|
Applications
Partners
|
Secure Communication Using The MSK Protocol
User A
User A and User B initialize "one time only" by exchanging a string of characters "out of band" by any number of methods. The application throws this string away, but first, creates a continuous stream of dynamic changing keys that are used for encryption of the message/transaction. Many keys are used for the same transaction. No information about the keys is sent over the link or otherwise revealed. So no third party knows or has posession of the keys. Since the keys are synchronized, the other side of the link can decrypt the message. Authentication using the MSK Protocol is inherent and automatic across the link. The last Master Key of a session becomes the Session (first) Master Key of the new session. It can be encrypted and stored in a safe place in or out of the system. If both ends of the unique link have identical Session Master Keys, then they must have been the same ones who connected the last session. Authentication is by changing key states, not by passwords, biometric signatures or Certificate Authorities,etc. If "C" steals (copies) A's Session Master
Key, he must decrypt it. If, in the meanwhile, A communicates with
B, then C's stolen key will be invalid. If C does manage to decrypt
A's key and uses it to communicate with B and pretend he is A, then when
A tries to connect with B, he will not be able to. Thus A and B know
they have been compromised and from session logs know what has been compromised.
|
