CA2210763C - Key generation from a given string for entity authentication - Google Patents
Key generation from a given string for entity authentication Download PDFInfo
- Publication number
- CA2210763C CA2210763C CA 2210763 CA2210763A CA2210763C CA 2210763 C CA2210763 C CA 2210763C CA 2210763 CA2210763 CA 2210763 CA 2210763 A CA2210763 A CA 2210763A CA 2210763 C CA2210763 C CA 2210763C
- Authority
- CA
- Canada
- Prior art keywords
- bitstream
- bitstreams
- character string
- sub
- operations
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
Abstract
The invention provides a scheme for generating a symmetric encryption key for a given character string, such as a password or an alphanumeric. There is no limitation on the length or content of the given character string. The character string is converted to a bitstream using a standard character encoding scheme, such as ASCII. The bitstream is then subjected to combinations of bitstream processing operations over multiple rounds. The bitstream processing operations can include splitting the bitstream into multiple sub-bitstreams, reordering and shuffling the sub-bitstreams, performing logical bit-wise operations on the sub-bitstreams, performing one-way hashing on the sub-bitstreams, and combining the multiple sub-bitstreams back into a single bitstream through logical bit-wise operations on the sub-bitstreams. Prior to converting the character string into a bitstream, the given character string may be optionally combined with an initialization character string (for example, an initialization string associated with a particular processor), and it is the combined character string that is then encoded and used for generating an encryption key. Applying the combination rounds of the bitstream processes multiple times, for example sixteen times, will result in a strong key for encryption.
Description
KEY GENERATION FROM A GIVEN STRING FOR ENTIl~Y AU l ll~;NTICATION
Field of the Invention This invention generally relates to the field of networked communications and provides, in particular, a scheme for generating a symmetric encryption key from a given string, such as a password, which 5 can be used for network entity authentication.
Background of the Invention Many large and/or costly applications and databases reside on servers to which users have network access, either through an intranet (a contained network with a limited number of users) or by the 10 Internet. Simply because a server or an application on a server is networked, does not necessarily mean that all users have equal access to the functions provided, or even that all users have access.
Controlled access is usually handled through authenticating the credentials of the user seeking access.
U.S. Patent number 5,491,752, entitled System For Increasing The Difflculty Of Password Guessing 15 Attacks In A Distributed Authentication Scheme Employing Authentication Tokens, of Digital Equipment Corp., describes one way in which this can be done. The tr~n~mi~sion code between the sender and receiver is generated using a hashing algorithm. Both the sender and receiver have a common list of passwords and tokens, and the list is used to determine the particular h~hing technique applied to the ll~n.~ ion code, and thus authenticate the user. However, having multiple 20 passwords and tokens for each user is unwieldy in a large network.
The more common approach is to provide each user with a unique entity authentication key that has associated with it at the server the user's unique credentials for that server or application.
25 ~l~int~ining the secrecy ofthe user's entity authentication key, particularly during its transmission over the network, is critically important to avoid compromising the security of the whole system.
One way to achieve this is to encrypt the user's key prior to transmission.
There are many known encryption algorithms, such as DES and RSA.
DES (Data Encryption Standard) is a symmetric algorithm adopted as a federal standard in the late 1970's and the beginning of the 1980's. DES is a block-cipher which transforms data from 64 bit 5 plain-data blocks into 64 bit cipher-data blocks. The key length of DES is 64 bits, of which 8 bits are used for parity checking and 56 bits are actual key data for encryption or decryption.
RSA is a public key (asymmetric) cryptographic algorithm named after its three inventors, Ron Rivest, Adi Shamir and Leonard Adleman. It is a public-key cryptosystem that can be used for both 10 encryption and for digital signature. The security foundation of RSA is built on the difficulty of factoring large numbers; the public and private keys of RSA are functions of a pair of large prime numbers with a typical size of 512 to 2048 in bit length.
U.S. Patent No. 5,483,598, titled Message Encryption Using A Hash Function, of Digital Equipment 15 Corp., discusses an encryption method which uses a key and XORes it with a block of a message.
The key is produced by hashing a number and the message block using the hashing algorithm MD4 (Message Digest algorithm). A new key will be formed by hashing the previous key and the previous encrypted message.
20 However, encryption keys are not easy for human users to memorize. Thus, providing a way for the user to obtain an encryption key, for example using a known encryption method, is useful.
In U.S. Patent No. 5,073,935, titled Method For Secure Communication, of Jose Pastor, a set of numbers is provided that have the property that the encrypted version of the numbers will be of an 25 order substantially smaller than that of the original set when the RSA public key encryption is used.
To encrypt a message, a number is selected from the set and the selected number is used to produce a key by a hashing function. The requirement for the hashing function is that it maps a number a onto a set of numbers of lower order, such that the jth number from the number set may be used for an encryption key. The key is then used to encrypt the message via the DES algorithm. The key itself is encrypted using the RSA algorithm. However, like the earlier discussed Patent No. 5,491,752, the requirement for the number set described in this system prevents its applicability for wide networks.
Summar,v Of The Invention The easiest types of unique keys for human users to remember are passwords and simple alphanumeric codes. Therefore, the present invention is directed to providing a mechanism to generate encrypted keys from a given character string such as a password or alphanumeric, without 10 limitation on string length.
The invention is also directed to a generic crypto-logic design which generates a high quality key that is highly random within the key space, so that security can be provided when using the key in an entity authentication process.
Accordingly, the present invention provides a process for generating an encryption key from a bitstream for a given character string. The process consists of applying, at least repetitively, a combination of at least two bitstream processing operations selected from the group of operations including bitstream splitting, bitstream reordering and shllming, bit-wise operations, and one-way 20 hashing. Preferably, different combinations of the bitstream processing operations are applied in subsequent rounds.
In a further embodiment, the invention provides a process for generating an encryption key from a given character string in which the given character string is first combined with an initialization 25 character string to generate a combined character string. Character encoding is then applied to the combined character string to generate a first bitstream. In a first round, the bitstream is split into multiple sub-bitstreams and then the multiple sub-bitstreams are recombined into a second single bi~ e~ll on applying at least one additional bitstream processing operation selected from the group of operations comprising reordering and ~huming the sub-bitstreams, bit-wise operations on the sub-bi~ eanls, one-way hashing on the sub-bitstreams and combining multiple sub-bitstreams into a single bitstream through bit-wise operations on sub-bitstreams. In at least an additional round, further bitstream processing operations are performed on the resultant single bil~ll ealll.
The invention also provides a mechanism for generating an encryption key, for use in network entity authentication, from a given character string. The mechanism includes means for converting the given character string into a bitstream and means for generating a random bitstream. The means for generating a random bil~llea 1l operate by repetitively applying a combination of at least two bitstream processes selected from a group of bitstream processes. These bitstream processes include splitting a bil~lle~ll into multiple sub-bil~l-eallls, reordering and ~hllming sub-bitstreams, performing bit-wise operations on sub-bitstreams, one-way h~.ching, and combining multiple sub-bitstreams into a single bil~lleallls. Preferably, the mechanism includes means for combining the given character string with an initi~li7~tion character string to generate a combined character string, in which case the means for converting the given character string consists of means for converting the combined character string into a bitstream.
The invention also includes a program storage device having embodied thereon computer readable program code means to program a computer to perform the processes described above.
Brief Description of the Drawings Embodiments of the invention will now be described in detail in association with the accompanying drawings, in which:
Figures 1 to 5 are schematic diagrams with accompanying flow diagrammatic examples illustrating several bil~llt;alll processes used, in combination, in aspects of the preferred embodiment of the present invention;
Figure 6 is a data flow diagram schematically illustrating a generic encryption key generation mech~ni~m combining processes from Figures I to 5; and Figure 7 is a data flow diagram schematically illustrating a specific implementation of the encryption key generation meçh~ni~m of the invention.
5 Detailed Description of the Preferred Embodiments The present invention provides a technique for generating an encrypted key from a given character string, such as a password or alphanumeric string. The crypto logic for a generic key generation scheme, according to one aspect of the invention, is based on multiple rounds of combinations of the bi~ eall~ processes illustrated in Figures 1 through 5. These processes include bil~ll eanl split (Figure 10 1), reordering and .~hllming (Figure 2), bit-wise operations (Figure 3) and one way h~hing (Figure 4).
The given character string, then, must first be converted into a bitstream by encoding the characters by a number of bits. The techniques to do this are well known to those skilled in the art. In North 15 America, the characters are usually encoded by ASCII code in which each character is encoded by eight bits. The international standard, Unicode, encodes each character to sixteen bits which is able to represent the spoken text of many alphabets. For example, it can handle ideographic l~ngll~ges such as Chinese and Japanese.
20 Figure 5 illustrates an optional combination function of a given string and an initialization string employed prior to encoding the character string to a bitstream.
Referring first to Figure 1, bi~ alll split 4 is a technique that splits a bitstream 2 into multiple sub-bitstreams A, M and N, all generally designated by 6. The split can be achieved in any number of 25 ways. Two examples are illustrated in the flow diagrams of Figures I A and IB.
Figure IA illustrates the most straightforward form of bitstream splitting. Bits are assigned, one-by-one, to the sub-bitstreams in order, starting with the first bit assigned to the first substream (block l O), the second bit assigned to the second substream (block 14), and on to the Nth bit assigned to the Nth bitstream (block 18). If after any assignment the original bitstream has been exhausted, processing ends (blocks 12, 16 and 20). However, if bits remain in the original bi~ ealll after assignment of the Nth bit to the Nth substream (blocks 18, 20), the process loops as the next bit is 5 assigned to the first substream (block 22). The process is recursive until the original bil~lealll is exhausted. Taking a simple bil~Llea... 010001 and splitting it into three substreams following the process illustrated in Figure lA, would result in the following:
substream 1: 00 substream 2: 10 substream 3: 01 A simple variation on the process illustrated in Figure lA is to assign two bits at a time from the original biL~L~e~ to the sub~ a --s in order. Under this variation, the three substreams derived from the original bitstream 010001 would be:
substream 1: 01 substream 2: 00 substream 3: 01 Figure lB illustrates another example of bitstream splitting that is more complicated, in that different numbers of bits from the original bil~llea"~ are assigned to successive sub-bitstreams. After assigning the first two bits from the original bil~L~ealll to the first substream (block 30), only one bit is assigned to the next substream (block 36) and three bits to the substream after that (block 52). As with the previously described algorithm (Figure lA), processing is handled recursively (blocks 40, 54) and ends when the original bitstream has been exhausted (blocks 32, 42-44, 48-50, 56-58 and 62-66).
Using the original bitstream 010001, the three sub-bitstreams resulting from use ofthe method in Figure lB would be:
substream 1: 01 substream 2: 0 substream 3: 001 Bitstream reordering and shuffiing 72, illustrated schematically in Figure 2, removes the correlation among bits within a bi~ e~ll 70 and so that the resulting bi~lealll 74 is random. For example, a 10-bitstream could be reordered to place the bits in the following order:
10 7 8 4 5 3 9 1 2.
Bit-wise operations 78 (Figure 3) combine M bitstreams 76 or sub-bitstreams into L bitstreams 80 using combinations of the logical operations AND, OR and Exclusive-OR (XOR).
These three operations are conventionally defined as follows:
Depending on the combination of these operations, the number of streams output may be the same, or greater or less than the number input. A simple example is illustrated schematically in figure 3A.
Two input streams 76a are combined three time 78a using each of the logical operations, AND, OR
and XOR, to produce three output streams 80a. Thus, if:
input stream I = 0101 input stream 2 = 1111~0 then, output stream I = 0101 output stream 2 = 1111 output stream 3 = 1010 25 The one way hashing process 84 illustrated in Figure 4 is irreversible. It produces a hashed bitstream 86 from the original bi~ alll 82. From the one way hashing process, it is computationally infeasible either to produce the original bitstream, or to find two different bi~l ea~lls which produce the same hashed bitstream. In the plerelled embodiment, the message digest algorithm MD5 is used, as discussed below. Other known algorithms include the MD4 and MD2 message digest algorithms, and 30 the standard, Secure Hash Algorithm (SHA).
A given string be optionally combined with an initialization string tied to the address or physical location of a computer, as illustrated in Figure 5. This technique is particularly useful in a closed network, where access limited to select machines, as well as select users, is desired. Figure 5 illustrates the basic concept of combining 92 a string 88 given by a user with an initialization string 5 90 supplied at the machine used to produce a single combined string.
The method of combination can vary. Figure 5A illustrates one possible algorithm. When a user entered character string is received 100, an initialization character string is loaded 102. The col-lbillalion of the two strings is done by taking one character at a time from the first string 104 then 10 one character at a time from the second string 106, and by repeating this process until all characters in both strings are taken 108, 1 14. If the length of the two strings are not equal, then after taking the last character from the shorter string, the ~ g character from the longer string will be appended to the combined string, that is after taking a character from a string the mechanism simply tests whether there are any additional characters in the other string 1 10, 1 16. If there are not additional 15 characters in the second string when it is tested 1 l O, then the remaining characters from the first string are simply appended 112, and if there are not additional characters rem~ining in the first string 116, then the rem~ining characters from the second string are simply appended 118.
An example of the result of this process is as follows. Taking two strings, "abcdefghijklmn" and 20 "mypassword", the combined string "ambycpdaesfsgwhoirjdklmn" is formed.
Figure 6 illustrates the combination of the above mentioned bit stream processes in a generic encryption key generation mech~nic~m, according to the invention.
A given string 120 can be optionally combined with an initialization string 122 and encoded to a bitstream as the first step through a combination and encoding function 124. The combination function performs a string c~hllffling to form the input string to the generic key generation scheme, that essentially comprises multiple rounds of colllbi~ ions of the bit stream processes illustrated in Figures 1 to 4 and discussed above. Depending on the encryption mechanism (eg., DES), the generated key 128 from Figure 6 may require a post process such as parity bit setting.
Figure 7 provides an implementation example of a specific key generation mechanism following the 5 generic outline illustrated in Figure 6. Figure 7 illustrates a mechanism to generate a 64 bit DES key from a given string for authentication purpose.
The initialization character string 200 is used for scambling the user entered string (a password or alphanumeric) 202. This is performed in the combination block 204, using the process such as 10 illustrated in Figure SA and described above. The bil~-ea--- generated from the combined string is hashed by the MD5 message digest algorithm 206 to yield a 16 byte digest. The hashed result is then divided into two halves, a left half 208 and right half 212. Each half is hashed again by the MD5 message digest algorithm 210, 214. The result from hashing the right half 212 is bitwise reversed after hashing 214. (For example, "0011001100110011" becomes "1100110011001100"). The results from hashing the left half 210 is exclusive ORed 216 with the bit reversed right half 214 to form the input for the second round process. The process is repeated n times 218 through 230, 234. Finally, the exclusive ORed result 236 is divided again, and this time the right half 240 is exclusive ORed 242 with the left half 238. At this point, 8 byte data is produced, which forms a 64 bit key. Since the DES encryption key has parity checking bits, the final DES encryption key 246 is produced after 20 setting the parity bits with the 8 byte data 244.
The generic key generation method of the present invention could be provided as a specific implementation (such as shown and described in relation to Figure 7), or as a tool for application developers to design a key for unique encryption "algorithms" for specific applications or specific 25 users. Provided a minimum number of rounds of combined bitstream operations are performed in the algorithm, the resulting key for encryption will be strong enough for secure network tr~n~mi.csion.
A strong key will be achieved if 16 rounds of combined bitstream operations are applied. A lesser number of rounds may be adequate where the security requirements are not as stringent.
A feature of the invention discussed above is that the specific algorithm produced following the method ofthe invention will not limit the user's password as to size or context. "Hereismypassword"
will be equally valid password input for key generation as "pas8word" or some other rigidly-structured password input. With this feature, the user can use a long English phrase mixed with 5 digits, against password guessing attack, such as "My grandfather's 90th birthday is March 16".
Modifications to the invention which would be obvious to those skilled in the art are intended to be covered by the appended claims.
Field of the Invention This invention generally relates to the field of networked communications and provides, in particular, a scheme for generating a symmetric encryption key from a given string, such as a password, which 5 can be used for network entity authentication.
Background of the Invention Many large and/or costly applications and databases reside on servers to which users have network access, either through an intranet (a contained network with a limited number of users) or by the 10 Internet. Simply because a server or an application on a server is networked, does not necessarily mean that all users have equal access to the functions provided, or even that all users have access.
Controlled access is usually handled through authenticating the credentials of the user seeking access.
U.S. Patent number 5,491,752, entitled System For Increasing The Difflculty Of Password Guessing 15 Attacks In A Distributed Authentication Scheme Employing Authentication Tokens, of Digital Equipment Corp., describes one way in which this can be done. The tr~n~mi~sion code between the sender and receiver is generated using a hashing algorithm. Both the sender and receiver have a common list of passwords and tokens, and the list is used to determine the particular h~hing technique applied to the ll~n.~ ion code, and thus authenticate the user. However, having multiple 20 passwords and tokens for each user is unwieldy in a large network.
The more common approach is to provide each user with a unique entity authentication key that has associated with it at the server the user's unique credentials for that server or application.
25 ~l~int~ining the secrecy ofthe user's entity authentication key, particularly during its transmission over the network, is critically important to avoid compromising the security of the whole system.
One way to achieve this is to encrypt the user's key prior to transmission.
There are many known encryption algorithms, such as DES and RSA.
DES (Data Encryption Standard) is a symmetric algorithm adopted as a federal standard in the late 1970's and the beginning of the 1980's. DES is a block-cipher which transforms data from 64 bit 5 plain-data blocks into 64 bit cipher-data blocks. The key length of DES is 64 bits, of which 8 bits are used for parity checking and 56 bits are actual key data for encryption or decryption.
RSA is a public key (asymmetric) cryptographic algorithm named after its three inventors, Ron Rivest, Adi Shamir and Leonard Adleman. It is a public-key cryptosystem that can be used for both 10 encryption and for digital signature. The security foundation of RSA is built on the difficulty of factoring large numbers; the public and private keys of RSA are functions of a pair of large prime numbers with a typical size of 512 to 2048 in bit length.
U.S. Patent No. 5,483,598, titled Message Encryption Using A Hash Function, of Digital Equipment 15 Corp., discusses an encryption method which uses a key and XORes it with a block of a message.
The key is produced by hashing a number and the message block using the hashing algorithm MD4 (Message Digest algorithm). A new key will be formed by hashing the previous key and the previous encrypted message.
20 However, encryption keys are not easy for human users to memorize. Thus, providing a way for the user to obtain an encryption key, for example using a known encryption method, is useful.
In U.S. Patent No. 5,073,935, titled Method For Secure Communication, of Jose Pastor, a set of numbers is provided that have the property that the encrypted version of the numbers will be of an 25 order substantially smaller than that of the original set when the RSA public key encryption is used.
To encrypt a message, a number is selected from the set and the selected number is used to produce a key by a hashing function. The requirement for the hashing function is that it maps a number a onto a set of numbers of lower order, such that the jth number from the number set may be used for an encryption key. The key is then used to encrypt the message via the DES algorithm. The key itself is encrypted using the RSA algorithm. However, like the earlier discussed Patent No. 5,491,752, the requirement for the number set described in this system prevents its applicability for wide networks.
Summar,v Of The Invention The easiest types of unique keys for human users to remember are passwords and simple alphanumeric codes. Therefore, the present invention is directed to providing a mechanism to generate encrypted keys from a given character string such as a password or alphanumeric, without 10 limitation on string length.
The invention is also directed to a generic crypto-logic design which generates a high quality key that is highly random within the key space, so that security can be provided when using the key in an entity authentication process.
Accordingly, the present invention provides a process for generating an encryption key from a bitstream for a given character string. The process consists of applying, at least repetitively, a combination of at least two bitstream processing operations selected from the group of operations including bitstream splitting, bitstream reordering and shllming, bit-wise operations, and one-way 20 hashing. Preferably, different combinations of the bitstream processing operations are applied in subsequent rounds.
In a further embodiment, the invention provides a process for generating an encryption key from a given character string in which the given character string is first combined with an initialization 25 character string to generate a combined character string. Character encoding is then applied to the combined character string to generate a first bitstream. In a first round, the bitstream is split into multiple sub-bitstreams and then the multiple sub-bitstreams are recombined into a second single bi~ e~ll on applying at least one additional bitstream processing operation selected from the group of operations comprising reordering and ~huming the sub-bitstreams, bit-wise operations on the sub-bi~ eanls, one-way hashing on the sub-bitstreams and combining multiple sub-bitstreams into a single bitstream through bit-wise operations on sub-bitstreams. In at least an additional round, further bitstream processing operations are performed on the resultant single bil~ll ealll.
The invention also provides a mechanism for generating an encryption key, for use in network entity authentication, from a given character string. The mechanism includes means for converting the given character string into a bitstream and means for generating a random bitstream. The means for generating a random bil~llea 1l operate by repetitively applying a combination of at least two bitstream processes selected from a group of bitstream processes. These bitstream processes include splitting a bil~lle~ll into multiple sub-bil~l-eallls, reordering and ~hllming sub-bitstreams, performing bit-wise operations on sub-bitstreams, one-way h~.ching, and combining multiple sub-bitstreams into a single bil~lleallls. Preferably, the mechanism includes means for combining the given character string with an initi~li7~tion character string to generate a combined character string, in which case the means for converting the given character string consists of means for converting the combined character string into a bitstream.
The invention also includes a program storage device having embodied thereon computer readable program code means to program a computer to perform the processes described above.
Brief Description of the Drawings Embodiments of the invention will now be described in detail in association with the accompanying drawings, in which:
Figures 1 to 5 are schematic diagrams with accompanying flow diagrammatic examples illustrating several bil~llt;alll processes used, in combination, in aspects of the preferred embodiment of the present invention;
Figure 6 is a data flow diagram schematically illustrating a generic encryption key generation mech~ni~m combining processes from Figures I to 5; and Figure 7 is a data flow diagram schematically illustrating a specific implementation of the encryption key generation meçh~ni~m of the invention.
5 Detailed Description of the Preferred Embodiments The present invention provides a technique for generating an encrypted key from a given character string, such as a password or alphanumeric string. The crypto logic for a generic key generation scheme, according to one aspect of the invention, is based on multiple rounds of combinations of the bi~ eall~ processes illustrated in Figures 1 through 5. These processes include bil~ll eanl split (Figure 10 1), reordering and .~hllming (Figure 2), bit-wise operations (Figure 3) and one way h~hing (Figure 4).
The given character string, then, must first be converted into a bitstream by encoding the characters by a number of bits. The techniques to do this are well known to those skilled in the art. In North 15 America, the characters are usually encoded by ASCII code in which each character is encoded by eight bits. The international standard, Unicode, encodes each character to sixteen bits which is able to represent the spoken text of many alphabets. For example, it can handle ideographic l~ngll~ges such as Chinese and Japanese.
20 Figure 5 illustrates an optional combination function of a given string and an initialization string employed prior to encoding the character string to a bitstream.
Referring first to Figure 1, bi~ alll split 4 is a technique that splits a bitstream 2 into multiple sub-bitstreams A, M and N, all generally designated by 6. The split can be achieved in any number of 25 ways. Two examples are illustrated in the flow diagrams of Figures I A and IB.
Figure IA illustrates the most straightforward form of bitstream splitting. Bits are assigned, one-by-one, to the sub-bitstreams in order, starting with the first bit assigned to the first substream (block l O), the second bit assigned to the second substream (block 14), and on to the Nth bit assigned to the Nth bitstream (block 18). If after any assignment the original bitstream has been exhausted, processing ends (blocks 12, 16 and 20). However, if bits remain in the original bi~ ealll after assignment of the Nth bit to the Nth substream (blocks 18, 20), the process loops as the next bit is 5 assigned to the first substream (block 22). The process is recursive until the original bil~lealll is exhausted. Taking a simple bil~Llea... 010001 and splitting it into three substreams following the process illustrated in Figure lA, would result in the following:
substream 1: 00 substream 2: 10 substream 3: 01 A simple variation on the process illustrated in Figure lA is to assign two bits at a time from the original biL~L~e~ to the sub~ a --s in order. Under this variation, the three substreams derived from the original bitstream 010001 would be:
substream 1: 01 substream 2: 00 substream 3: 01 Figure lB illustrates another example of bitstream splitting that is more complicated, in that different numbers of bits from the original bil~llea"~ are assigned to successive sub-bitstreams. After assigning the first two bits from the original bil~L~ealll to the first substream (block 30), only one bit is assigned to the next substream (block 36) and three bits to the substream after that (block 52). As with the previously described algorithm (Figure lA), processing is handled recursively (blocks 40, 54) and ends when the original bitstream has been exhausted (blocks 32, 42-44, 48-50, 56-58 and 62-66).
Using the original bitstream 010001, the three sub-bitstreams resulting from use ofthe method in Figure lB would be:
substream 1: 01 substream 2: 0 substream 3: 001 Bitstream reordering and shuffiing 72, illustrated schematically in Figure 2, removes the correlation among bits within a bi~ e~ll 70 and so that the resulting bi~lealll 74 is random. For example, a 10-bitstream could be reordered to place the bits in the following order:
10 7 8 4 5 3 9 1 2.
Bit-wise operations 78 (Figure 3) combine M bitstreams 76 or sub-bitstreams into L bitstreams 80 using combinations of the logical operations AND, OR and Exclusive-OR (XOR).
These three operations are conventionally defined as follows:
Depending on the combination of these operations, the number of streams output may be the same, or greater or less than the number input. A simple example is illustrated schematically in figure 3A.
Two input streams 76a are combined three time 78a using each of the logical operations, AND, OR
and XOR, to produce three output streams 80a. Thus, if:
input stream I = 0101 input stream 2 = 1111~0 then, output stream I = 0101 output stream 2 = 1111 output stream 3 = 1010 25 The one way hashing process 84 illustrated in Figure 4 is irreversible. It produces a hashed bitstream 86 from the original bi~ alll 82. From the one way hashing process, it is computationally infeasible either to produce the original bitstream, or to find two different bi~l ea~lls which produce the same hashed bitstream. In the plerelled embodiment, the message digest algorithm MD5 is used, as discussed below. Other known algorithms include the MD4 and MD2 message digest algorithms, and 30 the standard, Secure Hash Algorithm (SHA).
A given string be optionally combined with an initialization string tied to the address or physical location of a computer, as illustrated in Figure 5. This technique is particularly useful in a closed network, where access limited to select machines, as well as select users, is desired. Figure 5 illustrates the basic concept of combining 92 a string 88 given by a user with an initialization string 5 90 supplied at the machine used to produce a single combined string.
The method of combination can vary. Figure 5A illustrates one possible algorithm. When a user entered character string is received 100, an initialization character string is loaded 102. The col-lbillalion of the two strings is done by taking one character at a time from the first string 104 then 10 one character at a time from the second string 106, and by repeating this process until all characters in both strings are taken 108, 1 14. If the length of the two strings are not equal, then after taking the last character from the shorter string, the ~ g character from the longer string will be appended to the combined string, that is after taking a character from a string the mechanism simply tests whether there are any additional characters in the other string 1 10, 1 16. If there are not additional 15 characters in the second string when it is tested 1 l O, then the remaining characters from the first string are simply appended 112, and if there are not additional characters rem~ining in the first string 116, then the rem~ining characters from the second string are simply appended 118.
An example of the result of this process is as follows. Taking two strings, "abcdefghijklmn" and 20 "mypassword", the combined string "ambycpdaesfsgwhoirjdklmn" is formed.
Figure 6 illustrates the combination of the above mentioned bit stream processes in a generic encryption key generation mech~nic~m, according to the invention.
A given string 120 can be optionally combined with an initialization string 122 and encoded to a bitstream as the first step through a combination and encoding function 124. The combination function performs a string c~hllffling to form the input string to the generic key generation scheme, that essentially comprises multiple rounds of colllbi~ ions of the bit stream processes illustrated in Figures 1 to 4 and discussed above. Depending on the encryption mechanism (eg., DES), the generated key 128 from Figure 6 may require a post process such as parity bit setting.
Figure 7 provides an implementation example of a specific key generation mechanism following the 5 generic outline illustrated in Figure 6. Figure 7 illustrates a mechanism to generate a 64 bit DES key from a given string for authentication purpose.
The initialization character string 200 is used for scambling the user entered string (a password or alphanumeric) 202. This is performed in the combination block 204, using the process such as 10 illustrated in Figure SA and described above. The bil~-ea--- generated from the combined string is hashed by the MD5 message digest algorithm 206 to yield a 16 byte digest. The hashed result is then divided into two halves, a left half 208 and right half 212. Each half is hashed again by the MD5 message digest algorithm 210, 214. The result from hashing the right half 212 is bitwise reversed after hashing 214. (For example, "0011001100110011" becomes "1100110011001100"). The results from hashing the left half 210 is exclusive ORed 216 with the bit reversed right half 214 to form the input for the second round process. The process is repeated n times 218 through 230, 234. Finally, the exclusive ORed result 236 is divided again, and this time the right half 240 is exclusive ORed 242 with the left half 238. At this point, 8 byte data is produced, which forms a 64 bit key. Since the DES encryption key has parity checking bits, the final DES encryption key 246 is produced after 20 setting the parity bits with the 8 byte data 244.
The generic key generation method of the present invention could be provided as a specific implementation (such as shown and described in relation to Figure 7), or as a tool for application developers to design a key for unique encryption "algorithms" for specific applications or specific 25 users. Provided a minimum number of rounds of combined bitstream operations are performed in the algorithm, the resulting key for encryption will be strong enough for secure network tr~n~mi.csion.
A strong key will be achieved if 16 rounds of combined bitstream operations are applied. A lesser number of rounds may be adequate where the security requirements are not as stringent.
A feature of the invention discussed above is that the specific algorithm produced following the method ofthe invention will not limit the user's password as to size or context. "Hereismypassword"
will be equally valid password input for key generation as "pas8word" or some other rigidly-structured password input. With this feature, the user can use a long English phrase mixed with 5 digits, against password guessing attack, such as "My grandfather's 90th birthday is March 16".
Modifications to the invention which would be obvious to those skilled in the art are intended to be covered by the appended claims.
Claims (16)
1. A process for generating an encryption key from a bitstream for a given character string, comprising:
applying, at least repetitively, a combination of at least two bitstream processing operations selected from the group of operations including bitstream splitting, bitstream reordering and shuffling, bit-wise operations, and one-way hashing.
applying, at least repetitively, a combination of at least two bitstream processing operations selected from the group of operations including bitstream splitting, bitstream reordering and shuffling, bit-wise operations, and one-way hashing.
2. The process, according to claim 1, wherein in repetitive applications, different combinations of the at least two bitstream processing operations are applied.
3. The process, according to claim 2, wherein combinations of at least two bitstream processing operations are applied at least eight times.
4. The process, according to claim 2, wherein combinations of at least two bitstream processing operations are applied at least sixteen times.
5. The process, according to claim 1, wherein the combination of at least two bitstream processing operations comprises:
splitting the bitstream into multiple sub-bitstreams; and applying bit-wise operations to combine the multiple sub-bitstreams into a second single bitstream.
splitting the bitstream into multiple sub-bitstreams; and applying bit-wise operations to combine the multiple sub-bitstreams into a second single bitstream.
6. The process, according to claim 5, wherein the combination of at least two bitstream processing operations comprises:
applying to at least one of the sub-bitstreams, at least one bitstream processing operation selected from the group of operations including bitstream reordering and shuffling, bit-wise operations and one-way hashing.
applying to at least one of the sub-bitstreams, at least one bitstream processing operation selected from the group of operations including bitstream reordering and shuffling, bit-wise operations and one-way hashing.
7. A process for generating an encryption key from a given character string, comprising:
combining the given character string with an initialization character string to generate a combined character string;
applying character encoding to generate a first bitstream from the combined character string;
in a first round, splitting the first bitstream into multiple sub-bitstreams and recombining the multiple sub-bitstreams into a second single bitstream on applying at least one additional bitstream processing operation selected from the group of operations comprising reordering and shuffling the sub-bitstreams, bit-wise operations on the sub-bitstreams one-way hashing on the sub-bitstreams and combining multiple sub-bitstreams into a single bitstream through bit-wise operations on sub-bitstreams; and in at least an additional round, performing further bitstream processing operations on the resultant single bitstream.
combining the given character string with an initialization character string to generate a combined character string;
applying character encoding to generate a first bitstream from the combined character string;
in a first round, splitting the first bitstream into multiple sub-bitstreams and recombining the multiple sub-bitstreams into a second single bitstream on applying at least one additional bitstream processing operation selected from the group of operations comprising reordering and shuffling the sub-bitstreams, bit-wise operations on the sub-bitstreams one-way hashing on the sub-bitstreams and combining multiple sub-bitstreams into a single bitstream through bit-wise operations on sub-bitstreams; and in at least an additional round, performing further bitstream processing operations on the resultant single bitstream.
8. The process for generating an encryption key, according to claim 7, wherein the step of, in at least an additional round, performing further bitstream processing operations on the resultant single bitstream, comprises performing combinations of bitstream processing operations in successive rounds.
9. The process, according to claim 8, wherein the successive rounds comprise at least seven additional rounds.
10. The process, according to claim 8, wherein the successive rounds comprise at least fifteen additional rounds.
11. A mechanism for generating an encryption key, for use in network entity authentication, from a given character string, comprising:
12 means for converting the given character string into a bitstream; and means for generating a random bitstream by repetitively applying a combination of at least two bitstream processes selected from the group of bitstream processes comprising:
splitting a bitstream into multiple sub-bitstreams, reordering and shuffling sub-bitstreams, performing bit-wise operations on sub-bitstreams, one-way hashing, and combining multiple sub-bitstreams into a single bitstreams.
12. The mechanism, according to claim 11, further comprising:
means for combining the given character string with an initialization character string to generate a combined character string, and wherein the means for converting the given character string comprises means for converting the combined character string into a bitstream.
splitting a bitstream into multiple sub-bitstreams, reordering and shuffling sub-bitstreams, performing bit-wise operations on sub-bitstreams, one-way hashing, and combining multiple sub-bitstreams into a single bitstreams.
12. The mechanism, according to claim 11, further comprising:
means for combining the given character string with an initialization character string to generate a combined character string, and wherein the means for converting the given character string comprises means for converting the combined character string into a bitstream.
13. The mechanism, according to claim 11, wherein the means for generating a random bitstream, comprises:
means for splitting the bitstream into multiple sub-bitstreams;
means for applying at least one further bitstream processing operation to at least one of the sub-bitstream; and means for recombining the multiple sub-bitstreams into a second single bitstream.
means for splitting the bitstream into multiple sub-bitstreams;
means for applying at least one further bitstream processing operation to at least one of the sub-bitstream; and means for recombining the multiple sub-bitstreams into a second single bitstream.
14. The mechanism, according to claim 13, wherein the means for recombining the multiple sub-bitstreams comprises means for combining the sub-bitstreams into a single bitstream through bit-wise operations.
15. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps for generating an encryption key from a bitstream for a given character string, said method steps comprising:
applying, at least repetitively, a combination of at least two bitstream processing operations selected from the group of operations including bitstream splitting, bitstream reordering and shuffling, bit-wise operations, and one-way hashing.
applying, at least repetitively, a combination of at least two bitstream processing operations selected from the group of operations including bitstream splitting, bitstream reordering and shuffling, bit-wise operations, and one-way hashing.
16. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps for generating an encryption key from a given character string, said method steps comprising:
combining the given character string with an initialization character string to generate a combined character string;
applying character encoding to generate a first bitstream from the combined character string;
in a first round, splitting the first bitstream into multiple sub-bitstreams and recombining the multiple sub-bitstreams into a second single bitstream on applying at least one additional bitstream processing operation selected from the group of operations comprising reordering and shuffling the sub-bitstreams, bit-wise operations on the sub-bitstreams, one-way hashing on the sub-bitstreams and combining multiple sub-bitstreams into a single bitstream through bit-wise operations on sub-bitstreams; and in at least an additional round, performing further bitstream processing operations on the resultant single bitstream.
combining the given character string with an initialization character string to generate a combined character string;
applying character encoding to generate a first bitstream from the combined character string;
in a first round, splitting the first bitstream into multiple sub-bitstreams and recombining the multiple sub-bitstreams into a second single bitstream on applying at least one additional bitstream processing operation selected from the group of operations comprising reordering and shuffling the sub-bitstreams, bit-wise operations on the sub-bitstreams, one-way hashing on the sub-bitstreams and combining multiple sub-bitstreams into a single bitstream through bit-wise operations on sub-bitstreams; and in at least an additional round, performing further bitstream processing operations on the resultant single bitstream.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CA 2210763 CA2210763C (en) | 1997-07-17 | 1997-07-17 | Key generation from a given string for entity authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CA 2210763 CA2210763C (en) | 1997-07-17 | 1997-07-17 | Key generation from a given string for entity authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CA2210763A1 CA2210763A1 (en) | 1999-01-17 |
| CA2210763C true CA2210763C (en) | 2000-02-29 |
Family
ID=4161080
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA 2210763 Expired - Fee Related CA2210763C (en) | 1997-07-17 | 1997-07-17 | Key generation from a given string for entity authentication |
Country Status (1)
| Country | Link |
|---|---|
| CA (1) | CA2210763C (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8117344B2 (en) | 1996-12-13 | 2012-02-14 | Visto Corporation | Global server for authenticating access to remote services |
| DE102011016150A1 (en) * | 2011-03-28 | 2012-10-04 | Jurij Schilling | Method for authentication of code password based on algorithm, involves using authentication not only between processing system and user, but also between processing system and another processing system |
| US8549314B2 (en) | 2010-04-29 | 2013-10-01 | King Saud University | Password generation methods and systems |
| US9083510B1 (en) * | 2013-03-13 | 2015-07-14 | Emc Corporation | Generation and management of crypto key for cloud data |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6708221B1 (en) | 1996-12-13 | 2004-03-16 | Visto Corporation | System and method for globally and securely accessing unified information in a computer network |
| US6766454B1 (en) | 1997-04-08 | 2004-07-20 | Visto Corporation | System and method for using an authentication applet to identify and authenticate a user in a computer network |
| US6233341B1 (en) | 1998-05-19 | 2001-05-15 | Visto Corporation | System and method for installing and using a temporary certificate at a remote site |
| US7373517B1 (en) * | 1999-08-19 | 2008-05-13 | Visto Corporation | System and method for encrypting and decrypting files |
| US7739334B1 (en) | 2000-03-17 | 2010-06-15 | Visto Corporation | System and method for automatically forwarding email and email events via a computer network to a server computer |
| US8117450B2 (en) * | 2001-10-11 | 2012-02-14 | Hewlett-Packard Development Company, L.P. | System and method for secure data transmission |
| US7752166B2 (en) | 2001-11-15 | 2010-07-06 | Visto Corporation | System and methods for asynchronous synchronization |
-
1997
- 1997-07-17 CA CA 2210763 patent/CA2210763C/en not_active Expired - Fee Related
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8117344B2 (en) | 1996-12-13 | 2012-02-14 | Visto Corporation | Global server for authenticating access to remote services |
| US8745167B2 (en) | 1996-12-13 | 2014-06-03 | Good Technology Corporation | System and method for globally and securely accessing unified information in a computer network |
| US8812702B2 (en) | 1996-12-13 | 2014-08-19 | Good Technology Corporation | System and method for globally and securely accessing unified information in a computer network |
| US9361603B2 (en) | 1996-12-13 | 2016-06-07 | Good Technology Corporation | System and method for globally and securely accessing unified information in a computer network |
| US8549314B2 (en) | 2010-04-29 | 2013-10-01 | King Saud University | Password generation methods and systems |
| DE102011016150A1 (en) * | 2011-03-28 | 2012-10-04 | Jurij Schilling | Method for authentication of code password based on algorithm, involves using authentication not only between processing system and user, but also between processing system and another processing system |
| US9083510B1 (en) * | 2013-03-13 | 2015-07-14 | Emc Corporation | Generation and management of crypto key for cloud data |
Also Published As
| Publication number | Publication date |
|---|---|
| CA2210763A1 (en) | 1999-01-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5661807A (en) | Authentication system using one-time passwords | |
| US6987853B2 (en) | Method and apparatus for generating a group of character sets that are both never repeating within certain period of time and difficult to guess | |
| US6445797B1 (en) | Method and system for performing secure electronic digital streaming | |
| US6973187B2 (en) | Block encryption method and schemes for data confidentiality and integrity protection | |
| US8031865B2 (en) | Multiple level security system and method for encrypting data within documents | |
| US5673318A (en) | Method and apparatus for data authentication in a data communication environment | |
| US6959394B1 (en) | Splitting knowledge of a password | |
| US6002769A (en) | Method and system for performing secure electronic messaging | |
| US6490353B1 (en) | Data encrypting and decrypting apparatus and method | |
| US20020048364A1 (en) | Parallel block encryption method and modes for data confidentiality and integrity protection | |
| US20020056040A1 (en) | System and method for establishing secure communication | |
| US4890324A (en) | Enciphering/deciphering method and arrangement for performing the method | |
| HUT68148A (en) | Method and system for digital signal processing | |
| EP1302022A2 (en) | Authentication method and schemes for data integrity protection | |
| WO1998007251A1 (en) | Improved cryptographically secure pseudo-random bit generator for fast and secure encryption | |
| CA2210763C (en) | Key generation from a given string for entity authentication | |
| Touil et al. | H-rotation: secure storage and retrieval of passphrases on the authentication process | |
| WO1994021066A1 (en) | A method and apparatus for generating a digital message authentication code | |
| KR100551992B1 (en) | encryption/decryption method of application data | |
| EP1456997B1 (en) | System and method for symmetrical cryptography | |
| Handschuh et al. | On the security of double and 2-key triple modes of operation | |
| WO1998059456A2 (en) | Method and system for performing secure electronic messaging | |
| Bhatia | Cryptography-The Hidden Message | |
| Lim | Message encryption and authentication using one-way hash functions | |
| Martin et al. | Analysis of hash function of Yi and Lam |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request | ||
| MKLA | Lapsed |