Patent #6,105,133Bilateral Authentication and Encryption SystemABSTRACTA bilateral system for authenticating remote transceiving stations through use of station identifiers (IDs), and through use of passwords which are used only one time, and thereafter exchanging messages through use of an encryption key which is changed after each system connection. Upon authentication, each of the stations independently creates a secret session encryption key in response to the other stations unique station identifier that is exchanged over a communication link in cleartext. The station identifiers are used as tags to look up a unique static secret and a unique dynamic secret which are known only by the two stations, but which are not exchanged over the communication link. The secrets are independently combined by a bit-shuffle algorithm, the result of which is applied to a secure hash function to produce a message digest. The secret session encryption key, a one-time password for the originating station, a one-time password for the receiving station, and a pseudo-random change value for updating the dynamic secret are derived from the message digest. The dynamic secret is updated by the pseudo-random change value and a prime constant after each system connection, thus causing the message digest to be updated upon the occurrence of a new system connection. Further, the system IDs also may be altered by a component of the message digest upon the occurrence of a new system connection to provide an additional protection against playback impersonation.
© 2007, PACid, LLC.
|
A Vigenère Square with custom alphabet.
Image courtesy of Peter Drubetskoy peter@skyredoubt.com. See more of Peter's work at www.skyredoubt.com The Vigenère SquareBy extending the Vigenère Square with a new custom alphabet, users continue operating with a tried and true method with increased security, without the cost and risk of changeover. PACid extends today's encryption techniques in the same way, reducing risks while saving costs. |