System, method, and computer program product for zero round trip secure communications based on noisy secrets
Abstract
A system, method, and computer program product are provided for implementing zero round trip secure communications based on a noisy secret. In operation, a sender system utilizes a randomly generated message key for encrypting a message to send to a receiver system. The sender system selects a plurality of different sub-keys from a negotiated noisy secret to encrypt the randomly generated message key. The sender system encrypts the message utilizing the randomly generated message key. The sender system sends the encrypted message, all encrypted message keys, and a message MAC that is calculated and added for every sub-key, to the receiver system such that the receiver system is able to perform a MAC-based verification to test sub-key validity of the plurality of different sub-keys.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A system, comprising:
utilizing, by a sender system, a randomly generated message key for encrypting a message to send to a receiver system; selecting, by the sender system, a plurality of different sub-keys from a negotiated noisy secret to encrypt the randomly generated message key; encrypting, by the sender system, the message utilizing the randomly generated message key; and sending, by the sender system, the encrypted message, all encrypted message keys, and a message MAC that is calculated and added for every sub-key, to the receiver system such that the receiver system is able to perform a MAC-based verification to test sub-key validity of the plurality of different sub-keys.
2 . The method of claim 1 , wherein the sender system selects the plurality of different sub-keys from the negotiated noisy secret utilizing a deterministic algorithm.
3 . The method of claim 2 , wherein the receiver system obtains the plurality of different sub-keys from the negotiated noisy secret utilizing the deterministic algorithm.
4 . The method of claim 1 , wherein the sender system selects the plurality of different sub-keys from the negotiated noisy secret utilizing random selection.
5 . The method of claim 4 , wherein the sender system includes sub-key masks that indicate selected bits from the negotiated noisy secret in the encrypted message.
6 . The method of claim 5 , wherein the receiver system obtains the plurality of different sub-keys from the negotiated noisy secret utilizing the sub-key masks.
7 . The method of claim 1 , wherein the sender system calculates a required number of sub-keys to be selected based on an acceptable level of message loss.
8 . The method of claim 1 , wherein the sender system utilizes a key derivation function to derive a key encryption key and a key MAC key.
9 . The method of claim 8 , wherein the sender system encrypts the randomly generated message key with the derived key encryption key.
10 . The method of claim 9 , wherein the sender system calculates an encrypted message key MAC using a derived key MAC key.
11 . The method of claim 10 , wherein the sender system includes the encrypted message key and an associated MAC in the encrypted message.
12 . The method of claim 1 , wherein the receiver system obtains a number of the plurality of different sub-keys from the encrypted message.
13 . The method of claim 12 , wherein the receiver system uses a key derivation function to derive a key encryption key and a key MAC key.
14 . The method of claim 13 , wherein the receiver system calculates an encrypted message key MAC using the derived key MAC key.
15 . The method of claim 14 , wherein if a calculated MAC matches a received MAC for a common sub-key, the receiver system determines that the common sub-key does not have any noise.
16 . The method of claim 14 , wherein if a calculated MAC does not match a received MAC for a common sub-key, the receiver system determines that the common sub-key has some noise and proceeds with a next sub-key.
17 . The method of claim 16 , wherein the receiver system uses a key encryption key derived from a noiseless key to decrypt the randomly generated message key.
18 . The method of claim 17 , wherein the receiver system uses the randomly generated message key to decrypt the encrypted message.
19 . A non-transitory computer readable medium storing computer code executable by a processor to perform a method comprising:
utilizing, by a sender system, a randomly generated message key for encrypting a message to send to a receiver system; selecting, by the sender system, a plurality of different sub-keys from a negotiated noisy secret to encrypt the randomly generated message key; encrypting, by the sender system, the message utilizing the randomly generated message key; and sending, by the sender system, the encrypted message, all encrypted message keys, and a message MAC that is calculated and added for every sub-key, to the receiver system such that the receiver system is able to perform a MAC-based verification to test sub-key validity of the plurality of different sub-keys.
20 . A sender system, comprising:
a memory storing instructions, and a computer processor executing the instructions for: utilizing, by the sender system, a randomly generated message key for encrypting a message to send to a receiver system; selecting, by the sender system, a plurality of different sub-keys from a negotiated noisy secret to encrypt the randomly generated message key; encrypting, by the sender system, the message utilizing the randomly generated message key; and sending, by the sender system, the encrypted message, all encrypted message keys, and a message MAC that is calculated and added for every sub-key, to the receiver system such that the receiver system is able to perform a MAC-based verification to test sub-key validity of the plurality of different sub-keys.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.