1. Field of the Invention
The present invention relates in general to cryptographic techniques for securing electronic communications, and in particular to a cryptographic protocol which may be utilized in combination with a security processor in order to secure the transmission of communications over an insecure communication channel, such as the internet.
2. Description of the Prior Art
Currently, the internet is receiving increased attention as a medium for providing content to consumers and other end users. The content may comprise sound or video recordings, computer programs, computer games, news and information such as electronic magazines, stock information, and the like. Additionally, the internet is being used increasingly for the conduct of electronic commerce, which results in transactions which include order and payment information which are communicated over the insecure communication channel of the internet. A variety of technologies are being developed in order to further facilitate the communication of content and to facilitate the conduct of electronic commerce over the internet, cable, satellites and other insecure communication channels.
In accordance with one prior art technique, a special purpose security processor has been developed which is installed in the data processing system which is under the control of a content consumer, which serves a "gate keeping" function within the consumer's data processing system in order to receive encrypted content, decrypt the content, execute program instructions, and pass the digital content on to the data processing system for further processing and utilization by the consumer. The prior art security processor includes a microcontroller, an on-board ROM and RAM, a cryptographic module (such as a triple DES engine), a real-time clock, and an interface system. It utilizes a shared-secret encryption algorithm to encrypt the content before it is passed over the internet to the consumer. Upon receipt at the consumer's data processing system, the security processor utilizes the encryption engine and the shared-secret key which is maintained in memory in the security processor in order to decrypt the content and to pass it to the consumer's data processing system for further processing.
Systems which operate on shared-secret key cryptographic protocols are of special interest to hackers, since a key library must be maintained in confidence for the protocol to be effective. The key library maintained by the content provider provides an attractive target for hackers, especially when consumer content such as computer programs, audio recordings, video recordings have considerable market value and are subject to considerable amounts of piracy in general.
The present invention is an improved protocol for use in combination with the prior art security processor devices which enhances the overall security.