Hybrid public key algorithm/data encryption algorithm key distribution method based on control vectors

Assignee

• International Business Machines Corporation · US

Inventors

• Stephen M. Matyas · Manassas, US
• Donald B. Johnson · Manassas, US
• An V. Le · Manassas, US
• Rostislaw Prymak · Dumfries, US
• John D. Wilkins · Somerville, US
• William C. Martin · Redwood City, US
• William S. Rohland · Charlotte, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/14
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

The patent describes a method and apparatus for securely distributing an initial Data Encryption Algorithm (DEA) key-encrypting key by encrypting a key record (consisting of the key-encrypting key and control information associated with that key-encrypting key) using a public key algorithm and a public key belonging to the intended recipient of the key record. The patent further describes a method and apparatus for securely recovering the distributed key-encrypting key by the recipient by decrypting the received key record using the same public key algorithm and private key associated with the public key and re-encrypting the key-encrypting key under a key formed by arithmetically combining the recipient's master key with a control vector contained in the control information of the received key record. Thus the type and usage attributes assigned by the originator of the key-encrypting key in the form of a control vector are cryptographically coupled to the key-encrypting key such that the recipient may only use the received key-encrypting key in a manner defined by the key originator. The patent further describes a method and apparatus to improve the integrity of the key distributi…