This invention relates to systems, methods and computer program products for communicating among nodes that are connected to a communications network, and more particularly to systems, methods and computer program products for sending and receiving secure messages among nodes that are connected to a communications network.
Communications networks are widely used to send and receive messages among nodes that are connected thereto. Communications networks may include wired and wireless communications networks, local area networks, the Internet, buses that connect two or more nodes, and combinations thereof. Nodes may include mainframe, mid-range and personal computers, workstations, radiotelephones, application programs such as client and server programs, devices such as smart cards and cryptographic adapters, and combinations thereof. In network communications, data may be encrypted selectively, ancrypted may stay end until it is decrypted by the intended recipient or recipients.
Encryption often occurs between two communicating nodes: a single sender and a single receiver. However, there are situations where messages are communicated to multiple other nodes, or data is shared with multiple other nodes. For example, a user may wish to send an encrypted email message to several other users, whose email addresses are contained in a distribution list. Alternatively, a user may wish to send an encrypted document, attached to an email message, to several other users.
Existing key derivation and key transport protocols, which may work well between two communicating nodes, may not work as well when there are multiple recipients. For example, the sender of an email message can separately encrypt the data key that is used to encrypt the data, in the public key of each recipient. However, if users in this closed group will have a subsequent need to communicate or share additional encrypted messages or documents with other users of the same group, the above-described method of encrypting the data-encrypting keys in the public key of each recipient may not be an efficient or effective solution, because the method may not scale well.
Other conventional mechanisms for generating and distributing group symmetric keys may rely on a Key Distribution Center (KDC) to manage the setup of symmetric keys. A group key request may be sent to the KDC. The KDC then contacts each group member and distributes the symmetric key. The group members can then secure group communication.
For example, A. Ballardie, xe2x80x9cScalable Multicast Key Distributionxe2x80x9d, IETF RFC-1949, May 1996, defines a multicast key distribution method using a xe2x80x9ccore based treexe2x80x9d multicast scheme. In a group of communicating users, a delivery multicast tree is built around several core members. One of the core members is assigned the role of primary core and the group key distribution center. Once the core based tree is established, the primary core member (i.e., the group key distribution center) creates a group key, encrypts it with each core public key and sends it to the core members. After receiving the group key, each core member then encrypts the group key with the public keys of its subordinates and sends it to them. When a group member wants to send an encrypted message to other members, it sends a request to the primary core. The primary core creates a session key (i.e., a data encrypting key), encrypts it with the group key, and sends it to secondary cores for distribution to group members over the core based tree.
Similarly, Harney et al., xe2x80x9cGroup Key Management Protocol (GKMP) Specificationxe2x80x9d, IETF RFC-2093, July 1997, and xe2x80x9cGroup Key Management Protocol (GKMP) Architecturexe2x80x9d, IETF RFC-2094, July 1997, define a group key management protocol to create group symmetric keys and distribute them among group members. A xe2x80x9cgroup controllerxe2x80x9d creates a xe2x80x9cgroup traffic encrypting keyxe2x80x9d, encrypts it with each member""s public key, and sends it to the group members. Then, the group controller contacts each member of the group and creates a xe2x80x9csession traffic encrypting keyxe2x80x9d for that member. When a group member wants to send an encrypted message to other members, it encrypts the message using its session traffic encrypting key.
Finally, ANSI X9.69, xe2x80x9cKey Management Extensionsxe2x80x9d, 1998, defines a role-based key management scheme for distribution of symmetric keys. A policy manager defines one or more xe2x80x9cdomainsxe2x80x9d with each being specified by a xe2x80x9cDomain Authorityxe2x80x9d (DA). Three symmetric keys are used to generate xe2x80x9cworking keysxe2x80x9d. These are xe2x80x9cDomain Key Splitxe2x80x9d, xe2x80x9cMaintenance Key Splitxe2x80x9d, and xe2x80x9cRandom Key Splitxe2x80x9d. A DA generates two symmetric keys: a Domain Key Split and a Maintenance Key Split. The DA sends these two keys to all the users in its domain. The Maintenance Key Split is used to update the Domain Key Split. To encrypt a message a xe2x80x9cWorking Keyxe2x80x9d is derived from the three symmetric keys. The message is encrypted with the Working Key.
Notwithstanding the above-described mechanisms for generating and distributing group symmetric keys, there continues to be a need for systems, methods and computer program products for sending secure message among a group of nodes selected from a plurality of nodes that are connected to a communications network.
The present invention provides systems, methods and/or computer program products for sending secure messages among a group of nodes selected from a plurality of nodes that are connected to a communications network, by defining a group key at any one of the group of nodes. The group key is then sent to remaining ones of the group of nodes. A message is encrypted at any one of the group of nodes using a session key that is generated from the group key. The encrypted message is sent to remaining ones of the group of nodes.
Accordingly, scaleable systems, methods and/or computer program products can create and distribute symmetric keys among a group of communicating nodes. Unlike conventional group key management mechanisms, the present invention need not use a centralized key distribution centerxe2x80x94only the group members may generate and distribute group symmetric keys. The group symmetric keys permit each node to conveniently and securely communicate, share, and access data belonging to the group. A group of communicating nodes can thus send secure messages to the group members without having to send the session key individually to each node.
More specifically, systems, methods and/or computer program products for sending secure messages among a group of nodes selected from a plurality of nodes that are connected to a communications network, define a random secret key at a first one of the group of nodes. The random secret key is sent from the first one of the group nodes to remaining ones of the group of nodes. A random number is generated at a second one of the group of nodes. A one-way hash of the random number and the random secret key is performed at the second one of the group of nodes to generate a working key. A message is encrypted at the second one of the group of nodes, using the working key. The encrypted message and the random number is sent from the second one of the group of nodes to remaining ones of the group of nodes.
The encrypted message and the random number are received at the remaining ones of the group of nodes. Each of the remaining ones of the group of nodes performs a one-way hash of the random number and the random secret key, to regenerate the working key. The message is then decrypted using the regenerated working key. It will be understood that the secret key may be defined at any one of the group of nodes rather than a predefined, centralized key distribution center. Moreover, the random number may be generated at any one of the group of nodes that desires to communicate an encrypted message to remaining ones of the group of nodes. Decentralized group key management is thereby provided.
Key transport may also be performed by generating a data encrypting key at the second one of the group of nodes and encrypting the data encrypting key with the working key. Encryption of the message is then performed by encrypting a message at the second one of the group of nodes, using the data encrypting key. The encrypted data encrypting key is sent along with the encrypted message and the random number, from the second one of the group of nodes to remaining ones of the group of nodes. At the remaining ones of the group of nodes, a one-way hash of the random number and the random secret key is performed to regenerate the working key. The encrypted data encrypting key is decrypted using the regenerated working key. The message is decrypted using the data encrypting key.
Control information including an identification of the group of nodes, an identification of the second one of the group of nodes and an identification of permitted uses of the working key, may also be sent along with the messages. A one-way hash is performed of the random number, the random secret key and the control information at the second one of the group of nodes, to generate a working key. Then, the encrypted message, the random number and the control information are sent from the second one of the group of nodes to remaining ones of the group of nodes.
Finally, a signature may also be sent along with the encrypted message and the random number. In particular, a signature is generated by encrypting a one-way hash of the random number and control information with a private key of the second one of the group of nodes. Then, the encrypted message, the random number, the control information and the signature are sent from the second one of the group of nodes to remaining ones of the group of nodes. It will also be understood that both control information and a signature may be sent.
In order to define a random secret key and also send encrypted messages, each node in the group of nodes includes means for defining a random secret key, means for sending the random secret key to the group of nodes, means for generating a random number, means for performing a one-way hash of the random number and the random secret key to generate a working key, means for encrypting a message using a working key and means for sending the encrypted message and the random number to the group of nodes. Each node also includes means for decrypting the message using the regenerated working key. Each node may also include means for generating a data encrypting key, and means for encrypting the data encrypting key with the working key. Each node may also include control information and/or a signature. Each of the above-described means may be embodied as hardware, software or combinations thereof.