-
公开(公告)号:CA1124811A
公开(公告)日:1982-06-01
申请号:CA316967
申请日:1978-11-28
Applicant: IBM
Inventor: EHRSAM WILLIAM F , ELANDER ROBERT C , MATYAS STEPHEN M , MEYER CARL H W , SMITH JOHN L , TUCHMAN WALTER L
IPC: H04L9/06 , G06F1/00 , G06F21/00 , G06F21/22 , G09C1/00 , H04L9/08 , H04L9/14 , H04L9/18 , H04L9/02
Abstract: A file security system for data files associated with a host data processing system. The host system includes a data security device which contains a secure host master key and is capable of performing a variety of cryptographic operations. At initialization time, the host system generates a series of file keys for the associated storage media and protects them by enciphering the file keys under a variant of the host master key. When a data file is to be created, a random number is generated and defined as an operational key enciphered under the file key of a designated storage media. The host data security device, using the enciphered file key of the designated storage media, transforms the enciphered operational key under control of the host master key into a form which permits the operational key to be used for enciphering host data. The operational key enciphered under the file key of the designated storage media, as header information, together with the host data enciphered under the operational key is written on the storage media as an enciphered data file. When the data file is recovered, the host data security device, using the enciphered file key of the designated storage media, transforms the enciphered operational key header information under control of the host master key into a form which permits the operational key to be used for deciphering the enciphered data file to obtain the file data in clear form.
-
公开(公告)号:CA1124810A
公开(公告)日:1982-06-01
申请号:CA316966
申请日:1978-11-28
Applicant: IBM
Inventor: EHRSAM WILLIAM F , ELANDER ROBERT C , MATYAS STEPHEN M , MEYER CARL H W , POWERS ROBERT L , PRENTICE PAUL N , SMITH JOHN L , TUCHMAN WALTER L
Abstract: CRYPTOGRAPHIC COMMUNICATION SECURITY FOR SINGLE DOMAIN NETWORKS A communication security system for data transmissions between remote terminals and a host system. The remote terminals and the host system include data security devices capable of performing a variety of cryptographic operations. At initialization time, a host-master key is written into the host data security device and the host system generates a series of terminal master keys for the remote terminals. Protection is provided for the terminal master keys by enciphering them under a variant of the host master key. The terminal master keys are then written into the data security devices of the respective remote terminals to permit cryptographic operations to be performed. When a communication session is to be established between a designated remote terminal and the host system, a random number is generated and defined as an operational key enciphered under the host master key which permits the operational key to be used at the host system for enciphering or deciphering data operations. The host data security device, using the enciphered master key of the designated remote terminal, transforms the enciphered operational key under control of the host master key into a form in which the operational key is enciphered under the terminal master key of the designated remote terminal. The operational key enciphered under the terminal master key of the designated remote terminal is transmitted to the remote terminal to permit the enciphered operational key to be used at the remote terminal for enciphering or deciphering data operations. KI977007 -1-
-
公开(公告)号:CA1119268A
公开(公告)日:1982-03-02
申请号:CA317159
申请日:1978-11-30
Applicant: IBM
Inventor: LENNON RICHARD E , MATYAS STEPHEN M , MEYER CARL H W , OSEAS JONATHAN , PRENTICE PAUL N , TUCHMAN WALTER L
Abstract: CRYPTOGRAPHIC VERIFICATION OF OPERATIONAL KEYS USED IN COMMUNICATION NETWORKS In a data communication network providing communication security for communication session between a first station and a second station where each station has cryptographic apparatus provided with an operational key which should be common to both stations for cryptographic operation, an operational key verification arrangement is provided in which a first number provided at the first station is operated upon in accordance with the first station operational key to obtain cryptographic data for transmission to the second station, requiring the second station to perform an operation on the first station cryptographic data in accordance with the second station operational key to obtain cryptographic data for transmission back to the first station and performing an operation at the first station in accordance with the first number and the second station cryptographic data to verify that the second station is the source of second station cryptographic data only if the operational keys are identical.
-
公开(公告)号:CA1100588A
公开(公告)日:1981-05-05
申请号:CA275390
申请日:1977-03-30
Applicant: IBM
Inventor: EHRSAM WILLIAM F , MEYER CARL H , SMITH JOHN L , TUCHMAN WALTER L
Abstract: MESSAGE VERIFICATION AND TRANSMISSION ERROR DETECTION BY BLOCK CHAINING A message transmission system for the secure transmission of multi-block data messages from a sending station to a receiving station. The sending station contains cryptographic apparatus operative in successive cycles of operation during each of which an input block of clear data bits is ciphered under control of an input set of cipher key bits to generate an output block of ciphered data bits for transmission to the receiving station. Included in the cryptographic apparatus of the sending station is means providing one of the inputs for each succeeding ciphering cycle of operation as a function of each preceding ciphering cycle of operation. As a result, each succeeding output block of ciphered data bits is effectively chained to all preceding cycles of operation of the cryptographic apparatus of the sending station and is a function of the corresponding input block of clear data -bits, all preceding input blocks of clear data bits and the initial input set of cipher key bits. KI9-74-013
-
-
-
Search Results
14
records
(took 0.017 seconds)
