1. Field of the Invention
The present invention relates generally to techniques for secure communications and cryptographic systems and more specifically to methods and systems for secure distribution of pre-generated key material using a high order and/or convolved knowledge sharing.
2. Description of the Related Art
Within many secure systems the need to perform escrow of encryption keys is a growing need. Within military battle engagements data is often recorded and encrypted for later analysis. In banking, transactions must often be recorded for posterity but be maintained in a confidential manner. In the case of VPN networks which contain routers, it is often required to decrypt and re-encrypt traffic at multiple locations (adding latency and potential security vulnerabilities) due to the use of different cryptographic keys.
In many of these scenarios it becomes necessary for all parties involved to utilize the same key for cryptographic encryption and decryption. The difficulty is distributing the key to multiple parties in a secure manner (particularly where escrow may be required) which does not require physically connecting to the system to input the key. Such a practice is often used with very high assurance systems, but this activity is cost prohibitive in most applications.
Eliminating the need to physically connect to each system, a simple Diffie-Hellman approach (or other key establishment system within the art of cryptography) may be used to create a ‘session’ key which is used to encrypt the actual key during transit. This approach as well as the physical connection approach is vulnerable in that a compromise of the element distributing key material may compromise the entire system. Key splits have been used to ensure that the key distributing element may be compromised while not compromising the system. These approaches require a generation element with access to the original key, or require a separate piece of data to be stored for each key.
U.S. Pat. No. 7,212,632, issued to Edward M. Scheidt, et al., entitled, “Cryptographic Key Split Combiner” discloses a process and apparatus for assembling keys which provides added security against compromising a communication by unauthorized entities, and a process and apparatus for assembling keys which provides added security against compromising a communication by unauthorized entities.
U.S. Pat. No. 7,065,210, issued to Shigeo Tsujii, et al., entitled, “Secret Key Generation Method, Encryption Method, Cryptographic Communications Method, Common Key Generator, Cryptographic Communications System, and Recording Media” discloses a secret key generation method, encryption method, and cryptographic communications method based on an ID-NIKS, wherewith specifying information (ID information) is divided into a plurality of portions, and all secret keys based on the divided specifying information are distributed to entities from each of a plurality of centers, whereby it is possible to minimize the mathematical structures, circumvent the collusion problem, and facilitate the construction of the cryptosystem.
U.S. Pat. No. 7,269,261, issued to William T. Jennings, entitled, “Key Escrow Systems” discloses key escrow systems that comprise a class of cryptographic systems specifically intended for the storage of cryptographic keying information. These systems have requirements unique from other common cryptographic applications and implementation of key escrow systems requires special considerations beyond those of other secure systems. The Jennings invention relates to techniques, which can be applied to systems such as those used for Key escrow. However, the techniques have a wider range of application. The described methodology for modular multiplication has a range of applicability in fields including Cryptography, Fault-Tolerant Computation, and Digital Signal Processing (DSP).