Systems and methods for protecting data secrecy and integrity
2 Assignments
0 Petitions
Accused Products
Abstract
A technique for integrating message authentication with encryption and decryption is disclosed. Intermediate internal states of the decryption operation are used to generate a validation code that can be used to detect manipulation of the encrypted data. The technique is optimized with respect to processing time, execution space for code and runtime data, and buffer usage. The technique is generally applicable to a variety of block ciphers, including TEA, Rijndael, DES, RC5, and RC6.
-
Citations
74 Claims
-
1-42. -42. (canceled)
-
43. A method for performing a mixing operation for use in authenticating encrypted data, the method comprising the steps of:
-
receiving an input data block;
dividing the input data block into a first segment and a second segment;
using a first function to combine the first segment with a first input;
using a second function to combine the second segment with a second input;
generating a first output by performing a first transformation on an output of the first function, wherein the first transformation is based, at least in part, on the second input;
generating a second output by performing a second transformation on an output of the second function, wherein the second transformation is based, at least in part, on the first input;
combining the first output and the second output to form an output data block. - View Dependent Claims (44, 46, 47, 48)
-
-
45. The method of 44, wherein the predefined portion of the first input comprises the five lowest order bits of the first input, and wherein the predefined portion of the second input comprises the five lowest order bits of the second input.
-
49. A system for performing a mixing operation for use in authenticating an encrypted file, the system including:
-
first logic for partitioning an input data block into a first segment and a second segment;
an adder for adding the first segment to a first input;
an exclusive-or calculator for combining the second segment with a second input;
second logic for rotating an output of the adder by a number of bits specified by a predefined portion of the second input;
third logic for rotating an output of the exclusive-or calculator by a number of bits specified by a predefined portion of the first input;
fourth logic for combining an output of the second logic and an output of the third logic to form an output data block. - View Dependent Claims (50, 56, 57, 58, 59)
-
-
51-55. -55. (canceled)
-
60. A method for performing a mixing operation for use in authenticating encrypted data, the method comprising the steps of:
-
receiving an input data block;
dividing the input data block into a first segment and a second segment;
using a first function to combine the first segment with a first input;
using a second function to combine the second segment with a second input;
generating a first output by performing a first transformation including a bit-wise rotation on an output of the first function, wherein the first transformation is based, at least in part, on the second input;
generating a second output by performing a second transformation on an output of the second function; and
combining the first output and the second output to form an output data block. - View Dependent Claims (61, 62, 63, 64, 65, 66, 67)
-
-
68. A system for performing a mixing operation for use in authenticating an encrypted file, the system including:
-
first logic for partitioning an input data block into a first segment and a second segment;
an adder for adding the first segment to a first input;
a calculator for combining the second segment with a second input;
second logic for rotating an output of the adder by a number of bits specified by a predefined portion of the second input;
third logic for rotating an output of the calculator by a number of bits specified by a predefined portion of the first input;
fourth logic for combining an output of the second logic and an output of the third logic to form an output data block. - View Dependent Claims (69, 70, 71, 72, 73, 74)
-
Specification