Cryptographic communication security for single domain networks

Assignee

• International Business Machines Corporation · US

Inventors

• William F. Ehrsam · Hurley, US
• Robert C. Elander · Saugerties, US
• Stephen M. Matyas · Manassas, US
• Carl H. W. Meyer · Portage, US
• Robert L. Powers · Topsfield, US
• Paul N. Prentice · Hyde Park, US
• John L. Smith · Woodstock, US
• Walter L. Tuchman · Woodstock, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/0656
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A communication security system for data transmissions between remote terminals and a host system. The remote terminals and the host system include data security devices capable of performing a variety of cryptographic operations. At initialization time, a host master key is written into the host data security device and the host system generates a series of terminal master keys for the remote terminals. Protection is provided for the terminal master keys by enciphering them under a variant of the host master key. The terminal master keys are then written into the data security devices of the respective remote terminals to permit cryptographic operations to be performed. When a communication session is to be established between a designated remote terminal and the host system, a random number is generated and defined as an operational key enciphered under the host master key which permits the operational key to be used at the host system for enciphering or deciphering data operations. The host data security device, using the enciphered master key of the designated remote terminal, transforms the enciphered operational key under control of the host master key into a form in which th…