Block encryption method and schemes for data confidentiality and integrity protection
First Claim
1. An encryption method comprising the steps of:
- receiving an input plaintext string comprising a message;
partitioning the input plaintext string into a plurality of equal-size blocks;
creating an MDC block that includes the result of applying a non-cryptographic Manipulation Detection Code (MDC) function to the plurality of the equal-size blocks;
making one and only one processing pass with a single cryptographic primitive over each of said equal-size blocks and the MDC block to create a plurality of hidden ciphertext blocks; and
performing a randomization function over said plurality of hidden ciphertext blocks to create a plurality of output ciphertext blocks.
0 Assignments
0 Petitions
Accused Products
Abstract
A block encryption method and schemes (modes of operation) that provide both data confidentiality and integrity with a single cryptographic primitive and a single processing pass over the input plaintext string by using a non-cryptographic Manipulation Detection Code function for secure data communication over insecure channels and for secure data storage on insecure media. The present invention allows, in a further aspect, software and hardware implementations, and use in high-performance and low-power applications, and low-power, low-cost hardware devices. The block encryption method and schemes of this invention allow, in yet a further aspect, encryption and decryption in parallel or pipelined manners in addition to sequential operation. In a yet further aspect, the block encryption method and schemes of this invention are suitable for real-time applications.
-
Citations
2 Claims
-
1. An encryption method comprising the steps of:
-
receiving an input plaintext string comprising a message;
partitioning the input plaintext string into a plurality of equal-size blocks;
creating an MDC block that includes the result of applying a non-cryptographic Manipulation Detection Code (MDC) function to the plurality of the equal-size blocks;
making one and only one processing pass with a single cryptographic primitive over each of said equal-size blocks and the MDC block to create a plurality of hidden ciphertext blocks; and
performing a randomization function over said plurality of hidden ciphertext blocks to create a plurality of output ciphertext blocks.
-
-
2. A decryption method that is the inverse of an encryption method, comprising the steps of:
-
presenting a string including ciphertext string for decryption;
partitioning said ciphertext string into a plurality of ciphertext blocks;
selecting n+1 ciphertext blocks from said plurality of ciphertext blocks representing n data blocks and one Manipulation Detection Code (MDC) block and performing a reverse randomization function on each of the selected n+1 ciphertext blocks to obtain a plurality of hidden ciphertext blocks;
making one and only one processing pass with a single cryptographic primitive that is the inverse of an encryption single cryptographic primitive over the plurality of hidden ciphertext blocks to obtain a plurality of plaintext blocks;
verifying integrity of the plaintext blocks using a non-cryptographic MDC function;
outputting the plurality of plaintext blocks as an accurate plaintext string if the integrity verification passes; and
outputting a failure indicator if the integrity verification fails.
-
Specification
-
- Resources
-
Current AssigneeVdg, Inc.
-
Original AssigneeVdg, Inc.
-
InventorsDonescu, Pompiliu, Gligor, Virgil Dorin
-
Application NumberUS11/267,146Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current380/28CPC Class CodesH04L 2209/08 Randomization, e.g. dummy o...H04L 2209/125 Parallelization or pipelini...H04L 2209/20 Manipulating the length of ...H04L 9/0637 Modes of operation, e.g. ci...H04L 9/0643 Hash functions, e.g. MD5, S...H04L 9/0656 Pseudorandom key sequence c...H04L 9/3242 involving keyed hash functi...
