US2011107086A1PendingUtilityA1

Secure authentication and privacy of data communication links via dynamic key synchronization

42
Assignee: NEW MEXICO TECHNICAL RES FOUNDATIONPriority: Mar 13, 2003Filed: Oct 11, 2010Published: May 5, 2011
Est. expiryMar 13, 2023(expired)· nominal 20-yr term from priority
Inventors:Hamdy Soliman
H04L 9/0869H04L 9/0822H04L 9/12H04L 9/083H04L 9/16H04L 9/321
42
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A dynamic computer system security method and system using dynamic encryption and full synchronization between system nodes. A data record from a data stream created by a source user is encrypted with an initial dynamic session key. A new dynamic session key is generated based upon a data record and a previous dynamic session key. The new dynamic session key is then used to encrypt the next data record. A central authority is used to synchronize and authenticate both source and destination users with dynamic authentication keys. The central authority and users constantly regenerate new dynamic authentication keys. A child process is forked to ensure synchronization and authentication of dynamic authentication keys of each node upon a request for a secure communication establishment from a user. The central authority generates the initial dynamic session key with the current dynamic authentication key to begin a secure communication session.

Claims

exact text as granted — not AI-modified
1 . A method for authentication of a user comprising:
 registering a user with a central authority;   securely transmitting an initial dynamic authentication key to the user;   synchronizing a dynamic authentication key generation process at the central authority and the user;   in response to a user's connection request, forking a central authority child process at a central authority whereby the dynamic authentication key generation process at the central authority randomly generates subsequent central authority dynamic authentication keys as a function of a previous dynamic authentication key; and   in response to the users connection request, forking a user child process at the user whereby the dynamic authentication key generation process at the user randomly generates subsequent user dynamic authentication keys as a function of a previous dynamic authentication key such that the subsequent user dynamic authentication keys are identical to the subsequent central authority dynamic authentication keys.   
     
     
         2 . The method of  claim 1 , wherein the subsequent central authority dynamic authentication keys and the subsequent user dynamic authentication keys are used by the central authority and the user as encryption and decryption keys. 
     
     
         3 . The method of  claim 1  further comprising:
 at the central authority and the user, maintaining a number-regeneration-counter to randomly generate subsequent central authority dynamic authentication keys and to randomly generate subsequent user dynamic authentication keys. 
 
     
     
         4 . The method of  claim 1  further comprising:
 randomly generating subsequent central authority dynamic authentication keys as a function of an auxiliary static key; and 
 randomly generating subsequent user dynamic authentication keys as a function of the auxiliary static key. 
 
     
     
         5 . The method of  claim 4 , wherein the auxiliary static key is a function of an aligned dynamic authentication key, a previous dynamic session key, a previous auxiliary static key, and an expanded key. 
     
     
         6 . The method of  claim 4 , wherein the auxiliary static key is a function of an aligned dynamic authentication key. 
     
     
         7 . The method of  claim 1  further comprising:
 continuing the dynamic authentication key generation process at the central authority and the user subsequent to termination of communication between the central authority and the user. 
 
     
     
         8 . The method of  claim 1  further comprising:
 in response to a system failure, freezing the central authority child process and the user child process thereby generating a final aligned central authority dynamic authentication key and a final aligned user dynamic authentication key. 
 
     
     
         9 . The method of  claim 8  further comprising:
 at the user, returning the final aligned user dynamic authentication key to a user parent process; 
 at the central authority, returning the final aligned central authority dynamic authentication key to a central authority parent process; and 
 at the central authority and the user, initializing a new state for dynamic authentication key regeneration in response to the final aligned user dynamic authentication key and the final aligned central authority dynamic authentication key. 
 
     
     
         10 . A method for authentication of a user comprising:
 in response to an initial dynamic authentication key;   forking a central authority child process at a central authority whereby the dynamic authentication key generation process at the central authority randomly generates subsequent central authority dynamic authentication keys as a function of a previous dynamic authentication key;   in response to the user's connection request, forking a user child process at the user whereby the dynamic authentication key generation process at the user randomly generates subsequent user dynamic authentication keys as a function of a previous dynamic authentication key such that the subsequent user dynamic authentication keys are identical to the subsequent central authority dynamic authentication keys; and   continuing the dynamic authentication key generation process at the central authority and the user subsequent to termination of communication between the central authority and the user   
     
     
         11 . The method of  claim 10 , wherein the subsequent central authority dynamic authentication keys and the subsequent user dynamic authentication keys are used by the central authority and the user as encryption and decryption keys. 
     
     
         12 . The method of  claim 10  further comprising:
 at the central authority and the user, maintaining a number-regeneration-counter to randomly generate subsequent central authority dynamic authentication keys and to randomly generate subsequent user dynamic authentication keys. 
 
     
     
         13 . The method of  claim 10  further comprising:
 randomly generating subsequent central authority dynamic authentication keys as a function of an auxiliary static key; and 
 randomly generating subsequent user dynamic authentication keys as a function of the auxiliary static key. 
 
     
     
         14 . The method of  claim 13 , wherein the auxiliary static key is a function of one or more of: an aligned dynamic authentication key, a previous dynamic session key, a previous auxiliary static key, and an expanded key. 
     
     
         15 . A method for cryptography comprising:
 in response to a data record comprising plaintext to be exchanged and a previous encryption key, regenerating a new encryption key at a first node as a function of the data record and a previous encryption key by performing a logic operation on the data record and the previous encryption key.   
     
     
         16 . The method of  claim 15 , wherein performing a logic operation on the data record and the previous encryption key comprises performing an XOR logic operation on the data record and the previous encryption key. 
     
     
         17 . The method of  claim 15  further comprising performing a logic operation on the previous encryption key and the data record to generate an expanded key. 
     
     
         18 . The method of  claim 15  further comprising the step of encrypting the data record with the new encryption key to form ciphertext. 
     
     
         19 . The method of  claim 18  further comprising permuting portions of the ciphertext to form a second ciphertext. 
     
     
         20 . The method of  claim 18  further comprising transmitting the ciphertext from the first node to a second node.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.