1. Field of the Invention
The invention described herein relates to information security, and more particularly to encryption.
2. Related Art
There are a number of approaches available for protecting information against compromise. One approach is the use of cryptography. Traditional cryptography is symmetric in the following respects: First, both a sending party and receiving party have logic, e.g., software or hardware, for performing the same cryptographic algorithm. Such logic encrypts or decrypts data based on a secret piece of information known as a cryptographic key. Second, each party has the same key. The sending party uses this key together with the cryptographic logic to encrypt information, also known as plaintext, to be sent to the receiving party. Encrypted information is known as ciphertext. The receiving party, having the same cryptographic logic and the same key as the sending party, can then decrypt the received ciphertext.
In such a system, the key typically remains unchanged for some period of time, such as a day, a week, or longer. The same key, therefore, can be used for multiple transmissions. An adversary who recovers the key and is able to procure the cryptographic logic will be able to decrypt any transmission made using that logic and key. In traditional symmetric key cryptography, therefore, the handling of key becomes a security issue. A key can be compromised, forgotten, or otherwise lost. Keys must therefore be protected from the moment they are produced, during distribution to end-users, and during use. In addition, a key must be destroyed in a reliable manner once it is no longer to be used.
In recent years, asymmetric or public key cryptography has become popular. In such systems, one key is used for encryption purposes and can be publically known. A second key is used for decryption, and is kept secret. This allows anyone to encrypt a message, but only an intended party who holds the secret decrypt key can access the underlying message. Even in asymmetric key systems, therefore, there is a secret component which must be protected, much as keys must be protected in symmetric cryptographic systems. Moreover, if the encryption key is public, then an authentication problem is created. Because anyone can encrypt a message, the receiving party has no way of knowing, necessarily, whether the sending party is who he claims to be.
Some public key systems resolve this authentication problem by involving a third party. The third party serves to vouch for the authenticity of a sending party and his communications. The third party may also be responsible for the storage and distribution of the keys. The third party must therefore be highly trusted. In practice, maintaining a third party for purposes of assuring the authenticity of parties and managing keys can prove to be a significant logistical problem. The associated hardware and software, as well as any human operators, must be trusted by all parties in a user community. In addition, the problem of handling large numbers of keys and maintaining the mapping of the keys to individual users can be difficult.
Hence there is a need for a cryptographic method and system that secures information but which minimizes the likelihood of key management problems, such as loss and compromise of keys. Moreover, such a method and system should ideally eliminate the need for a trusted third party.
The invention described herein is a method, system, and computer program product that encrypts and decrypts information, such as electronic mail. Each party has a secret, unique, randomly assigned value y. In an embodiment of the invention, y is hardwired in a party""s encryption apparatus. A sending and receiving party first engage in a preliminary message exchange, or xe2x80x9chandshake.xe2x80x9d At this point, the sending party is given the y value of the receiving party. A key is then generated randomly or pseudo-randomly by the sending party. The key is used to encrypt a byte of information to be sent to the receiving party. A new key is generated for every byte to be encrypted. The resulting ciphertext is a combination of the output of a function F and a function P. F is a function of plaintext and the key. In an embodiment of the invention, P is a function of the plaintext and the y value of the receiving party. During operation, y values and keys are not readily apparent to users.
The invention described herein has the feature of having y values that are unique and randomly assigned to every party. The invention also has the feature of generating a new key for every byte of information to be encrypted. The invention has the advantage of not needing an elaborate, secure key distribution and management infrastructure. The invention has the further advantage of using continually changing keys.
The foregoing and other features and advantages of the invention will be apparent from the following, more particular description of a preferred embodiment of the invention, as illustrated in the accompanying drawings.