Abstract: Cryptographic keys for a cryptographic function are notarized by encrypting the keys with the cryptographic function using a notarizing cryptographic key derived from identifier designations associated with the encryptor and intended decryptor, respectively, and an interchange key which is accessible only to authorized users of the cryptographic function. Preferably, the identity of a user of the cryptographic function is authenticated as a condition to access to an interchange key. Advantageously, authentication is accomplished by comparing a password designation supplied by the user with a prestored version thereof which has been notarized by having been encrypted with the cryptograpic function using a notarizing cryptographic key derived from the identifier designation of the corresponding authorized user and an interchange key. Signature properties similar to those provided by public key systems are provided for nonpublic keys by allowing a user to use a key for only encryption or decryption and not both. Preferably, this is attained through the use of user identifiers which are combined in predetermined combinations for data key notarization and notarized data key decryption in dependence on whether a key is to be used for encryption or decryption.

Abstract: A simplified version of the Merkle-Hellman public key cryptographic system is breakable. While their full-fledged system seems to be resistant to the cryptanalytic attack we propose, the result suggests some ways in which the security of their system can be enhanced.

Abstract: Cryptographic methods of data protection have taken on new importance as computers have become faster and as strong cryptographic algorithms, such as the Data Encryption Standard (DES), have become available. But a standard encipherment technique is only the first step in applying cryptography in a computing center. This paper discusses the Information Protection System (IPS), a set of cryptographic application programs designed to use the DES algorithm in a working computing center. In designing IPS, several important augmentations of DES were formulated. IPS was first implemented to help increase computing-center security at the IBM Thomas J. Watson Research Center and is now widely installed at other IBM locations. IPS is not an IBM product and is not available for use outside IBM, but many cryptographic techniques in IPS were incorporated into the IBM cryptographic products announced in 1977.