Method and Apparatus for Dynamic Generation of Symmetric Encryption Keys and Exchange of Dynamic Symmetric Key Infrastructure

Abstract

A method and apparatus for dynamically generating data encryption keys for encrypting data files and for decrypting encrypted data files via a key exchange method is provided. A dynamically generated an encryption key is generated for each encryption event, so that the key cannot be produced or reproduced. A key exchange component of the invention ensures that only an intended recipient has the means to decrypt a file encrypted with the dynamically generated symmetric encryption keys.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS[0001]This application is related and claims priority to U.S. patent application Ser. No. 10 / 280,796, entitled “Method and Apparatus for Dynamic Generation of Symmetric Encryption Keys and Exchange of Dynamic Symmetric Key Infrastructure”, filed on Oct. 25, 2002, which claims priority to U.S. Provisional Patent Application Ser. No. 60 / 348,104, filed on Oct. 26, 2001. The contents of each of these applications are hereby incorporated by reference herein in its entirety.BACKGROUND OF THE INVENTION[0002]1. Field of the Invention[0003]The present invention relates generally to data encryption and decryption systems and methods and, more particularly, to a method and apparatus for dynamically generating data encryption keys for encrypting data files and for decrypting encrypted data files via a key exchange method.[0004]2. Background Information[0005]The Internet is fast becoming the primary platform for global commerce and communications. The ease ...

AI Technical Summary

Benefits of technology

[0018]The present invention provides a method and apparatus for dynamically generating data encryption keys for encrypting data files and for decrypting encrypted data files via a key exchange method. The present invention provides a method and apparatus for dynamically generating an encryption key for each encryption event. The dynamically generated encryption key is not saved after an encryption event, so that the key cannot be produced or reproduced. Resultantly, a file encrypted with the dynamically generated key is prevented from unauthorized decryption. Thus, the present invention is not substantially susceptible to MITM, replay, and other unauthorized data decryption attacks.

[0021]Decryption information is then appended to the encrypted file. The decryption information may be in the form of a header or footer. The decryption information may include an electronic serial number (ESN) of the token device that generated the dynamic file key, the challenge sent to the token device, and attributes of the file. Thus, encryption / decryption keys used to encrypt the file are not stored in the footer, nor at any other location and copying or decrypting the dynamic file key is prevented.

[0028]The recipient's token receives the server's key exchange challenge and processes the challenge. Using the key exchange challenge, the recipient's token generates the dynamic encryption key. The encrypted file key and dynamic encryption key are then fed into the token's processor to decrypt the dynamic file key. Thus, the invented method is capable of generating an encryption / decryption keys in a reduced amount of time, reducing the processing time of the invented method.

Problems solved by technology

The dynamically generated encryption key is not saved after an encryption event, so that the key cannot be produced or reproduced.

Images