be concatenated or strung together as the encrypted data package M.sub.i corresponding to the plain data package x.sub.i, and the computing device 160 can securely communicate the encrypted data package M.sub.i to the computing device 161 over the network 150.
[0061] After the plain data package x.sub.1, the cryptography engine 182 can process subsequent plain data packages x.sub.1, x.sub.2, x.sub.3, . . . x.sub.m, in turn, using the system of Equations (5), to generate the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m. In one case, the cryptography engine 182 can process the next plain data package xz, among others, with the same secret key packages k.sub.1-k.sub.9 and the same random numbers r.sub.1-r.sub.4 as used for the plain data package x.sub.1. In another example, the cryptography engine 182 is configured to process each respective plain data package x.sub.i with the same secret key packages k.sub.1-k.sub.9 but with a different set of random numbers from the number generator 184. The use of a different set of random numbers for each plain data package x.sub.i can provide better semantic security and ciphertext indistinguishability. In still other examples, the cryptography engine 182 can process each respective plain data package x, with a different set of secret key packages, with a different set of random numbers, or with both a different set of secret key packages and a different set of random numbers. In any case, each of the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m can be communicated from the computing device 160 to the computing device 161, as shown in
[0062] The computing device 161 is configured to receive the encrypted data packages M.sub.2, M.sub.3, . . . M.sub.m from the computing device 160. The encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m can be stored in the data store 175 for further processing by the application 190. The cryptography engine 192 is configured to decrypt the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m, respectively, to recapture the plain data X.sub.S 173 communicated from the computing device 160.
[0063] First, the cryptography engine 192 is configured to segment or divide each of the encrypted data packages M.sub.m into segmented encrypted data packages and m.sub.1, m.sub.2, and m.sub.3. The cryptography engine 192 is also configured to segment or divide the secret key K 176 into segmented secret key packages k.sub.i, similar to Equation (2) above. The cryptography engine 192 is also configured to decrypt the segmented encrypted data packages and m.sub.1, m.sub.2, and m.sub.3 into a plain data package x.sub.i, according to an equation for decryption. If the Equations (4) were relied upon to generate the encrypted data packages M.sub.i, then the cryptography engine 192 is configured to decrypt each of the encrypted bit packages M.sub.i into a plain data package x.sub.i, according to the following equation:
x.sub.i=m.sub.1⊕k.sub.2+m.sub.2⊕k.sub.3−k.sub.1−m.sub.3. (6)
[0064] If the Equations (5) were relied upon to generate the encrypted data packages M.sub.i, then the cryptography engine 192 is configured to decrypt each of the encrypted data packages M.sub.i into a plain data package x.sub.i, according to the following equation:
x.sub.i=(m.sub.1−k.sub.4)⊕k.sub.2+(m.sub.2−k.sub.5)⊕k.sub.3−(m.sub.3−k.sub.7)⊕k.sub.6−(m.sub.4−k.sub.9)⊕k.sub.8−k.sub.1. (7)
[0065] By decrypting the packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m, respectively, into the plain data packages x.sub.1, x.sub.2, x.sub.3, . . . x.sub.m, the cryptography engine 192 is able to recapture the plain data X.sub.S from the computing device 160, by concatenating the plain data packages together. The plain data can be stored in the data store 175.
[0066]
[0067] At reference numeral 200, the process includes dividing, separating, or segmenting plain data into data packages. For example, the process can include the cryptography engine 182 dividing or separating the plain data X.sub.S 173 into plain data packages x.sub.1, x.sub.2, x.sub.3, . . . x.sub.m according to Equation (1) above, or by another suitable approach. Each of the plain data packages x, can be two bytes in length in one example, although the size of the data packages can vary based on the type(s) of processors used in the computing devices 160 and 161, among other factors.
[0068] At reference numeral 202, the process includes dividing, separating, or segmenting a secret key into a set of secret key packages. For example, the process can include the cryptography engine 182 dividing or separating the secret key K 171 into secret key packages k.sub.1, k.sub.2, k.sub.3, . . . k.sub.n according to Equation (2) above, or by another suitable approach. Each of the secret key packages k.sub.i can be two bytes in length in one example, although the size of the data packages can vary based on the type(s) of processors used in the computing devices 160 and 161, among other factors.
[0069] At reference numeral 204, the process includes generating a randomization number and segmenting the randomization number into a set of random numbers. For example, the process can include the cryptography engine 182 directing the number generator 184 to generate a randomization number R. The process can also include the cryptography engine 182 dividing or segmenting the randomization number R into a set of random number packages r.sub.1, r.sub.2, r.sub.3, . . . r.sub.p according to Equation (3) above, or by another suitable approach. Each of the random numbers r.sub.l can be two bytes in length in one example, although the size of the data packages can vary based on the type(s) of processors used in the computing devices 160 and 161, among other factors.
[0070] At reference numeral 206, the process includes encrypting the plain data X.sub.S 173 into encrypted data packages by application of the plain data X.sub.S 173, the secret key K 171, and the randomization number R to a system of equations for encryption. The cryptography engine 182 can perform the process of encrypting in parts or segments of the plain data X.sub.S 173, as described herein. That is, the cryptography engine 182 can apply each segmented plain data package x.sub.1, x.sub.2, x.sub.3, . . . x.sub.m from reference numeral 200, respectively, to the system of equations for encryption. The system of equations can be the Equations (4), the Equations (5), or another system of linear equations consistent with the concepts described herein. For the Equations (4), the cryptography engine 182 can encrypt each plain data package x.sub.i with three (3) secret key packages k.sub.1, k.sub.2, and k.sub.3 from the segmenting at reference numeral 202 and two (2) random numbers r.sub.1 and r.sub.2 from the segmenting at reference numeral 204. For the Equations (5), the cryptography engine 182 can encrypt each plain data package x.sub.i with nine (9) secret key packages k.sub.1-k.sub.9 from the segmenting at reference numeral 202 and four (4) random numbers r.sub.1-r.sub.4 from the segmenting at reference numeral 204.
[0071] At reference numeral 206, the cryptography engine 182 also generates an encrypted data package M.sub.i for each plain data package x.sub.i by combining or concatenating the values of m.sub.1, m.sub.2, and m.sub.3 from the Equations (4). As another example, the cryptography engine 182 can generate an encrypted data package M.sub.i for each plain data package x.sub.i by combining or concatenating the values of m.sub.1, m.sub.2, m.sub.3, and m.sub.4 from the Equations (5).
[0072] Further, after processing the plain data package x.sub.1 to obtain the encrypted data package M.sub.1, the process at reference numeral 206 can continue. The cryptography engine 182 can continue to process the subsequent plain data packages x.sub.2, x.sub.3, . . . x.sub.m, in turn, using the system of Equations (4), the system of Equations (5), or another system of linear equations, to generate the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m. In one case, the cryptography engine 182 can process the next plain data package x.sub.2, among others, with the same secret key packages k.sub.1, k.sub.2, and k.sub.3 and the same random numbers r.sub.1 and r.sub.2 as used for the plain data package x.sub.1. In another example, the cryptography engine 182 can process each respective plain data package x, with the same set of secret key packages k.sub.1, k.sub.2, and k.sub.3 but with a different set of random numbers from the number generator 184. The use of a different set of random numbers for each plain data package x.sub.i can provide better semantic security and ciphertext indistinguishability. In still other examples, the cryptography engine 182 can process each respective plain data package x.sub.i with a different set of secret key packages, with a different set of random numbers, or with both a different set of secret key packages and a different set of random numbers.
[0073] At reference numeral 208, the process includes the computing device 160 communicating the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m to the computing device 161 over the network 150. The computing device 160 can communicate the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m to the computing device 161 using any suitable network interfaces and network transfer protocols. The encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m can be sent from the computing device 160 to the computing device 161 in any number of data packets, for example, in any suitable way and sequence over time. Although not separately shown in
[0074] The remaining process steps shown in
[0075] At reference numeral 212, the process includes the cryptography engine 192 dividing or separating each of the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m into encrypted data segments. As one example, if the Equations (4) were relied upon to encrypt the packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m, then the cryptography engine 192 can divide each encrypted data package into m.sub.1, m.sub.2, and m.sub.3. As another example, if the Equations (5) were relied upon to encrypt the packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m, then the cryptography engine 192 can divide each encrypted data package into m.sub.1, m.sub.2, m.sub.3, and m.sub.4.
[0076] At reference numeral 214, the process includes decrypting each encrypted data package to a plain data package, by application of the encrypted data package and the secret key to an equation for decryption. That is, the process includes the cryptography engine 192 decrypting the segmented encrypted data packages and m.sub.1, m.sub.2, and m.sub.3 for each M.sub.i into a plain data package x.sub.i, according to an equation for decryption. If the Equations (4) were relied upon to generate the encrypted data packages M.sub.i, then the cryptography engine 192 is configured to decrypt each of the encrypted bit packages M.sub.i into a plain data package x.sub.i, according to the following equation:
x.sub.i=m.sub.1⊕k.sub.2+m.sub.2⊕k.sub.3−k.sub.1−m.sub.3. (8)
[0077] If the Equations (5) were relied upon to generate the encrypted data packages M.sub.i, then the cryptography engine 192 is configured to decrypt each of the encrypted data packages M.sub.i into a plain data package x.sub.i, according to the following equation:
x.sub.i=(m.sub.1−k.sub.4)⊕k.sub.2+(m.sub.2−k.sub.5)⊕k.sub.3−(m.sub.3−k.sub.7)⊕k.sub.6−(m.sub.4−k.sub.9)⊕k.sub.9−k.sub.1. (9)
[0078] By decrypting the packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m, respectively, into the plain data packages x.sub.1, x.sub.2, x.sub.3, . . . x.sub.m, the cryptography engine 192 is able to recapture the plain data X.sub.S from the computing device 160, by concatenating the plain data packages together. The plain data can be stored in the data store 175.
[0079] Turning to other aspects of the embodiments, the concepts described herein can also be used with a centralized authentication system, such as the authentication system 100 shown in
[0080] As part of the registration of the computing devices 160 and 161 with the authentication system 100, the authentication system 100 can obtain authentication credentials from the computing devices 160 and 161. The authentication system 100 can also operate on or combine the authentication credentials from the computing devices 160 and 161, to generate a combined credential for the computing devices 160 and 161.
[0081] After registration with the authentication system 100 is complete, the computing devices 160 and 161 can communicate encrypted data with each other, using an approach that is similar to that described above with reference to
[0082]
[0083] At reference numeral 302, the process includes the authentication system 100 registering the computing device 160. This registration can include exchanging certain credentials, such as device identifiers (e.g., media access control (MAC) addresses of network interface controllers), usernames, passwords, or other credentials between the computing device 160 and the authentication system 100. The authentication system 100 can store a list, table, or database of registered devices, including the computing device 160, in the data store 120. The registration at reference numeral 302 can also include the exchange of a common key K.sub.A between the computing device 160 and the authentication system 100, which is used in later process steps.
[0084] At reference numeral 304, the process includes the authentication system 100 generating a credential randomization number R.sub.12. The authentication system 100 can also store the credential randomization number R.sub.12 in the data store 120 for use with another computing device as described below. At reference numeral 304, the process can also include the authentication system 100 combining the key K.sub.A with R.sub.12, to generate a transfer key T.sub.1 according to T.sub.1=K.sub.A ⊕R.sub.12. The authentication system 100 also sends the transfer key T.sub.1 to the computing device 160 over the network 150 at reference numeral 304. The transfer key T.sub.1 is used by the computing device 160 to securely return an authentication identifier N.sub.1 back to the authentication system 100, as described below.
[0085] Although not separately shown in
[0086] The cryptography engine 182 of the computing device 160 is configured to combine the authentication identifier N.sub.1 with the randomization number R.sub.12, to generate an authentication credential A.sub.1, according to A.sub.1=N.sub.1 ⊕R.sub.12. The computing device 160 then sends the authentication credential A.sub.1 to the authentication system 100, and the authentication system 100 receives the authentication credential A.sub.1 from the computing device 160 at reference numeral 306 in
[0087] Registration of the computing device 160 by the authentication system 100 is complete after the authentication credential A.sub.1 is received from the computing device 160. However, registration of the computing device 161 occurs separately, and the authentication system 100 cannot generate the combined credential for the computing devices 160 and 161 until after the computing device 161 is also registered.
[0088] Thus, at reference numeral 312 in
[0089] At reference numeral 314, the process includes the authentication system 100 obtaining the credential randomization number R.sub.12 from the data store 120. This assumes that the credential randomization number R.sub.12, which was generated at reference numeral 304 and associated with the computing device 160, will not be used with computing devices other than the computing devices 160 and 161. For example, at reference numeral 314, the authentication system 100 can reserve the randomization number R.sub.12 for use in authentication services between the computing devices 160 and 161 and only the computing devices 160 and 161.
[0090] At reference numeral 314, the process can also include the authentication system 100 combining the key K.sub.B with R.sub.12, to generate a transfer key T.sub.2 according to T.sub.1=K.sub.A ⊕R.sub.12. The authentication system 100 also sends the transfer key T.sub.2 to the computing device 161 over the network 150 at reference numeral 314. The transfer key T.sub.2 is used by the computing device 161 to securely return an authentication identifier N.sub.2 back to the authentication system 100, as described below.
[0091] Although not separately shown in
[0092] The cryptography engine 192 of the computing device 161 is configured to combine the authentication identifier N.sub.2 with the randomization number R.sub.12, to generate an authentication credential A.sub.2, according to A.sub.2=N.sub.2 ⊕R.sub.12. The computing device 161 sends the authentication credential A.sub.2 to the authentication system 100, and the authentication system 100 receives the authentication credential A.sub.2 from the computing device 161 at reference numeral 316 in
[0093] Registration of the computing device 161 by the authentication system 100 is complete after the authentication credential A.sub.2 is received from the computing device 161. At this point, both the computing devices 160 and 161 are registered with the authentication system 100. At reference numeral 318 in
[0094] Turning to other embodiments,
[0095] At reference numeral 400, the process includes the computing device 160 generating a randomization number R. Here, the cryptography engine 182 can direct the number generator 184 (
[0096] At reference numeral 402, the process includes the computing device 160 generating an identity number G. The cryptography engine 182 can direct the number generator 184 (
[0097] At reference numeral 404, the process includes the cryptography engine 182 combining the plain data X.sub.S 173, in segments, with the identity number G, to generate identified data X.sub.G. As part of this process, the cryptography engine 182 can also divide or separate the plain data X.sub.S 173 into segmented plain data packages x.sub.i, according to Equation (1) above or in another suitable way. When the plain data X.sub.S 173 is segmented into the plain data packages x.sub.i, the cryptography engine 182 can combine each segmented plain data package x.sub.i with the identity number G, according to x.sub.Gi=x.sub.i ⊕G, to generate segmented identified data packages x.sub.Gi. The combination (e.g., concatenated or strung together combination) of all identified data packages x.sub.Gi can be referred to as the identified data X.sub.G. The cryptography engine 182 can also store the identified data X.sub.G in the data store 170.
[0098] At reference numeral 406, the process includes the cryptography engine 182 encrypting the identified data X.sub.G into encrypted data packages by application of the identified data X.sub.G, the secret key K 171, and the randomization number R to a system of equations for encryption. The cryptography engine 182 can perform the process in parts or segments of the identified data X.sub.G. That is, the cryptography engine 182 can apply each identified data package x.sub.G1, x.sub.G2, x.sub.G3, . . . x.sub.Gm, respectively, to the system of equations for encryption, along with the segments of the secret key K 171 and the segments of the randomization number R, as described herein. The system of equations can be the Equations (4), the Equations (5), or another system of linear equations consistent with the concepts described herein. Thus, the process at reference numeral 406 is similar to that in reference numeral 206 of
[0099] At reference numeral 406, the cryptography engine 182 also generates an encrypted data package M.sub.i for each identified data package x.sub.Gi by combining or concatenating the values of m.sub.1, m.sub.2, and m.sub.3 from the Equations (4). As another example, the cryptography engine 182 can generate an encrypted data package M.sub.i for each identified data package x.sub.Gi by combining or concatenating the values of m.sub.1, m.sub.2, m.sub.3, and m.sub.4 from the Equations (5).
[0100] At reference numeral 408, the process includes the computing device 160 communicating the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m to the computing device 161 over the network 150. The computing device 160 can communicate the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m to the computing device 161 using any suitable network interfaces and network transfer protocols. The encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m can be sent from the computing device 160 to the computing device 161 in any number of data packets, for example, in any suitable way and sequence over time. Although not separately shown in
[0101] In addition to the transfer of the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m, the process in
[0102] Although not shown in
[0103] The authentication system 100 has no visibility into the identity number G of the computing device 160, because the authentication system 100 does not have access to the Auth ID N.sub.2 177 of the computing device 161. Likewise, the authentication system 100 does not have access to the Auth ID N.sub.1 172 of the computing device 160. Instead, the authentication system 100 only stores the combined credential N.sub.12, but the individual values of N.sub.1 and N.sub.2 cannot be obtained by the authentication system 100 from the combined credential N.sub.12.
[0104]
[0105] At reference numeral 500, the process includes the computing device 161 receiving the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m from the computing device 160. The computing device 161 can store the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m in the data store 175 for further processing. Additionally, at reference numeral 502, the process includes the computing device 161 receiving the verification credential V.sub.1 from the authentication system. As noted above, the verification credential V.sub.1 is equal to G⊕N.sub.2, and the computing device 161 can obtain the identity number G of the computing device 160 from the verification credential V.sub.1. The computing device 161 can store the verification credential V.sub.1 in the data store 175 for further processing.
[0106] At step 504, the process includes the cryptography engine 192 obtaining the identity number G of the computing device 160 from the verification credential V.sub.1. Particularly, the cryptography engine 192 can process the verification credential V.sub.1 with the Auth ID N.sub.2 177, which was previously generated during registration of the computing device 161 with the authentication system 100, according to G=V.sub.1⊕N.sub.2, as V.sub.1 is equal to G⊕N.sub.2. The cryptography engine 192 can store the identity number G in the data store 175.
[0107] At reference numeral 506, the process includes the cryptography engine 192 of the computing device 161 dividing, separating, or segmenting the secret key K 176 into secret key packages k.sub.1, k.sub.2, k.sub.3, . . . k.sub.n according to Equation (2) above, or by another suitable approach. As one example, if the Equations (4) were used for encryption, then the cryptography engine 192 can segment the secret key K 176 into three (3) segmented secret key packages k.sub.1, k.sub.2, and k.sub.3. As another example, if the Equations (5) were used for encryption, then the cryptography engine 192 can segment the secret key K 176 into nine (9) segmented secret key packages k.sub.1-k.sub.9.
[0108] At reference numeral 508, the process includes the cryptography engine 192 dividing or separating each of the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m into encrypted data segments. As one example, if the Equations (4) were relied upon to encrypt the packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m, then the cryptography engine 192 can divide each encrypted data package into m.sub.1, m.sub.2, and m.sub.3. As another example, if the Equations (5) were relied upon to encrypt the packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m, then the cryptography engine 192 can divide each encrypted data package into m.sub.1, m.sub.2, m.sub.3, and m.sub.4.
[0109] At reference numeral 510, the process includes decrypting each encrypted data package to a plain data package, by application of the encrypted data package and the secret key to an equation for decryption. That is, the process includes the cryptography engine 192 decrypting the segmented encrypted data packages and m.sub.1, m.sub.2, and m.sub.3 for each M.sub.i into an identified data package x.sub.Gi, according to an equation for decryption. If the Equations (4) were relied upon to generate the encrypted data packages M.sub.i, then the cryptography engine 192 is configured to decrypt each of the encrypted bit packages M.sub.i into an identified data package x.sub.Gi, according to the following equation:
x.sub.Gi=m.sub.1⊕k.sub.2+m.sub.2⊕k.sub.3−k.sub.1−m.sub.3. (8)
[0110] If the Equations (5) were relied upon to generate the encrypted data packages M.sub.i, then the cryptography engine 192 is configured to decrypt each of the encrypted data packages M.sub.i into an identified data package x.sub.Gi, according to the following equation:
X.sub.Gi=(m.sub.1−k.sub.4)⊕k.sub.2+(m.sub.2−k.sub.5)⊕k.sub.3−(m.sub.3−k.sub.7)⊕k.sub.6−(m.sub.4−k.sub.9)⊕k.sub.8−k.sub.1. (9)
[0111] Thus, each of the packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m can be decrypted, respectively, into the identified data packages x.sub.G1, x.sub.G2, x.sub.G3, . . . x.sub.Gm.
[0112] At reference numeral 512, the process includes the cryptography engine 182 extracting plain data packages x.sub.i from the identified data packages x.sub.Gi. Here, the cryptography engine 192 can extract plain data packages x.sub.i from the identified data packages x.sub.Gi by application of the identity number G, according to x.sub.i=x.sub.Gi ⊕G. The combination (e.g., concatenated or strung together combination) of all plain data packages x, results in the plain data X.sub.S from the computing device 160, by concatenating the plain data packages together. The plain data can be stored in the data store 175.
[0113] According to the concepts of authentication described herein, the integrity of data communication between the computing devices 160 and 161 depends on proper authentication of both devices with the authentication system 100. In other words, the computing device 161 cannot decrypt and obtain the data communicated from the computing device 160 (i.e., with the same data integrity and meaning), unless the identity number G generated by the computing device 160 at reference numeral 402 in
[0114] In other aspects of the embodiments, it is noted that the systems in Equations (4) and (5) provide ciphertext (e.g., the encrypted data packages M.sub.1, M.sub.2, M.sub.3, . . . M.sub.m) that is protected against security concerns that arise when communicating recurring plain data packages, plain data packages that are known by an attacker, or plain data packages that are chosen by an attacker. To demonstrate, assume a sender S uses an encryption algorithm to send to plain text x to a receiver R. As a result of the algorithm, S generates three publicly-visible values s.sub.1, s.sub.2 and s.sub.3 using the following non-linear system of three equations as basic algorithm:
s.sub.1=k+a.sub.1,
s.sub.2=x+a.sub.2, and
s.sub.3=a.sub.1a.sub.2. (8)
[0115] The algorithm relies upon random values a.sub.1 and a.sub.2 and two recurring values, including the secret key k and the plain text x. R knows the key k and can decrypt (calculate) the plain text x, according to:
[0116] A third party cannot decrypt the plain text x, because s.sub.1, s.sub.2 and s.sub.3 are the only visible values. A third party would need to obtain four independent unknown variables, as the number of unknown variables (e.g., x, k, a.sub.1, a.sub.2) exceeds the number of visible values. The system of Equations 6 is undetermined for the third party and, thus, cannot be resolved. Cannot be resolved means that there is no unique solution of the system of equations due to the unknown variables.
[0117] However, in case S sends a recurring x to R, the third party can decrypt the plain text x and obtain the key k from the system of Equations 6, as shown in Table 1 below. This occurs because the number of visible values equals or exceeds the number of independent variables in any next, subsequent attack.
TABLE-US-00001 TABLE 1 Number of new Number of independent independent Attack System of equations variables visible values First
[0118] Thus, in case S sends a recurring x to R, the third party can use six publicly visible values (s.sub.1.sup.(1), s.sub.2.sup.(1), s.sub.3.sup.(1), s.sub.1.sup.(2), s.sub.2.sup.(2), s.sub.3.sup.(2)) to obtain six independent variables (k, x, a.sub.1.sup.(1), a.sub.2.sup.(1), a.sub.1.sup.(2), a.sub.2.sup.(2)). The third party can obtain the secret key k from the following equation:
and the plain text x from the following equation:
[0119] S can make the algorithm more complex using longer vector of authentication attribute, but the number of secure, non-decrypted attacks will be limited. In this case, the authentication attribute should be changed after certain secure attacks in order to extend the algorithm security lifetime.
[0120] As a different example, assume S uses an encryption algorithm to send plain text to R. As a result of the algorithm, S sends three publicly visible values s.sub.1, s.sub.2 and s.sub.3 using the following non-linear system of equations:
s.sub.1=k+a.sub.1,
s.sub.2=x+a.sub.2, and
s.sub.3=a.sub.1+a.sub.2. (10)
[0121] The algorithm relies upon random values a.sub.1 and a.sub.2 and two recurring values, including the secret key k and the plain text x. R knows the key k and can decrypt the plain text x, according to:
x=s.sub.2+s.sub.1−s.sub.3−k. (11)
[0122] A third party cannot decrypt the plain text x, because s.sub.1, s.sub.2 and s.sub.3 are the only visible values. A third party would need to obtain four independent unknown variables, as the number of unknown variables (e.g., x, k, a.sub.1, a.sub.2) exceeds the number of visible values. The system of Equations 6 is undetermined for the third party and, thus, cannot be resolved.
[0123] Additionally, in case S sends a recurring x to R, unlike in the previous example, the third party cannot decrypt the plain text x or obtain the key k from the system of Equations 8, because it still remains underdetermined as shown in Table 2. This is because the Equations 8 are a linear dependent system.
TABLE-US-00002 TABLE 2 Number of new Number of independent independent Attack System of equations variables visible values First
[0124] Thus, R knows the secret key k and can easily decrypt the plain text x, while the third party has only five publicly visible values (s.sub.1.sup.(1), s.sub.2.sup.(1), s.sub.3.sup.(1), s.sub.1.sup.(2), s.sub.2.sup.(2)) to obtain six independent variables (k, x, a.sub.1.sup.(1), a.sub.2.sup.(1), a.sub.1.sup.(2), a.sub.2.sup.(2)). The value s.sub.3.sup.(2) is not independent and can be obtained from other visible independent values, as s.sub.3.sup.(2)=s.sub.1.sup.(2)+s.sub.1.sup.(2)+s.sub.3.sup.(1)−s.sub.1.sup.(1)−s.sub.2.sup.(1), so R can decrypt the plain text x, although the third party has only five publicly visible independent values.
[0125] It is also noted that certain devices, and particularly low-power devices, can be limited in terms of register sizes, the capability of processing block sizes (in bits), and other constraints. For example, the processor cores in the computing devices 160-164 may have a 16-bit, 32-bit, or 64-bit base. In that context, the cryptographic algorithms described herein can be tailored to avoid size overflows in processing operations. As examples, for a 47-bit key length on a processor of 16, 32, or 64 bit base, the variables for the Equations (4) can be sized as follows, where bit sizes are identified within the brackets:
(k.sub.1[15]+r.sub.1[15])⊕k.sub.2[16]=m.sub.1[16],
(x[15]+r.sub.2[15])⊕k.sub.3[16]=m.sub.2[16], and
r.sub.1[15]+r.sub.2[15]=m.sub.3[16]. (12)
[0126] As another example, for a 95-bit key length on a processor of 16, 32, or 64 bit base, the variables for the Equations (4) can be sized as follows, where bit sizes are identified within the brackets:
(k.sub.1[31]+r.sub.1[31])⊕k.sub.2[32]=m.sub.1[32],
(x[31]+r.sub.2[31])⊕k.sub.3[32]=m.sub.2[32], and
r.sub.1[31]+r.sub.2[31]=m.sub.3[32]. (13)
[0127] As another example, for a 189-bit key length on a processor of 64 bit base, the variables for the Equations (4) can be sized as follows, where bit sizes are identified within the brackets:
(k.sub.1[61]+r.sub.1[61])⊕k.sub.2[64]=m.sub.1[64],
(x[61]+r.sub.2[61])⊕k.sub.3[64]=m.sub.2[64], and
r.sub.1[61]+r.sub.2[61]=m.sub.3[64]. (14)
[0128] As another example, for a 139-bit key length on a processor of 16, 32, or 64 bit base, the variables for the Equations (5) can be sized as follows, where bit sizes are identified within the brackets:
(k.sub.1[14]+r.sub.1[13]+r.sub.3[13])⊕k.sub.2[15]+k.sub.4[15]=m.sub.1[16],
(x[14]+r.sub.2[13]+r.sub.4[13])⊕k.sub.3[15]+k.sub.5[15]=m.sub.2[16],
(r.sub.1[13]+r.sub.2[13])⊕k.sub.6[15]+k.sub.7[15]=m.sub.3[16], and
(r.sub.3[13]+r.sub.4[13])⊕k.sub.8[15]+k.sub.9[15]=m.sub.4[16]. (15)
[0129] As another example, for a 278-bit key length on a processor of 32 or 64 bit base, the variables for the Equations (5) can be sized as follows, where bit sizes are identified within the brackets:
(k.sub.1[30]+r.sub.1[29]+r.sub.3[29])⊕k.sub.2[31]+k.sub.4[31]=m.sub.1[32],
(x[30]+r.sub.2[29]+r.sub.4[29])⊕k.sub.3[31]+k.sub.5[31]=m.sub.2[32],
(r.sub.1[29]+r.sub.2[29])⊕k.sub.6[31]+k.sub.7[31]=m.sub.3[32], and
(r.sub.3[29]+r.sub.4[29])⊕k.sub.8[31]+k.sub.8[31]=m.sub.4[32]. (16)
[0130] As another example, for a 566-bit key length on a processor of 64 bit base, the variables for the Equations (5) can be sized as follows, where bit sizes are identified within the brackets:
(k.sub.1[62]+r.sub.1[61]+r.sub.3[61])⊕k.sub.2[63]+k.sub.4[63]=m.sub.1[64],
(x[62]+r.sub.2[61]+r.sub.4[61])⊕k.sub.3[63]+k.sub.5[63]=m.sub.2[64],
(r.sub.1[61]+r.sub.2[61])⊕k.sub.6[63]+k.sub.7[63]=m.sub.3[64], and
(r.sub.3[61]+r.sub.4[61])⊕k.sub.8[63]+k.sub.9[63]=m.sub.4[64]. (17)
[0131] The flowcharts in
[0132] The authentication system 100 can include at least one processing circuit. Such a processing circuit can include, for example, one or more processors and one or more storage devices that are coupled to a local interface. The local interface can include, for example, a data bus with an accompanying address/control bus or any other suitable bus structure. Similarly, each of the computing devices 160-164 can include at least one processing circuit. Such a processing circuit can include, for example, one or more processors and one or more storage devices that are coupled to a local interface.
[0133] The storage devices for a processing circuit can store data or components that are executable by the processors of the processing circuit. For example, the authentication engine 132, the cryptography engine 182, the cryptography engine 192, and/or other components can be stored in one or more storage devices and be executable by one or more processors in the authentication system 100, the computing device 160, and the computing device 161.
[0134] The authentication engine 132, the cryptography engine 182, the cryptography engine 192, and/or other components described herein can be embodied in the form of hardware, as software components that are executable by hardware, or as a combination of software and hardware. If embodied as hardware, the components described herein can be implemented as a circuit or state machine that employs any suitable hardware technology. The hardware technology can include, for example, one or more microprocessors, discrete logic circuits having logic gates for implementing various logic functions upon an application of one or more data signals, application specific integrated circuits (ASICs) having appropriate logic gates, programmable logic devices (e.g., field-programmable gate array (FPGAs), and complex programmable logic devices (CPLDs)).
[0135] Also, one or more or more of the components described herein that include software or program instructions can be embodied in any non-transitory computer-readable medium memory device for use by or in connection with an instruction execution system such as, a processor in a computer system or other system. The computer-readable medium can contain, store, and/or maintain the software or program instructions for use by or in connection with the instruction execution system.
[0136] A computer-readable medium can include a physical media, such as, magnetic, optical, semiconductor, and/or other suitable media. Examples of a suitable computer-readable media include, but are not limited to, solid-state drives, magnetic drives, or flash memory. Further, any logic or component described herein can be implemented and structured in a variety of ways. For example, one or more components described can be implemented as modules or components of a single application. Further, one or more components described herein can be executed in one computing device or by using multiple computing devices.
[0137] Further, any logic or applications described herein, including the authentication engine 132, the cryptography engine 182, the cryptography engine 192, and/or other components can be implemented and structured in a variety of ways. For example, one or more applications described can be implemented as modules or components of a single application. Further, one or more applications described herein can be executed in shared or separate computing devices or a combination thereof. For example, a plurality of the applications described herein can execute in the same computing device, or in multiple computing devices. Additionally, terms such as “application,” “service,” “system,” “engine,” “module,” and so on can be used interchangeably and are not intended to be limiting.
[0138] The above-described examples of the present disclosure are merely possible examples of implementations set forth for a clear understanding of the principles of the disclosure. Many variations and modifications can be made without departing substantially from the spirit and principles of the disclosure. All such modifications and variations are intended to be included herein within the scope of this disclosure and protected by the following claims.
[0139] Disjunctive language, such as the phrase “at least one of X, Y, or Z,” unless specifically stated otherwise, is to be understood with the context as used in general to present that an item, term, etc., can be either X, Y, or Z, or any combination thereof (e.g., X, Y, and/or Z). Thus, such disjunctive language is not generally intended to, and should not, imply that certain embodiments require at least one of X, at least one of Y, or at least one of Z to be each present.
[0140] It should be emphasized that the above-described embodiments of the present disclosure are merely possible examples of implementations set forth for a clear understanding of the principles of the disclosure. Many variations and modifications can be made to the above-described embodiment(s) without departing substantially from the spirit and principles of the disclosure. All such modifications and variations are intended to be included herein within the scope of this disclosure and protected by the following claims.