Coimbatore S Chandersekaran

US Patent:

6535607, Mar 18, 2003

Filed:

Nov 2, 1998

Appl. No.:

09/184002

Inventors:

Coimbatore S. Chandersekaran - Potomac MD
Rosario Gennaro - New York NY
Sarbari Gupta - Rockville MD
David R. Safford - Brewster NY
Nevenko Zunic - Wappingers Falls NY

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

H04L 900

US Classification:

380286, 380281, 380277, 380 30, 713193, 713168

Abstract:

A method and apparatus for ensuring that a key recovery-enabled (KR-enabled) system communicating with a non-KR-enabled system in a cryptographic communication system transmits the information necessary to permit key recovery by a key recovery entity. In a first embodiment, data is encrypted under a second key K that is generated as a one-way function of a first key Kâ and a key recovery block KRB generated on the first key Kâ. The key recovery block KRB and the encrypted data e(K, data) are transmitted to the receiver, who cannot decrypt the data without regenerating the second key K from the first key Kâ and the key recovery block KRB. In a second embodiment, data is encrypted under a second key K that is generated independently of the first key Kâ. A third key X, generated as a one-way function of the first key Kâ and a key recovery block KRB generated on the second key K, is used to encrypt the XOR product Y of the first and second keys Kâ, K. The key recovery block KRB, the encrypted XOR product e(X, Y) and the encrypted data e(K, data) are transmitted to the receiver, who cannot decrypt the data without regenerating the third key X from the first key Kâ and the key recovery block KRB, decrypting the XOR product Y using the regenerated third key X, and recombining the XOR product Y with the first key Kâ to regenerate the second key K.

US Patent:

60581883, May 2, 2000

Filed:

Jul 24, 1997

Appl. No.:

8/899855

Inventors:

Coimbatore S. Chandersekaran - Potomac MD
Rosario Gennaro - New York NY
Sarbari Gupta - Rockville MD
Stephen M. Matyas - Manassas VA
David R. Safford - Brewster NY
Nevenko Zunic - Wappingers Falls NY

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

H04L 932

US Classification:

380 25

Abstract:

In a cryptographic communications system, a method and apparatus for allowing a sender of encrypted data to demonstrate to a receiver its ability to correctly generate key recovery information that is transmitted along with the encrypted data and from which law enforcement agents or others may recover the original encryption key. Initially, the sender generates a key pair comprising a private signature key and a corresponding public verification key and sends the latter to a key recovery validation service (KRVS). Upon a satisfactory demonstration by the sender of its ability to correctly generate key recovery information, the KRVS generates a certificate certifying the public verification key and the ability of the sender to correctly generate key recovery information. The sender uses its private signature key to generate a digital signature on the key recovery information, which is sent along with the key recovery information and encrypted data to the receiver. The receiver verifies the signature on the key recovery information using the certified public verification key and decrypts the encrypted data only if the signature is verified as being a valid signature.