PRECOMPUTING INTERNAL AES STATES IN COUNTER MODE TO PROTECT KEYS USED IN AES COMPUTATIONS
First Claim
Patent Images
1. A machine readable non-transitory storage medium containing executable program instructions which when executed by a data processing system cause the data processing system to perform a method comprising:
- generating a set of precomputed block cipher encryption values from a key and a set of nonces, the number of nonces in the set of nonces being limited to less than or equal to a number determined from a predetermined maximum plaintext length having a plurality of blocks;
storing the set of precomputed block cipher encryption values for use in an encryption operation, in a stream cipher mode, on plaintext; and
transmitting the set of precomputed block cipher encryption values to another data processing system.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods, media, and systems for, in one embodiment, protecting one or more keys in an encryption and/or decryption process can use precomputed values in the process such that at least a portion of the one or more keys is not used or exposed in the process. In one example of a method, internal states of an AES encryption process are saved for use in a counter mode stream cipher operation in which the key used in the AES encryption process is not exposed or used.
-
Citations
35 Claims
-
1. A machine readable non-transitory storage medium containing executable program instructions which when executed by a data processing system cause the data processing system to perform a method comprising:
-
generating a set of precomputed block cipher encryption values from a key and a set of nonces, the number of nonces in the set of nonces being limited to less than or equal to a number determined from a predetermined maximum plaintext length having a plurality of blocks; storing the set of precomputed block cipher encryption values for use in an encryption operation, in a stream cipher mode, on plaintext; and transmitting the set of precomputed block cipher encryption values to another data processing system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A machine readable non-transitory storage medium containing executable program instructions which when executed by a data processing system cause the data processing system to perform a method comprising:
-
precomputing a set of internal states, within a symmetric key block cipher algorithm in counter mode, using a key and a set of one or more nonces, the set of internal states that are precomputed being those internal states that use the key as an input to an operation, in the symmetric key block cipher algorithm, that produces those internal states; storing the precomputed set of internal states for use in a later encryption or decryption operation, the later encryption or decryption operation being performed without using or exposing at least a portion of the key, wherein the number of nonces in the later encryption or decryption operation is limited to a predetermined value related to a maximum plaintext length having a plurality of blocks; and transmitting the precomputed set of internal states to a client data processing system for use in a decryption operation. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15-24. -24. (canceled)
-
25. A machine readable non-transitory storage medium containing executable program instructions which when executed by a data processing system cause the data processing system to perform a method comprising:
-
transmitting, to a client device, a transmission of a cipher text, the cipher text having been encrypted with a key and a set of nonces using the Advanced Encryption Standard (AES) block encryption algorithm; transmitting, to the client device, a transmission of a set of precomputed block cipher encryption values that were precomputed using the key and the set of nonces, wherein the set of precomputed block cipher encryption values comprise a set of internal states of the block encryption algorithm;
wherein the client device can decrypt the cipher text using the set of precomputed block cipher encryption values, wherein the decrypting is performed without exposing or using at least a portion of the key. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A computer-implemented method comprising:
-
transmitting, to at a client device, a transmission of a cipher text, the cipher text having been encrypted with a key and a set of nonces using the Advanced Encryption Standard (AES) block encryption algorithm; transmitting, to the client device, a transmission of a set of precomputed block cipher encryption values that were precomputed using the key and the set of nonces, wherein the set of precomputed block cipher encryption values comprise a set of internal states of the block encryption algorithm;
wherein the client device can decrypt the cipher text using the set of precomputed block cipher encryption values, wherein the decrypting is performed without exposing or using at least a portion of the key.
-
Specification