[Cfrg] Dynamic Key Changes on Encrypted Sessions.
Peter Alexander <pipnflinx@gmail.com> Thu, 26 October 2017 18:06 UTC
Return-Path: <pipnflinx@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6343913F5D8 for <cfrg@ietfa.amsl.com>; Thu, 26 Oct 2017 11:06:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gukKg9sPApui for <cfrg@ietfa.amsl.com>; Thu, 26 Oct 2017 11:06:31 -0700 (PDT)
Received: from mail-qk0-x22b.google.com (mail-qk0-x22b.google.com [IPv6:2607:f8b0:400d:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2119813F441 for <cfrg@irtf.org>; Thu, 26 Oct 2017 11:06:31 -0700 (PDT)
Received: by mail-qk0-x22b.google.com with SMTP id y23so5370680qkb.10 for <cfrg@irtf.org>; Thu, 26 Oct 2017 11:06:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=J9bKlaysGRkA+V1ss0QhdSn9G8b8lhAm374Ykdt/gx0=; b=NJUOgqGtredHH1xNlwYgyWpleYNGTfaLDRZ1MmhdpE7tOhpWCtB9ND4AA4/jSoKAQR Yoexwx/B3+sgz/QwmolfYytyhXduUIloDk/fLaK6U2bzdYGV5VQconcpmJPaiTRLatL7 zTGy7kIXAW/FoRLS+udLR+Npd2M5ofunpumoiute2K4mp3RL1KxxI3ntkkiyrdduPuKq 5XucFp9kxpwr7ZAXHQjgI5MHtNrNCc4N65DlaeHZ2iAx2XF/Sf3E3AFUM/gzxKxqxIrU BfaeOsnBR/7h31catQeGZpUsk9rylqRbqb2zGaeX69W7RRGsH3nrdPIKCEyenTIKO1o9 0kAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=J9bKlaysGRkA+V1ss0QhdSn9G8b8lhAm374Ykdt/gx0=; b=PJ1oj5DouT7+X6HqbNObs6NtyWuipk9AlB3afksAVH/qfNKuiyU8s7w7S2YVUSkOin m58B5Znexb4i7Y7FcTbadqPolgBLMQiQ0Lsl29g1lL16np0fr+6+Oc+yAzAnkbKTL9QN MRnxIqTnXDSlwkH5+7FrAxBfw65unafvwrYBoSTbHkSwsvWwQ6hsWHkKDiQVuQMLX64z ecXN7tdJWR5vVEWd4CP8pdqNHzBww2pGzACisu/U6dNF+oOs5eKoAlaoGeuJjQDesHDB Ux32le8xIr/zTqPxoc/n8UG+e0bBVgWEhNhfGYfZ9jBVXsfLBQ1XLt4jp+XPjojpuaPd YTNQ==
X-Gm-Message-State: AMCzsaXtq0M6RtTQX6tAxfrd27SYAJzfhLUgmtjSftX6NVuJWCu78zBX ei5Gp87gNtYsxWkIxWKObkBAtL365p9KwwSffDswSA==
X-Google-Smtp-Source: ABhQp+TtacbHPGJGsCjhqnc45W/GF0YwgtaYnzs9W/k0/Za2HEiiQBrVbexsT+yC2h6foenK7qEs9LJBr0v4d2sUjGg=
X-Received: by 10.55.20.72 with SMTP id e69mr8928910qkh.194.1509041190006; Thu, 26 Oct 2017 11:06:30 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.200.58.103 with HTTP; Thu, 26 Oct 2017 11:06:29 -0700 (PDT)
From: Peter Alexander <pipnflinx@gmail.com>
Date: Thu, 26 Oct 2017 14:06:29 -0400
Message-ID: <CAH7Xz3fwZvQFgh2NdzHSToA_mQpyJ5ysKB2RkjeezAvOkHFHLQ@mail.gmail.com>
To: cfrg@irtf.org
Content-Type: multipart/alternative; boundary="001a1145eae814f40a055c7708ca"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/Ksxibt_0BrPuDMsOTPp2vMHZKXQ>
Subject: [Cfrg] Dynamic Key Changes on Encrypted Sessions.
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2017 18:06:32 -0000
Greetings everyone, I have tried sending this message before but it was getting blocked. So I am trying again :) Eliot Lear from the SAGG mailing list pointed me in your direction. Have been meaning to post but got busy. Briefly; I co-invented a VPN-like method for securing transmissions where encryption keys could be changed without having to tear-down, and rebuild the entire session. At the time we also tried to patent the technology but essentially ran out of funding. The organization has since dissolved. This was back in 2010. Given that the invention always sparked interest, but never truly gone anywhere I would like to begin the process of opening it up to a wider audience. What follows are a few of the high-level design elements which we thought were unique to the art. - Dynamic key changes during encrypted sessions (no need to restart) - Initial key exchange agnostic. Ex: Possible to use IPSec/DH exchange to build initial tunnel - Packets containing keys are obfuscated using upto three methods - Can also utilize locally stored key arrays. Sending index of key instead of key itself. We were able to come up with working code (Linux 2.6 kernel & Android Gingerbread), which I can share once I remove the proprietary crypto libraries. I also have all of the documentation/presentation slides that I authored at the time. Kindly let me know if this is something worth moving forward with. I am open to discussion/criticism as needed. Cheers!
- [Cfrg] Dynamic Key Changes on Encrypted Sessions. Peter Alexander
- Re: [Cfrg] Dynamic Key Changes on Encrypted Sessi… Paterson, Kenny
- Re: [Cfrg] Dynamic Key Changes on Encrypted Sessi… Peter Alexander