Cipher For Disk Encryption
First Claim
1. A cipher system for encrypting plaintext into ciphertext in an encryption direction and for decrypting ciphertext into plaintext in a decryption direction, the cipher system comprising:
- a cipher;
a processor;
a first diffuser that, when executed on the processor, provides a first type of diffusion in the encryption direction, wherein, in the first type of diffusion, a relatively small change to an input to the first diffuser produces a relatively large change to an output from the first diffuser; and
a second diffuser that, when executed on the processor, provides a second type of diffusion in the encryption direction, wherein, in the second type of diffusion, a relatively large change to an input to the second diffuser produces a relatively small change to an output from the second diffuser,wherein the first diffuser is provided with input data that is based on plaintext xorred with a sector key, the sector key is derived from a key that comprises a number of bits, the sector key employs a first portion of the number of bits, and the cipher employs a second portion of the number of bits,wherein the second diffuser receives first diffused data from the first diffuser and provides second diffused data to the cipher, andwherein the cipher encrypts the second diffused data into ciphertext.
1 Assignment
0 Petitions
Accused Products
Abstract
Encryption is provided with additional diffusion components to construct a block cipher with a large and variable block size. The cipher incorporates an encryption system or algorithm such that the cipher is at least as secure as the encryption system or algorithm. Additional components of the cipher provide improved diffusion. This combination ensures that the cipher is at least as strong as the encryption algorithm, and at the same time it provides additional security properties due to its improved diffusion.
-
Citations
20 Claims
-
1. A cipher system for encrypting plaintext into ciphertext in an encryption direction and for decrypting ciphertext into plaintext in a decryption direction, the cipher system comprising:
-
a cipher; a processor; a first diffuser that, when executed on the processor, provides a first type of diffusion in the encryption direction, wherein, in the first type of diffusion, a relatively small change to an input to the first diffuser produces a relatively large change to an output from the first diffuser; and a second diffuser that, when executed on the processor, provides a second type of diffusion in the encryption direction, wherein, in the second type of diffusion, a relatively large change to an input to the second diffuser produces a relatively small change to an output from the second diffuser, wherein the first diffuser is provided with input data that is based on plaintext xorred with a sector key, the sector key is derived from a key that comprises a number of bits, the sector key employs a first portion of the number of bits, and the cipher employs a second portion of the number of bits, wherein the second diffuser receives first diffused data from the first diffuser and provides second diffused data to the cipher, and wherein the cipher encrypts the second diffused data into ciphertext. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented cipher method for encrypting plaintext into ciphertext in an encryption direction, the computer comprising a processor, the computer-implemented cipher method comprising:
-
providing input data to a first diffuser on the processor, wherein the first diffuser provides good diffusion in a decryption direction and not-good diffusion in the encryption direction, the decryption direction being opposite the encryption direction, wherein the input data is based on plaintext xorred with a sector key, the sector key is derived from a key that comprises a number of bits, the sector key employs a first portion of the number of bits, and the cipher employs a second portion of the number of bits; providing first diffused data from the first diffuser to a second diffuser that provides good diffusion in the encryption direction and not-good diffusion in the decryption direction; and encrypting an output of the second diffuser using a cipher. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A cipher system for encrypting plaintext into ciphertext in an encryption direction and for decrypting ciphertext into plaintext in a decryption direction, the cipher system comprising:
-
a cipher; a processor; a first diffuser executing on the processor, wherein the first diffuser provides relatively good diffusion in the decryption direction and relatively poor diffusion in the encryption direction, wherein the input data is based on plaintext xorred with a sector key, the sector key is derived from a key that comprises a number of bits, the sector key employs a first portion of the number of bits, and the cipher employs a second portion of the number of bits; and a second diffuser executing on the processor, wherein the second diffuser receives first diffused data from the first diffuser, provides relatively good diffusion in the encryption direction and relatively poor diffusion in the decryption direction, and provides second diffused data to the cipher, wherein the cipher encrypts the second diffused data into ciphertext. - View Dependent Claims (18, 19, 20)
-
Specification