1. Field of the Invention
The field of the present invention is cryptography.
2. Background
The science of cryptography has existed for thousands of years, but it is only within the last one hundred or so years that cryptography has become important to the general public. First with the telegraph, then with radio and telephone communications, and now in the information age that is typified by electronic communications over the Internet and computer networks of all kinds, both wired and wireless.
Given the long history of cryptography, many methods are available for generating cipher text (the terms cipher text, encrypted information, encrypted data, and encrypted transmission are used interchangeably herein) from plain text (similarly, the terms plain text, unencrypted information, unencrypted data, and unencrypted transmission are used interchangeably herein), ranging from the simple to the very complex. Regardless of the complexity of any individual cipher system, all seek to encode plain text as cipher text to prevent access to the encoded data or message by unauthorized parties (the terms encode and encrypt are used synonymously herein, as are the terms decode and decrypt).
Two common approaches to cryptography are found in U.S. Pat. No. 3,962,539 to Ehrsam et al., entitled “Product Block Cipher System For Data Security”, and in U.S. Pat. No. 4,405,829 to Rivest et al., entitled “Cryptographic Communications System and Method”. The Ehrsam patent discloses what is commonly known as the Data Encryption Standard (DES), while the Rivest patent discloses what is commonly known as the RSA algorithm.
DES is based upon secret-key cryptography, also referred to as symmetric cryptography, and relies upon a 56 bit key for encryption. In this form of cryptography, the sender and receiver of cipher text both possess identical secret keys, which are, in an ideal world, completely unique and unknown to the world outside of the sender and receiver. By encoding plain text into cipher text using the secret key, the sender may send the cipher text to the receiver using any available public or otherwise insecure communication system. The receiver, having received the cipher text, decrypts it using the secret key to arrive at the plain text.
The security of data encrypted using DES depends largely upon the length of the secret key and, as alluded to previously, the secrecy of the secret key. DES encryption, as originally devised, utilized a 56 bit key. With the processing power of desktop computers ever increasing, the difficulty of divining a secret key from cipher text is rapidly decreasing. DES encryption, therefore, is a less secure form of cryptography than it was five years ago.
One solution that has been implemented to resolve the security issue surrounding DES is to encrypt data two or more successive times using the DES algorithm. Each successive level of encryption may use the same or different DES keys. If different keys are employed, careful selection of the keys is important as some key combinations actually result in a less secure encryption than encryption using a single 56 bit key. This method of encryption, however, has been primarily employed as a stopgap measure until the Advanced Encryption Standard (AES), which supports keys up to 256 bits in length and utilizes a different encryption algorithm, becomes more widely employed.
RSA encryption is based upon public-key cryptography. Two asymmetric keys are generated using two large prime numbers and a predefined mathematical relationship. The first key is kept private to a recipient, and the second key is made available to those who send data to the recipient. The mathematical relationship between the public and private keys enables the recipient of data encrypted with the public key to decrypt that data using the private key. The security of RSA is based upon the difficulty of factoring a very large number to discover the private key.
A commercial implementation of RSA is available from PGP Corporation of Palo Alto, Calif., and open source implementations are available at http://www.pgpi.org and http://www.gnupg.org (collectively, these RSA implementations are referred to herein as “PGP encryption”).