The United States Patent and Trademark Office has granted Authernative a patent for an encryption key generation method.
The newly issued US Patent No. 7,577,987 titled “Key generation method for communication session encryption and authentication system” describes a new encryption key management system integrated with a two-factor authentication protocol. This system provides for mutual authentication of the connected parties in a client-server architecture which results in a secure distribution of secret session-only random symmetric encryption keys that are generated at the server and distributed to clients.
The wide proliferation of B2B and B2C e-commerce networks enabling connections from user’s mobile devices, laptop/desktop computers, ATMs, POS terminals, set-top boxes, VOIP phones, GPS and other data processing devices necessitates enhancement of the security infrastructure at the consumer level, especially in the area of user authentication and data-in-transit security.
Usage of Public Key Infrastructure (PKI) has certain limitations at the mass user level due to technology deployment complexities, cost, and administration of the consumers’ keys / certificates. Authernative-patented MEDIA protocol overcomes these PKI issues by using two-factor authentication credentials adopted in e-commerce with the benefit of providing seamless mutual authentication and a secure session-only random symmetric encryption key distribution enabling further secure data exchange.
The security of the key exchange in the MEDIA protocol is based on algorithms enabling the following three Authernative-patented technologies:
- a key generation architecture utilizing the Time Interplay Limited SRK (Session Random Key) Algorithm (TILSA) – US Patent No. 7,577,987,
- a key exchange protocol utilizing the TILSA algorithm and communication parties’ authentication credentials with Key Encryption/Decryption Iterative Algorithm (KEDIA) – US Patent No. 7,506,161, and
- a Key Conversion Array (KCA) technology providing for high security message exchange over non-trusted communication media by utilizing either of patented algorithms: Bit-Veil-Unveil (BitVU), Byte-Veil-Unveil (ByteVU), and Bit-Byte-Veil-Unveil (BBVU) – US Patent No. 7,299,356.
These patented technologies embedded into Authernative AuthGuard user authentication product enable user authentication and client-server mutual authentication during the authentication stage of the communication session and secure exchanges of encryption keys to allow secure content delivery.