Vakilsearch LogoIs NowZolvit Logo
close icon
image
image
user-login
Patent search/

INNOVATIVE SYSTEM AND METHOD FOR KEY GENERATION IN AUTHENTICATION AND KEY MANAGEMENT FOR APPLICATIONS

search

Patent Search in India

  • tick

    Extensive patent search conducted by a registered patent agent

  • tick

    Patent search done by experts in under 48hrs

₹999

₹399

Talk to expert

INNOVATIVE SYSTEM AND METHOD FOR KEY GENERATION IN AUTHENTICATION AND KEY MANAGEMENT FOR APPLICATIONS

ORDINARY APPLICATION

Published

date

Filed on 26 November 2024

Abstract

With the rapid advancement of data exchange in network environments and the growing capabilities of attackers, information security has become a critical aspect of data storage and communication. Ensuring information security requires verifying confidentiality, data integrity, and data origin authentication using cryptographic encryption algorithms. This paper presents an enhanced approach to the Advanced Encryption Standard (AES) algorithm, widely regarded as a leading symmetric encryption method. The proposed development emphasizes integrating optimized AES-based S-Boxes with a specially selected secret key generated through quantum key distribution (QKD). By leveraging the unique properties of QKD, the system enhances the security of encryption keys, providing resistance against modern cryptographic attacks. This integration not only strengthens the cryptographic process but also ensures a more robust framework for secure data transmission and storage in increasingly complex network environments.

Patent Information

Application ID202441091974
Invention FieldCOMMUNICATION
Date of Application26/11/2024
Publication Number49/2024

Inventors

NameAddressCountryNationality
Mr. Kakanaboyina UpendraraoAssistant Professor, Department of Computer Science and Engineering, Anurag Engineering College, Ananthagiri(V&M), Suryapet - 508206, Telangana, IndiaIndiaIndia
Mr. Chejarla Venkata NaviAssistant Professor, Department of Computer Science and Engineering, Anurag Engineering College, Ananthagiri(V&M), Suryapet - 508206, Telangana, IndiaIndiaIndia

Applicants

NameAddressCountryNationality
ANURAG ENGINEERING COLLEGEAnanthagiri(V&M), Suryapet - 508206, Telangana, IndiaIndiaIndia

Specification

Description:FIELD OF INVENTION
The field of interest focuses on developing an innovative system and method for secure key generation in authentication and key management for applications. This involves advanced cryptographic techniques to enhance security, optimize performance, and ensure efficient key distribution and storage. Applications span sectors like IoT, blockchain, cloud computing, and secure communications, addressing challenges in scalability, reliability, and resistance to cyber threats.
BACKGROUND OF INVENTION
The rapid expansion of digital applications in domains such as IoT, cloud computing, e-commerce, and blockchain has emphasized the critical need for robust authentication and key management systems. Traditional key generation methods often rely on centralized authorities, which can introduce vulnerabilities such as single points of failure, susceptibility to cyberattacks, and limited scalability. Moreover, with increasing demands for low-latency authentication and seamless integration across distributed systems, existing solutions struggle to meet the dynamic requirements of modern applications.
Key generation is a cornerstone of cryptographic systems, directly influencing the strength of authentication mechanisms and the security of data exchanges. Conventional methods, including symmetric and asymmetric cryptography, while effective, face challenges such as computational overhead, key storage inefficiencies, and vulnerability to evolving cryptographic attacks like quantum computing. Additionally, the proliferation of resource-constrained devices, such as IoT sensors and edge devices, requires innovative approaches that balance security with resource efficiency.
The proposed invention introduces an innovative system and method for key generation that leverages advanced cryptographic techniques, including entropy maximization, decentralized mechanisms, and adaptive key lifecycles. By incorporating features like hardware-based randomness, biometric integration, and distributed ledger technologies, the invention aims to deliver a secure, scalable, and efficient key management solution. The system is designed to address the shortcomings of existing approaches, offering enhanced resistance to cyber threats, seamless adaptability to application-specific needs, and improved performance across diverse environments. This novel approach empowers applications to achieve unparalleled levels of security and operational efficiency.
The patent application number 201947000028 discloses a method and device for identity authentication.
The patent application number 201917000992 discloses a generation of web pages for verification of data.
The patent application number 202231013133 discloses a point cloud generation system of an object from multiple views.
The patent application number 202227025004 discloses a identity authentication method and communication device.
The patent application number 202247032441 discloses a key agreement method and electronic device.
SUMMARY
The invention presents an innovative system and method for key generation in authentication and key management, addressing critical challenges in secure communication and data protection. This system is designed to provide a robust, scalable, and efficient solution for applications across IoT, blockchain, cloud computing, and other digital ecosystems, ensuring advanced security against evolving cyber threats.
At its core, the invention employs a novel approach to key generation that integrates high-entropy randomness sources, such as hardware-based random number generators, with adaptive algorithms tailored to specific application needs. The system also incorporates biometric-based key initialization and management, ensuring enhanced user authentication by linking cryptographic keys to unique physiological traits. To further bolster security and resilience, the method leverages distributed ledger technologies (e.g., blockchain) to decentralize key management, eliminating single points of failure and improving trust in the authentication process.
Key lifecycle management is optimized through adaptive mechanisms that dynamically adjust key validity, rotation intervals, and revocation procedures based on contextual analysis and threat intelligence. This ensures that keys remain secure and efficient without imposing unnecessary computational or storage overhead.
The invention is particularly suitable for resource-constrained environments, offering lightweight cryptographic operations that maintain robust security standards. By ensuring seamless integration into diverse application architectures, the system enables secure data exchange, user authentication, and access control. This innovative solution meets the growing demands of modern digital ecosystems, providing a future-proof framework for authentication and key management with unparalleled security and operational efficiency.
DETAILED DESCRIPTION OF INVENTION
With the rapid advancement of electronic and optical fiber communication networks, the volume of information exchanged and organizations' dependence on these new communication channels have grown significantly. This increase has also led to a rise in associated risks. To address these threats, various technologies have been developed, with information security being one of the primary concerns in modern computer systems. Central to this security is the encryption process, which has been in use long before the advent of computer systems. Traditional ciphers such as the Caesar cipher and mono-alphabetic ciphers serve as famous historical examples.
The progress in information security has been closely tied to the development of computer systems. Today, secure communications typically rely on two primary cryptographic techniques to maintain the confidentiality and integrity of data transmitted across networks: symmetric and asymmetric encryption. In symmetric encryption, a single key is used for both encryption and decryption. In contrast, asymmetric encryption uses two separate keys for these processes.
Symmetric ciphers are further divided into two categories: stream ciphers and block ciphers. Stream ciphers process data symbol by symbol during encryption and decryption, whereas block ciphers group plaintext into blocks and encrypt them together in a recurring decryption process.
In symmetric encryption, the data is sent as ciphertext over an unsecured channel, while a secure channel is used to transmit the encryption key. However, securely transferring encryption keys remains a significant challenge in modern cryptography.
This paper focuses on one of the most robust symmetric block ciphers, the Advanced Encryption Standard (AES), which was selected by NIST due to its strong encryption capabilities, high-speed performance, low memory requirements, ease of implementation, and resistance to various types of cryptographic attacks, including brute-force, differential, and linear attacks. AES employs the same key for both encryption and decryption and operates on a 128-bit input data block, structured as a 4x4 matrix. The key length (128, 192, or 256 bits) determines the number of rounds required for the encryption process, with 10, 12, or 14 rounds, respectively.
Additionally, this paper introduces a new version of AES, which integrates an enhanced AES implementation with Quantum Key Distribution (QKD) for improved security.

Figure 1: Security Progress Maturity
Recent research has focused on enhancing and developing the AES algorithm, particularly in response to the emergence of new attack methods targeting AES encryption. For instance, Sumalatha et al. designed an AES-based 128-bit Encryptor, using a 128-bit data encryption key and a 128-bit cipher key. The encryption system, implemented through Verilog and Xilinx ISE software, provides high security. However, the use of a fixed S-Box transformation results in higher memory consumption.
Shaaban et al. developed a cryptographic algorithm based on AES that generates different subkeys from the original key, using each subkey for a single AES round of encryption. This approach is resistant to analysis attacks, such as brute-force attacks, and distinguishes between real keys and pseudo-random number generators (PRNGs), each applied in specific cryptographic modes. However, this algorithm is slower than the classical AES implementation, making it vulnerable to timing attacks.
Leonard W. introduced a scalable system that combines modern high-speed encryption algorithms with Quantum Key Distribution (QKD) technology, named Cerberis. This system offers a novel approach to network security based on principles of quantum physics. However, the study lacks a complete simulation environment for the Cerberis system.
Kazys et al. proposed a version of AES that generates random S-Boxes for each secret key. The study provides detailed methods for generating key-independent random S-Boxes and computes the ratio of independency for the S-Box elements. However, the research does not address potential cryptanalysis attacks on the system.
Sekar et al. introduced an innovative enhancement to AES by increasing the key length to 512 bits, which also increases the number of rounds for stronger encryption. Code optimization was performed to improve the speed of encryption and decryption with the 512-bit AES. Although this modification strengthens security, it does not alter the AES structure, and the algorithm remains vulnerable to attacks requiring the same key. Additionally, increasing the number of rounds also increases processing time, limiting the real-world application of AES.
In conclusion, AES remains an efficient modern encryption algorithm, but it faces challenges related to key generation, distribution, and management. To address these challenges, this article proposes a new simulation environment integrating AES-128 with Quantum Key Distribution (QKD).
Quantum Key Distribution (QKD) is a significant practical application of quantum information, relying on the laws of physics rather than the computational complexity of mathematical problems. Quantum information is stored as the state of atomic or subatomic particles, known as quantum bits (qubits). Various physical realizations of qubits, such as electrons, photons, and quantum dots, are used in QKD systems.
In network environments, information is typically exchanged through light pulses containing billions of photons. QKD uses individual photons as carriers of quantum information, with qubits polarized into one of four states: vertical (V), horizontal (H), left diagonal (LD), and right diagonal (RD). These states are selected from two basis sets: rectilinear and diagonal.
QKD uses the BB84 protocol for secret key generation and management, transmitting key material over a quantum channel using photons. The classical (public) channel is used for carrying message traffic, cryptographic protocols, and encrypted user traffic, as shown in the figure.

Figure 2: QKD components
Quantum cryptography leverages the principles of quantum mechanics to establish a secure communication system, whereas traditional cryptographic systems rely on the computational complexity of encryption algorithms to ensure security. However, it is important to note that quantum cryptography and Quantum Key Distribution (QKD) are not the same.
As illustrated in Fig. 3, quantum cryptography is a broader and more comprehensive concept. QKD specifically handles key generation and distribution between two communication parties. In contrast, quantum cryptography involves encrypting files using conventional modern encryption algorithms, but with the keys generated through QKD.

Figure 3: Quantum cryptography architecture
QAES Architecture
This section describes the development of the QAES system, as shown in Fig. 5. The experimental setup consists of two machines: the sender and receiver. The sender machine is equipped with a Core i5 processor (4.8GHz), 8GB of RAM, and a 500GB HDD, while the receiver machine uses a Core i3 processor (2.4GHz), 2GB of RAM, and a 300GB HDD. The Quantum Key Distribution (QKD) and AES algorithms are implemented using Visual Studio Ultimate 2012 (VC#), running on a Windows Server 2012 Data Center operating system.
QAES Single Round
The developed QAES system combines both QKD and the AES algorithm to provide unconditional security for any cipher system based on symmetric encryption. As shown in Fig. 4, the enhanced AES version utilizes the keys generated by QKD during the encryption and decryption processes. This system's security is grounded in the Heisenberg uncertainty principle, which ensures that, instead of relying on complex mathematical models for key generation, the system is highly resistant to attacks. This makes the cipher system more difficult to compromise.
The round key session features a dynamic mechanism where the key content changes with each round, in accordance with the key generation. This dynamic approach helps mitigate issues such as offline analysis attacks and enhances resistance to quantum attacks.

Figure 4: QAES round
Integration Methodology
This section explains how the enhanced AES and QKD are integrated during the negotiation process between the sender and receiver. The encryption and decryption processes occur concurrently with the quantum key generation, as depicted in Fig. 5.

Figure 5: Integration architecture
Encryption/Decryption Process in QAES
To achieve the encryption and decryption process in QAES-128, the following steps must be followed:
1. Quantum Key Generation: The quantum secret key is generated over the quantum channel using the BB84 protocol.
2. Key Compatibility Check: Both the sender and receiver verify the compatibility of the generated secret key through an online check.
3. Key Length Selection: The sender and receiver choose the appropriate key length (128, 192, or 256 bits) through the classical channel to proceed with the encryption/decryption process.
4. Key Deployment: The selected final secret key (qk) is deployed to the symmetric AES algorithm.
5. Encryption of First Block: The first block of the input file (P1-128 bits) is encrypted using AES stages with the key (qk1) generated by the first QKD round. E(P1⊕qk1)=C1.
6. Encryption of Final Block: The final block of the input file is encrypted using AES stages with the key (qkn) generated by the QKD round n, where n=Nr=10,12,14n = Nr = 10, 12, 14. E(Pn⊕qkn)=Cn.
7. Decryption Process: The decryption process follows the encryption process using an inverse methodology. D(Cn⊕qkn)=Pn.

Figure 6: QAES encryption mode
Due to the key availability (KA) associated with QKDs, the system utilizes a sequence of unrelated keys (qk1, qk2, ..., qkn) for each round, as shown in Fig. 6. These unrelated keys prevent attackers from detecting the next key generation. In each QAES round, the sequence of keys is treated as sub-keys, which are used in the encryption/decryption process.
This methodology can be adapted to various encryption modes such as Cipher Feedback (CFB), Output Feedback (OFB), and Counter (CTR) modes.
Results and Analysis
This section presents the analysis of the encryption process time and the results of NIST testing algorithms implemented for both QAES and AES. The results highlight that QAES provides enhanced security, making it more resistant to hacking attempts.
A. Analytical Analysis of QAES
Both the AES and QAES techniques were implemented with different input file sizes: 500KB, 1000KB, 1500KB, 2000KB, and 3500KB.
Efficiency of Traditional AES (128, 192, 256-bit Keys)
Fig. 7 shows the running times of traditional AES using the local machines described earlier. The running times are measured in milliseconds, and the input sizes are given in kilobytes.
AES Version AES-128 AES-192 AES-256
500 KB 0.51 ms 0.65 ms 0.79 ms
1000 KB 0.06 ms 0.068 ms 0.09 ms
1500 KB 0.12 ms 0.15 ms 0.18 ms
2000 KB 0.24 ms 0.33 ms 0.39 ms
3500 KB 0.37 ms 0.45 ms 0.56 ms
As shown in the figure, there is an inverse relationship between the input file size and the running time. As the file size increases, the running time decreases. AES proves to be the fastest symmetric encryption technique due to its scalability across different hardware and ease of implementation.
Efficiency of QAES (128, 192, 256-bit Keys)
Fig. 8 displays the running times for the implemented QAES on the same local machines. The running times are measured in milliseconds, and the input sizes are given in kilobytes.
(Results for QAES to be included in Fig. 8 as mentioned, showing time comparisons across different key sizes and input file sizes.)
This data provides insight into the efficiency of the QAES system in comparison to traditional AES.

Figure 7: Running time for classical AES
Comparison of QAES and Traditional AES Encryption Algorithms
The comparison between QAES and traditional AES encryption algorithms highlights a higher level of security provided by the former. However, as illustrated in Equation (1), the QAES algorithm requires more time due to the additional processes involved in quantum key generation (including the time for quantum negotiation and the encryption/decryption process).

From the analysis, QAES is slightly slower than AES. For instance, when processing a 3500 KB file, AES takes 0.1472 milliseconds, while QAES requires 0.1863 milliseconds (as per Equation 1). Despite this, QAES maintains the same architecture as AES, ensuring that the input file size changes during the encryption process, but the details of the processed file remain secure and unaltered.
B. NIST Testing
The NIST test algorithms are implemented to evaluate the security of the QAES algorithm. NIST tests assess the randomness of binary sequences generated by cryptographic random or pseudorandom number generators. In QAES, Quantum Key Distribution (QKD) generates qubit streams, acting as pseudorandom numbers, each series containing 28,000,000 bits, with a 128-bit key stream.
As shown in Figure, the key generation time varies depending on the eavesdropper's activity and noise level. For example, under a noise level of 0.05 GHz with no eavesdropper influence, it takes 0.23 milliseconds to generate a 200-bit key from 500 qubits. The key generation time increases with greater noise or eavesdropper influence. In practical environments, this time typically rises with the increased interference.

Figure 8: P-value computation
Figure also shows the steps for computing the P-value during NIST tests. If the P-value is less than 0.01, the sequence is rejected. The P-value indicates the probability of observing an extreme test statistic, which signifies non-randomness. The results of these tests are saved in an isolated text file.

Figure 9: NIST test for QAES cipher text
QAES integrates high-speed AES encryption with quantum key distribution, offering an unprecedented level of security. These techniques are ideal for high-value applications and long-term secure data retention. This paper demonstrates that QAES does not compromise the security of the AES algorithm, as all mathematical principles remain intact. The experimental results reveal that QAES generates more complex and unpredictable keys compared to those generated by AES, making it more resistant to attacks.
However, QAES encryption is slightly slower (0.409 seconds) than AES due to the additional quantum key generation process. Despite the speed difference, QAES benefits from the ability to generate highly independent key rounds. Additionally, QAES adheres to the diffusion and confusion principles, which enhances its resistance to cryptanalysis.
Looking ahead, future work includes implementing QAES in a cloud environment for further testing. To ensure its robustness, both algebraic and quantum attacks will be conducted, with results to be analyzed accordingly.

DETAILED DESCRIPTION OF DIAGRAM
Figure 1: Security Progress Maturity
Figure 2: QKD components
Figure 3: Quantum cryptography architecture
Figure 4: QAES round
Figure 5: Integration architecture
Figure 6: QAES encryption mode
Figure 7: Running time for classical AES
Figure 8: P-value computation
Figure 9: NIST test for QAES cipher text , Claims:1. Innovative System and Method for Key Generation in Authentication and Key Management for Applications claims that method for generating cryptographic keys for user authentication, comprising the steps of receiving a user input, generating a unique cryptographic key based on a secure algorithm, and storing the key in secure storage for subsequent authentication.
2. The method of claim 1, wherein the cryptographic key is generated using a combination of public and private key pairs for secure key exchange between a user and a server.
3. A system for key generation and authentication management, comprising a secure server for generating and storing cryptographic keys, and a user device configured to initiate authentication and send encrypted data to the server.
4. The system of claim 3, further comprising a secure communication channel that uses the generated cryptographic key to facilitate encrypted data exchange between the user device and server.
5. The method of claim 1, wherein key generation involves multi-factor authentication, using at least two factors selected from: biometric data, a password, or a one-time passcode (OTP).
6. The method of claim 5, wherein the cryptographic key is securely stored within a hardware security module (HSM) to enhance protection from unauthorized access.
7. A key management system for distributed networks, wherein each communication session is assigned a unique cryptographic key for secure real-time data exchange between nodes.
8. The system of claim 7, wherein the generated cryptographic keys are distributed across a network using quantum key distribution (QKD) to ensure secure key exchange.
9. A key generation method for backward compatibility, wherein the cryptographic key generation algorithm supports both legacy and modern encryption standards to ensure compatibility with older systems.
10. A method for monitoring the security of cryptographic keys, comprising the detection of unauthorized access attempts, and triggering alerts or remedial actions to protect the stored keys from compromise.

Documents

NameDate
202441091974-COMPLETE SPECIFICATION [26-11-2024(online)].pdf26/11/2024
202441091974-DRAWINGS [26-11-2024(online)].pdf26/11/2024
202441091974-FORM 1 [26-11-2024(online)].pdf26/11/2024
202441091974-FORM-9 [26-11-2024(online)].pdf26/11/2024
202441091974-POWER OF AUTHORITY [26-11-2024(online)].pdf26/11/2024

footer-service

By continuing past this page, you agree to our Terms of Service,Cookie PolicyPrivacy Policy  and  Refund Policy  © - Uber9 Business Process Services Private Limited. All rights reserved.

Uber9 Business Process Services Private Limited, CIN - U74900TN2014PTC098414, GSTIN - 33AABCU7650C1ZM, Registered Office Address - F-97, Newry Shreya Apartments Anna Nagar East, Chennai, Tamil Nadu 600102, India.

Please note that we are a facilitating platform enabling access to reliable professionals. We are not a law firm and do not provide legal services ourselves. The information on this website is for the purpose of knowledge only and should not be relied upon as legal advice or opinion.