Patent
Private and public key exchange method preventing man-in-the-middle attack without electronic certificate and digital signature
| العنوان: | Private and public key exchange method preventing man-in-the-middle attack without electronic certificate and digital signature |
|---|---|
| Patent Number: | 11201,732 |
| تاريخ النشر: | December 14, 2021 |
| Appl. No: | 16/909658 |
| Application Filed: | June 23, 2020 |
| مستخلص: | An apparatus, process, and system, that enables secure information and communication across channels based on a perfect key-exchange method. The secure channel between two users enables each to use the public key of the other user—to derive a secret key specific to both users. Traditional (but yet widely used) key-exchange methods are not perfect-secure; the public key encryption makes these methods to be broken under many kinds of attacks. Unlike these methods, the apparatus, process, and system of the present invention is not based on the computational assumptions like: Integer Factorization and Discrete Logarithm Problem. The apparatus, process, and system of the present invention inhibits and/or prevents the man-in-the-middle attack, which is a problem that has not been solved to this day. |
| Inventors: | Al Mahmoud, Qassim Mohammed Soliman (Abha, SA); Odat, Suleiman Abdallah Suleiman (Roselle Park, NJ, US); Alsheri, Fawaz Abdulrahman Mohammed (Abha, SA); Elwaseila, Haytham Eltayeb (Abha, SA) |
| Claim: | 1. A method comprising: using one or more computer processors to randomly select a first set of two large numbers (a 1,A , a 2,A), for a first user A, at least one of the first set of two large numbers being a prime number; using one or more computer processors to randomly select a second set of two large numbers (a 1,B , a 2,B), for a second user B, at least one of the second set of two large numbers being a prime number; using one or more computer processors to determine a first user A public key, wherein the first user A public key is based on the first set of two large numbers, and a set of predefined public parameters including a modulus (p) and a base (a 1 , a 2); using one or more computer processors to determine a second user B public key, wherein the second B user public key is based on the second set of two large numbers, and the set of predefined public parameters; using one or more computer processors to calculate a value k A for the first user A as follows: k A =[(n B a 2,A ) −1 mod p×(a 1 s B ) a 2,A mod p]mod p wherein n B , is calculated by one or more computer processors for the second user B as (a 1 a 2,B , a 2 a 2,B ) mod p; and s B is calculated by one or more computer processors for the second user B as (a 1,A , a 2,B); using one or more computer processors to calculate a value k B ; for the second user B as follows: k B =[(n A a 2,B ) −1 mod p×(a 1 s A ) a 2,B mod p]mod p wherein n A is calculated by one or more computer processors for the first user A as (a 1 a 2,A , a 2 a 2,A ) mod p; and s A is calculated by one or more computer processors for the first user A as (a 1,A +a 2,A); using one or more computer processors to encrypt a first message using k A , to form a first encrypted message; sending the first encrypted message from a computer processor controlled by the first user A to a computer processor controlled by the second user B; using one or more computer processors to encrypt a second message using k B , to form a second encrypted message; sending the second encrypted message from a computer processor controlled by the second user B to a computer processor controlled by the first user A; using one or more computer processors controlled by the first user A to decrypt the second encrypted message using k A ; using one or more computer processors controlled by the second user B to decrypt the first encrypted message using k B ; and providing, based on comparison of data between one or more computer processors controlled by the first user A and one more computer processors controlled by the second user B, an indication in one or more computer memories controlled by the first user A and in one or more computer memories controlled by the second user B that neither the first user A nor the second user B is a hacker when k A is determined to equal k B . |
| Claim: | 2. The method of claim 1 wherein k A is a cryptographic key used to encrypt the first message and decrypt the second encrypted message in a first key cryptography method; and wherein k B is a cryptographic key used to encrypt the second message and decrypt the first encrypted message in a second key cryptography method. |
| Claim: | 3. The method of claim 2 wherein the first key cryptography method is a symmetric key cryptography method; and the second key cryptography method is a symmetric key cryptography method. |
| Patent References Cited: | 6813357 November 2004 Matsuzaki 10630467 April 2020 Gilbert 2010/0008508 January 2010 Girao 2010/0232603 September 2010 Itoh 2014/0233740 August 2014 Niamut |
| Assistant Examiner: | Noaman, Bassam A |
| Primary Examiner: | Huang, Cheng-Feng |
| Attorney, Agent or Firm: | Tencza, Jr., Walter J. |
| رقم الانضمام: | edspgr.11201732 |
| قاعدة البيانات: | USPTO Patent Grants |
| الوصف غير متاح. |