News Column

Patent Issued for Secret Sharing in Cryptographic Devices via Controlled Release of Plaintext Information

July 22, 2014



By a News Reporter-Staff News Editor at Information Technology Newsweekly -- A patent by the inventor Juels, Ari (Brookline, MA), filed on December 23, 2011, was published online on July 8, 2014, according to news reporting originating from Alexandria, Virginia, by VerticalNews correspondents.

Patent number 8774410 is assigned to EMC Corporation (Hopkinton, MA).

The following quote was obtained by the news editors from the background information supplied by the inventors: "In many applications, it is desirable for one computer, server, mobile telephone, RFID tag or other type of cryptographic device to pair with, authenticate or otherwise share secrets such as keys with another cryptographic device. Unfortunately, such arrangements can be problematic when carried out using existing techniques.

"For example, a conventional pairing protocol that relies on breakable ciphers is disclosed in G. T. Amariucai et al., 'An Automatic, Time-Based, Secure Pairing Protocol for Passive RFID,' RFIDSec, 2011, which is incorporated by reference herein. This known pairing protocol is referred to as an 'adopted pet' or AP protocol. In the AP protocol, an RFID tag gradually leaks a secret key, such that a reader in proximity to the tag for an extended period of time can learn the secret key. However, a reader that receives tag outputs over only limited-duration intervals of time cannot learn the secret key. Thus, for instance, a tag in a user's home might pair with a reader there overnight, while a maliciously operated reader in a commuter bus would not have sufficient time to harvest the secret key from the tag.

"The AP protocol leaks the secret key through a key stream generated by a cryptographically weak pseudorandom number generator (PRNG), such as a linear-feedback shift register (LFSR), seeded by the secret key. By harvesting enough contiguous key stream data, a reader can break the PRNG and recover the secret key. However, this reliance on breakable ciphers has a number of significant drawbacks. For example, breakable ciphers can be difficult to implement in practice, and their security level is difficult to calibrate. Also, requiring the use of breakable ciphers means that the AP protocol will not work with strong, standard ciphers such as the Advanced Encryption Standard (AES). Furthermore, the AP protocol does not permit a flexible range of security policies."

In addition to the background information obtained for this patent, VerticalNews journalists also obtained the inventor's summary information for this patent: "Illustrative embodiments of the present invention provide improved sharing of keys or other secret values between cryptographic devices without requiring the use of breakable ciphers as in the above-described conventional AP protocol.

"In one embodiment, a first cryptographic device generates plaintext information characterizing at least one key or other secret value associated with that device. The first cryptographic device releases portions of the plaintext information to a second cryptographic device over respective time intervals. The portions of the plaintext information are configured by the first cryptographic device such that the second cryptographic device must receive at least a designated minimum number of the portions in order to determine the secret value from those received portions.

"By way of example, the portions of the plaintext information may be wirelessly transmitted by the first cryptographic device, such that the second cryptographic device must be in wireless contact with the first cryptographic device for at least a designated minimum amount of time in order to receive the designated minimum number of portions required to determine the secret value.

"Accordingly, in one or more of the illustrative embodiments, secret shares may be disclosed using controlled release of over a plaintext channel, in a manner that is compatible with AES and other strong, standard ciphers, while also permitting a flexible range of security policies.

"These and other features and advantages of embodiments of the present invention will become more readily apparent from the accompanying drawings and the following detailed description."

URL and more information on this patent, see: Juels, Ari. Secret Sharing in Cryptographic Devices via Controlled Release of Plaintext Information. U.S. Patent Number 8774410, filed December 23, 2011, and published online on July 8, 2014. Patent URL: http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=8774410.PN.&OS=PN/8774410RS=PN/8774410

Keywords for this news article include: EMC Corporation, Information Technology, Information and Cryptography.

Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC


For more stories covering the world of technology, please see HispanicBusiness' Tech Channel



Source: Information Technology Newsweekly


Story Tools






HispanicBusiness.com Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters