• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    Symmetric encryption device that allows you to protect the information that resides in any corporate server but can also act as an encryption router or as an HSM (Hardware Security Module) with the ability to calculate encryption keys and send them to corresponding end devices, regardless of their number and by a technique that is not based on X.509 or PGP certification. Said device can be connected to the local network where the server to be protected resides but it can also act in a "standalone" way, connecting to the local network and the Internet in router mode or in HSM mode. The device incorporates in its embedded hardware an algorithm that carries out the necessary calculations so that a key can be sent to an unlimited number of devices, connected to the Internet directly or indirectly and whose refresh can be said to be carried out in real time. (Machine-translation by Google Translate, not legally binding)
    公开号:ES2685126A1
    申请号:ES201700375
    申请日:2017-03-31
    公开日:2018-10-05
    发明作者:Jesús Damaso ASENSIO ARROYO
    申请人:Gruprex S L;Gruprex Sl;
    IPC主号:
    专利说明:

    DESCRIPTION

    Corporate encryption device with real-time key refresh method and authentication.
     5
    Object of the invention

    It is an object of the present invention, as the title establishes, a corporate encryption device that performs symmetric encryption that allows protecting the information that resides on any corporate server but can also act as an encryption router or 10 as an HSM (Hardware Security Module) with the ability to calculate encryption keys and send them to the corresponding end devices, regardless of their number.

    Said device can be connected to the local network where the server to be protected resides but 15 can also act in a "standalone" way by connecting to the local network and the Internet in router mode or in HSM mode. The device incorporates in its embedded hardware an algorithm that performs the necessary calculations so that a key can be sent to an unlimited number of devices, connected to the Internet directly or indirectly and whose refreshment we can affirm that is carried out in real time. twenty

    Therefore, the present invention is circumscribed within the scope of encryption devices, and particularly among those used to protect the information of corporate servers.
     25
    Background of the invention

    Different types of information encryption devices are known in the current state of the art, almost all of them based on communications between a sender and a receiver exclusively. Thus, patent document ES2245305 is known which describes a public key encryption system that employs a public key / private key pair as well as a method and apparatus for increasing authentication security using a biometric authentication system. more resistant to manipulation and characterized by generating a public key / private key pair from a biometric record, using the private key after previous biometric authentication. In this encryption system, no claim on the encryption process is contemplated in any of the modalities contemplated, end-to-end network communications or multicasting, but it refers to the reliability of the private key, prior biometric authentication.

    Patent ES2094135 focuses on a communications network with key distribution 40 over an analog architecture of subscriber networks, although it also mentions digital communications. The system consists of several devices, an encryption unit that obtains the encryption codes from a code distribution authority and an allocation management element of said encryption codes, also mentioning that the code assignment management module You can connect to an authentication server to manage a list of certificates. In this case, the document does not contemplate a single security element either for an entire local network, or for local networks virtually connected or, if necessary, to networks where multicasting is required.

    The ES2130570 patent refers to a system and apparatus for the encryption / decryption of 50 data blocks. The system uses the so-called blockchain method of numbers (CBC) and whose device is linked to a block-based algorithm, XOR operations and the use of shift registers. In this case, again, no mention is made of encryption in multicast environments or a device specially designed to encrypt
    simultaneously in both scenarios, unicast and multicast and that distributes a symmetric key to a whole group of users of unlimited size and in a time range within milliseconds. Nor does any reference to special protection mechanisms for the device such as anti-opening, anti-displacement mechanisms, etc.
     5
    The ES2158081 patent refers to a cryptographic system and method with a key deposit feature and more specifically to the generation, certification, storage and secure distribution of cryptographic keys used in cryptographic communications systems and more particularly, the document refers to a system of deposit management of cryptographic keys and certificates of public keys executed by a 10 self-certification chip device. The non-relation with the invention described in this document is evident.

    Patent ES2221932 describes a cryptographic apparatus with double direct feed function, that is, it refers to cryptographic devices, and more particularly to a cryptographic processor 15 that uses a double direct feed arrangement to implement an encryption algorithm having a complementary property, so that the investments at the input of the cryptographic processor can be detected at the output of it. It is clear that the invention reflected in ES2221932 does not relate to the device and method described in this invention. twenty

    In the ES2262210 patent a system for the secure transmission of data signals is contemplated, more specifically, a system comprising means for encrypting the data signals using a first key, means for transmitting the encrypted data signals to the subscribers, means for decrypt the encrypted data signals in each of the 25 subscribers using the first key, means to encrypt the first key using a second key, said second key being different for each group of subscribers that have a common interest in one type of programs, means to transmit the first encrypted key to all subscribers, means to decrypt the first encrypted key in each of the subscribers using the second key. In this case we can see that a multicast scenario is contemplated where there is a second key for each group of subscribers. Obviously, the bandwidth efficiency of this system is better than an end-to-end system but the security is very low because the key cannot be recalculated immediately after the addition or removal of members of each group. In addition, it does not use authentication mechanisms such as those used in the central device 35 of the present patent.

    The patent ES 2274557, system for providing encrypted data, system for decrypting encrypted data and method for providing a communications interface in said decryption system, refers to a system for protecting information for 40 content players that in turn contain a system of decrypted also contemplated in the patent. In our case, the device is a generic and symmetric encryption / decryption device with calculation and distribution of symmetric key used to encrypt any content from a computer and disseminate it in a normal or multicast network scenario and where secure authentication mechanisms exist. The 45 different group members.

    Thus, none of the documents located in the current state of the art describe a system like that of the invention, formed by a symmetric encryption, calculation and distribution device, oriented simultaneously to normal network environments and multicast, formed by an anti-tamper protection element that encompasses various unauthorized opening and transfer detection sensors, which contains a method of analyzing information from the computer and which has several standard and proprietary encryption methods.

    Therefore, it is the object of the present invention to develop an encryption device that overcomes the aforementioned drawbacks, developing a device such as the one described below and is essentially included in the first claim.
     5
    Explanation of the invention.

    An object of the present invention is an information encryption / decryption device by way of HSM (Hardware Security Module) which has the ability to create encryption keys to a group of devices connected to the Internet 10 directly or indirectly as well as a mechanism that allows two devices to authenticate or that the devices can verify that the encryption device is really who it claims to be, all without public key cryptography mechanisms based on X.509, PGP, etc. .
     fifteen
    The encryption device can use any symmetric encryption algorithm such as AES (AdvancedEncryption Standard), IDEA (International Data EncryptionAlgorithm) (etc.). and is presented in PCI Express (PCIe) format ("Third Generation Inputs / Outputs", in English: 3rd Generation In / Out) to be integrated into existing corporate data servers or in a box format ready to connect to the local network of the corporate data server.

    In the PCI Express format, the device has a chip capable of calculating a session key that can be sent to an indeterminate group of devices. This chip also performs the necessary calculations so that the devices can authenticate with each other or the encryption device can authenticate with them. It also has an exclusively symmetric encryption chip that is generally based on AES or IDEA but also accepts any symmetric encryption algorithm itself.

    In the box format, standalone, the device has an electronic board containing 30 two Ethernet connectors and a USB connector in addition to the corresponding encryption and session key creation chips.

    Both in the PCI Express format and in the box format, the device also has a three-axis accelerometer that allows movement and direction to be detected as a security alert.

    The device can operate in two main modes of operation, secure router mode and corporate data encryption mode. In the first case, the data that comes from the corporate data server is encrypted and sent through the device's output Ethernet port to the local network 40 or to the Internet. On the contrary, in exclusively encryption mode, the device encrypts or decrypts data from the corporate data server and returns it to it for storage or corresponding processing.

    The device allows the control of two IP addresses (remember that the box mode or standalone has two Ethernet connectors) in such a way that it obtains the information to be encrypted from the corporate data server and then forwards it through the second IP address.

    The mechanism for creating and sending information for distributing keys between the devices 50 allows the refresh of encryption keys for each of the devices connected to the Internet or to a local network with a minimum bandwidth consumption. Therefore, it is a new method where a hardware can carry out this refreshment mechanism for millions of devices regardless of their computing power. So, a
    device with low computational resources, you can ensure communications without the need for more complex structures such as X.509 or PGP, among others. This is especially valid for the environment called Internet of Things (loT, Internet of Things, for its English version), where most devices lack large computing resources. 5

    In this way, subgroups formed by an encryption device of these characteristics and by an indeterminate number of connected devices can also be configured (the devices can be sensors, conventional computers or any device for information processing). In this way, the encryption devices that control every 10 subgroups can communicate with each other and also with a central encryption device that manages the entire global environment in a scenario formed by an encryption device of the characteristics discussed in the present invention and that it is connected to an indeterminate number of devices, it sends the session key, which the system devices receive and, through the corresponding mathematical calculation of each device, each of them will obtain a different session key from the rest; This mechanism is precisely the one that allows a key refresh to millions of devices with hardly any bandwidth consumption. This mechanism allows a group of devices to recover secret information, in real time, with the sending of a single message by the specific encryption device of this invention. twenty

    Each device in the device group, of an undetermined number, can be connected or disconnected dynamically, at which time the encryption device will perform the corresponding key refresh.
     25
    For the calculation of the key in the encryption device that acts as an HSM and that will be sent to the devices of the group, the encryption device calculates at least three large prime numbers, called, g, myp, so that the device Encryption calculates, on the one hand, delta such that δ = k + m, and where k is a selected integer that forces delta to be less than any of the x¡, (where x¡ are each of the keys of each device, 30 cousins to each other, that is to say all x¡ are cousins to each other) that is δ <x¡, for all i = 1, ..., n.

    So, calculate r = gkmod p and u = δ-1modL with L = πx, and send the data u to the devices of the group. Thus, each member of the group receives u and calculates u-1mod xn where mod indicates the module operation. So a mod b is the rest of dividing a by b. 35

    δ-1 is the inverse of δ calculated above.

    u-1 is the inverse of u.
     40
    As we have said before, the devices can be connected or disconnected from the group at any time, so when a device is connected to the group, the encryption device proceeds to recalculate a new group key so that it does not impair the performance of communications and, in real time, the key will be refreshed for the devices, therefore, when a device is connected to the group, the key is recalculated by part of the encryption device so gkmod p includes the private information of that new device in the module calculation such that L '= L * xi + 1 where x¡ + 1 denotes the private information of the new device, instead, when a device disconnects from the group then it is recalculated / in the way that L' = L / xj1 where xj is the private information of the device leaving the group, and then is refreshed with a new calculation of gkmod p for a new value k, both g and p are public values that Anyone can meet.

    In short, each member of the group receives u and calculates u-1mod x¡ = δ since, u-1mod L = δ ↔ u δ = 1 mod L ↔ u δ = 1 mod x¡.
    As we have commented previously, the encryption device allows the devices to be able to authenticate each other, acting as a central element of trust but also, the encryption device can be identified before a device.

    So that the devices of the group have the certainty that the encryption device that is in charge of the refreshment and key calculation is really who they say they are, we proceed as follows.

    - the device acting as an HSM calculates a random number "a" and where said number is less than any of the private key of each device in the group, that is, a <xi for all i from 1 to n.

    - the device as HSM calculates s = (gk) -1mod I where gk is the distributed key and I is the product of all the x¡ of the devices, data that the HSM obviously knows, that is, l = πx¡ . fifteen

    - also calculates a hash (that is, from the input data creates a string that can only be recreated with the same data) of the number “a” obtained and where that hash corresponds to a secure hash function, for example , sha-2 or similar.
     twenty
    - the device that acts as an HSM, when it sends the parameter u, which is the refresh message to the devices of the group, adds the information (s * a, h (a)) that will allow the destination device to authenticate the origin of or.

    Thus, when the destination device receives the message (u, (s * a, h (a)), it calculates r = 25 gkmod m using xi, as we have seen previously, in addition, it performs the calculation of s using your private number x¡ and you finally get h (a) by comparing that h (a) with the one sent by the encryption device, if both are equal, authentication succeeds.

    In the event that a device i wants to authenticate a device j of the group, the device 30 makes use of the protocol indicated below, the device i, owner of x, wants to authenticate the device i, owner of xt. for this, device i randomly chooses t such that 1 <t <m and sends it to the encryption device that acts as the central trust element, the encryption device calculates inv = t-1mod I and returns it to device i, device i sends to device j, (inv, gximod m), so device j calculates tj = inv-1modxiy βi = tj * (gxi) xj 35 mod m, information it sends to device i, (βj, gxj ), finally, the device i calculates βi = t (gxj) xi mod m = t * gxjxi mod m so that the device i positively authenticates aj as long as it is true that β¡ = βj.

    We can observe that this type of device that acts as an encryption device is ideal for carrying out the dynamic security of any internet platform of things or any environment formed by a large number of devices, in real time and with a minimum bandwidth consumption.

    Unless otherwise indicated, all technical and scientific elements used herein have the meaning normally understood by a person skilled in the art to which this invention pertains, in the practice of the present invention procedures and methods can be used. materials similar or equivalent to those described herein.

    Throughout the description and the claims the word "comprises" and its variants are not intended to exclude other technical characteristics, additives, components or steps for those skilled in the art, other objects, advantages and features of the invention will be apparent in part of the description and part of the practice of the invention.

    Brief description of the drawings

    To complement the description that is being made and in order to help a better understanding of the characteristics of the invention, according to a preferred example of practical realization thereof, an integral set of said description is accompanied by a set of drawings where illustrative and not limiting, the following has been represented.

    Figure 1 shows the different components of the device in box format.
     10
    Figure 2 shows a scheme of the global system in a communication with multiple groups of devices.

    Figure 3 shows a scheme of the global system in a local network environment.
     fifteen
    Preferred Embodiment of the Invention

    In view of the figures, a preferred embodiment of the proposed invention is described below.
     twenty
    The encryption device comprises a central microcontroller (1) and a chip or FPGA (2) (Field ProgrammableGateArray) which is a programmatic device connected to the central microcontroller, where the central microcontroller (1) has the necessary means to:
     25
    - Carry out the calculation of a session key that can be sent to an indeterminate group of devices.

    - Carry out the necessary calculations so that the devices can authenticate each other or the encryption device can authenticate with them. 30

    While the FPGA (2) is a symmetric encryption program device that allows either its own symmetric encryption algorithm or an AES or IDEA type algorithm.

    It also includes protection means (3) based on a three-axis accelerometer 35 which allows movement and direction thereof to be detected as a safety alert.

    All the previous elements being protected in a metallic protection (4).

    The embodiment described so far corresponds to a PCI to be integrated into 40 existing corporate data servers.

    In figure 1, which corresponds to the box format, the encryption device has an electronic board containing two connectors for Ethernet (E1) and (E2) and a USB connector (5) in addition to the corresponding encryption and creation chips of session keys. Four. Five

    In Figure 2 we can see this encryption device (6) within a communication environment and where the encryption device (6) performs the key refresh and authentication infrastructure the group of devices to which it is connected.
     fifty
    The encryption device (6) object of the invention is interposed between the Internet network (9) and the final devices (7) (TV terminals, light meters or any device that requires a key for its operation) serving as a device that Controls key refresh and authentication to your device group.
    The encryption device (6) can also be arranged between the Internet network (9) and a corporate server (8) acting as a global device responsible for refreshment and authentication with the other encryption devices.

    Figure 3 shows the encryption device (6) object of the invention in an environment of 5 local network (12), where from the encryption device (6) refresh and authentication messages (11) are sent to the final devices (7), which can be devices with low computational power, or towards computers (10).

    Describing sufficiently the nature of the present invention, as well as the way of putting it into practice, it is stated that, within its essentiality, it may be implemented in other embodiments that differ in detail from that indicated by way of for example, and to which it will also achieve the protection that is sought, provided that it does not alter, change or modify its fundamental principle.
    fifteen
    权利要求:
    Claims (8)
    [1]

    1. Corporate encryption device characterized in that it comprises:
    - A central microcontroller (1). 5
    - A chip or FPGA (2) (Field ProgrammableGateArray) programmable device connected to the central microcontroller (1).
    - Protection means (3) based on a three-axis accelerometer that allows to detect movement and direction thereof as a security alert.
    Where the central microcontroller (1) has the necessary means to:
    - carry out the calculation of a session key that can be sent to an indeterminate group of devices.
    - carry out the necessary calculations so that the devices can authenticate each other or the encryption device can authenticate with them while the FPGA (2) is a programmable symmetric encryption device that allows either a proprietary symmetric encryption algorithm or either an AES or IDEA type algorithm.

    [2]
    2. Corporate encryption device according to claim 1, characterized in that in case of presenting a box format, it also comprises an electronic board containing two connectors for Ethernet (E1) and (E2) and a USB connector (5). 25

    [3]
    3. Key refresh procedure performed in the encryption device according to any of the preceding claims characterized in that the new key is performed by calculating at least three large prime numbers, called, g, myp, so that the encryption device calculate, on the one hand, delta such that δ = k + m, and where k is a selected integer number that forces delta to be less than any of the x¡, (where x¡ are each of the keys of each device cousins to each other, that is, all x¡ are cousins to each other), that is δ <x¡, for all i = 1, .... n; so, calculate r = gkmod pyu = δ-1 mod L with L = πx¡ and send the data ua the devices of the group, so, each member of the group receives u and calculates u-1 mod x¡, where mod indicates the module operation 35
    δ-1 is the inverse of δ calculated above
    u-1 is the inverse of u
     40
    [4]
    4. Key refresh procedure according to claim 3 characterized in that when a new device is incorporated into the group in the calculation of r = gkmod p the private information of that new device is included in the calculation of the module such that L '= L * x¡ + 1 where x¡ + 1 denotes the private information of the new device; instead, when a device disconnects from the group then L is recalculated in the way that L ’= L / xj, where x; 45 is the private information of the device leaving the group; and then it is cooled with a new calculation of gkmod p for a new value k; Both g and p are public values that anyone can know.

    [5]
    5. Authentication procedure between devices and the encryption device according to any of claims 1 to 2, characterized in that the process comprises the steps of:
    - The device that acts as an HSM calculates a random number “a” and where that number is less than any of the private key of each device in the group, that is, a <xi for all i from 1 to n.
    - The HSM-like device calculates s = (gk) -1mod L where gk is the distributed key and L is the product of all x¡ of the devices, data that the HSM obviously knows, that is, L = Πxi .
    - Also calculates a hash (that is, from the input data creates a string that can only be recreated with the same data) of the number “a” obtained and where that hash 10 corresponds to a secure hash function, for example, SHA-2 or similar.
    - The device that acts as an HSM, when it sends the parameter u, which is the refresh message to the devices of the group, adds the information (s * a, h (a)) that will allow the destination device to authenticate the origin of or. fifteen
    In this way, when the destination device receives the message (u, (s * a, h (a)), it calculates r = gkmod m using x, as we have seen previously. In addition, it performs the calculation of s using your private number x¡ and you finally get h (a) by comparing that h (a) with the one sent by the encryption device if both are equal, authentication is successful.

    [6]
    6. Authentication procedure between a device i wants to authenticate a device j of the group using the encryption device according to any of claims 1 to 2 characterized in that the device i chooses t at random such that 1 <t <m and sends it to the encryption device (6) that acts as a central element of trust; the encryption device (6) calculates 25 inv = t-1mod L and returns it to device i; device i sends to device j, (inv, gxjmod m), so that device i calculatj = inv-1modxjy (βj = tj * (gxi) xjmod m, information that sends to device i, (βj gxj); finally , the device i calculates βi = t (gxj) xj mod m = t * gxjxi mod m so that the device i positively authenticates aj as long as it is true that β¡ = βj.
     30
    [7]
    7. Use of the encryption device according to any one of claims 1 to 2 characterized in that it interposes between an Internet network (9) and final devices (7) serving as a device that controls key refresh and authentication before its group of devices , can also be used between the Internet network (9) and a corporate server (8) acting as a global device responsible for refreshment and authentication with other encryption devices. 35

    [8]
    Use of the encryption device according to any one of claims 1 to 2 characterized in that the encryption device (6) is used in a local network environment (12), where messages (11) are sent from the encryption device (6) ) of refreshment and authentication towards the final devices (7), which can be devices with low computational power, or towards 40 computers (10).
    类似技术:
    公开号 | 公开日 | 专利标题
    Chandra et al.2014|A comparative survey of symmetric and asymmetric key cryptography
    RU2017131640A|2019-03-14|CONFIDENTIAL COMMUNICATION MANAGEMENT
    CA3078558A1|2019-04-11|A system and method for quantum-safe authentication, encryption and decryption of information
    ES2373131T3|2012-01-31|SAFE DISTRIBUTION OF CONTENT USING DESCIFRADO KEYS.
    Sasi et al.2014|A general comparison of symmetric and asymmetric cryptosystems for WSNs and an overview of location based encryption technique for improving security
    US8867747B2|2014-10-21|Key generation for networks
    CN103684766A|2014-03-26|Private key protection method and system for terminal user
    CN109543434B|2020-10-09|Block chain information encryption method, decryption method, storage method and device
    CN108199838B|2020-05-05|Data protection method and device
    KR20160020866A|2016-02-24|Method and system for providing service encryption in closed type network
    Greenberg2014|Hacker Lexicon: What Is End-to-End Encryption?
    WO2021057073A1|2021-04-01|Private key generation and use method, apparatus and device in asymmetric key
    Pitchay et al.2015|A proposed system concept on enhancing the encryption and decryption method for cloud computing
    US10715332B2|2020-07-14|Encryption for transactions in a memory fabric
    EP2892206B1|2017-07-19|System and method for push framework security
    Lakshmi et al.2017|Comparison of classical and quantum cryptography using QKD simulator
    ES2685126B1|2019-09-09|Corporate encryption device with real-time key refresh method and authentication
    Shi et al.2015|A real quantum designated verifier signature scheme
    WO2014167161A2|2014-10-16|Symmetric encryption device, and method used
    Bossuet et al.2015|Disposable configuration of remotely reconfigurable systems
    Xu et al.2015|Data protection using recursive inverse function
    US11201729B2|2021-12-14|Devices and methods for enabling portable secure communication using random cipher pad cryptography by enabling communications to be passed to the device from a host, encrypted and/or decrypted, and passed back to the host
    KR101891033B1|2018-08-22|The quantum security system
    US10699031B2|2020-06-30|Secure transactions in a memory fabric
    KR20180068537A|2018-06-22|Encryption and decryption system using unique serial number and symmetric cryptography
    同族专利:
    公开号 | 公开日
    ES2685126B1|2019-09-09|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US4229817A|1978-04-28|1980-10-21|Datotek, Inc.|Portable electronic cryptographic device|
    US20090133610A1|2007-11-28|2009-05-28|Baker David L| armed junction box enclosure|
    ES2523423A2|2013-04-10|2014-11-25|Crypto Solutions, S.L.|Symmetric encryption device, and method used|
    法律状态:
    2018-10-05| BA2A| Patent application published|Ref document number: 2685126 Country of ref document: ES Kind code of ref document: A1 Effective date: 20181005 |
    2019-09-09| FG2A| Definitive protection|Ref document number: 2685126 Country of ref document: ES Kind code of ref document: B1 Effective date: 20190909 |
    2020-02-21| FA2A| Application withdrawn|Effective date: 20200217 |
    优先权:
    申请号 | 申请日 | 专利标题
    ES201700375A|ES2685126B1|2017-03-31|2017-03-31|Corporate encryption device with real-time key refresh method and authentication|ES201700375A| ES2685126B1|2017-03-31|2017-03-31|Corporate encryption device with real-time key refresh method and authentication|
    [返回顶部]