BILATERAL AUTHENTICATION AND INFORMATION ENCRYPTION TOKEN SYSTEM AND METHOD

摘要

An authentication and information encryption system and method which uses a token system for increased security in accommodating bilateral encrypted communications between an originating system and an answering system, with each system without synchronization independently generating a message digest through use of an encryption key generator which employs bit-shuffling, many-to-few bit mapping, and secure hash processing to forestall attempts to discover the secret inputs to the generator, or the system password, encryption key, or change value outputs extracted from the message digest, through cryptographic analysis or brute force trial-and-error attacks, and with each system using the passwords, encryption key and change value during only a single system connection before using the change value to update one of the secret inputs to the key generator to provide new password, encryption key and change value parameters having no predictable relationship to their previous counterparts, and with each system accommodating plural authentication cycles to verify the originating system, the answering system, the token system and the pairing of the token system with either the originating system, the answering system, or both, all without public exposure of the secret inputs, encryption key or change value. Further, a deterministic, non-predictable, pseudo-random, and symmetric encryption key is generated, used during only a single system connection, and then destroyed. Thus, the need for key directories is obviated. Lastly, the token system ID, the originating system ID, and the answering system ID may be altered by a component of the message digest upon completion of a system connection to significantly reduce the risk of playback impersonations.