Abstract: A bilateral system for authenticating remote transceiving stations through use of station identifiers (IDs), and through use of passwords which are used only one time, and thereafter exchanging messages through use of an encryption key which is changed after each system connection. Upon authentication, each of the stations independently creates a secret session encryption key in response to the other station's unique station identifier that is exchanged over a communication link in cleartext. The station identifiers are used as tags to look up a unique static secret and a unique dynamic secret which are known only by the two stations, but which are not exchanged over the communication link. The secrets are independently combined by a bit-shuffle algorithm, the result of which is applied to a secure hash function to produce a message digest.

Abstract: A file security system is disclosed in which both a deterministic, non-predictable, pseudo-random, symmetric encryption key and an encrypted information file are highly resistant to cryptographic analysis or brute force trial-and-error attacks. The encryption key is formed by first combining a constant value and a secret E-Key Seed in accordance with a logic, algebraic, and/or encryption function to shuffle bits and perform a first many-to-few bit mapping to provide a first pseudo-random result, and by operating upon the result with a secure one-way hash algorithm to perform a second many-to-few bit mapping and thereby provide a pseudo-random message digest. The message digest may be truncated to provide a deterministic encryption key. The information file to be protected is then encrypted with the encryption key, and thereafter the encryption key is destroyed by the file manager of the host system.

Abstract: An authentication and information encryption system and method which uses a token system for increased security in accommodating bilateral encrypted communications between an originating system and an answering system, with each system without synchronization independently generating a message digest through use of an encryption key generator which employs bit-shuffling, many-to-few bit mapping, and secure hash processing to forestall attempts to discover the secret inputs to the generator, or the system password, encryption key, or change value outputs extracted from the message digest, through cryptographic analysis or brute force trial-and-error attacks, and with each system using the passwords, encryption key and change value during only a single system connection before using the change value to update one of the secret inputs to the key generator to provide new password, encryption key and change value parameters having no predictable relationship to their previous counterparts, and with each system acc

Abstract: An encryption key generator is disclosed which is highly resistant to cryptographic analysis or brute force attacks, and which accommodates the destruction of an encryption key after each use by providing for the recreation of the key without need of key directories or other encryption key storage processes. A constant value and a secret E-Key Seed are applied as inputs to a bit-shuffling algorithm to provide a first many-to-few bit mapping and produce a first pseudo-random number. The first pseudo-random number in turn is applied as an input to a secure one-way hash algorithm to provide a second many-to-few bit mapping and produce a second pseudo-random number or message digest that may be truncated to a desired bit length to serve as a non-predictable but deterministic encryption key. Same constant value and E-Key Seed inputs to the key generator will provide the same message digest and hence the same key.