Data Encryption and Authentication Using a Mixing Function in a Communication System

US 20170019376A1
Filed: 07/13/2015
Published: 01/19/2017
Est. Priority Date: 07/13/2015
Status: Active Grant

First Claim

Patent Images

1. A system for encrypting data in a communication system, the system comprising one or more logic circuits configured to:

receive a plurality of parameters including at least two of an initial key, a nonce, a sequence number, and a previous key;

apply a bit mix function to generate a subsequent key based on the plurality of parameters for key rolling; and

encrypt data using the subsequent key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of encrypting and authenticating messages in a communication system includes generating new keys by receiving a plurality of parameters including at least one of an initial key, a nonce, a sequence number, and a previous key. The method may include applying a mix function to generate a subsequent key based on the plurality of parameters for key rolling. The method may include encrypting and authenticating data using different subsequent keys.

Citations

20 Claims

1. A system for encrypting data in a communication system, the system comprising one or more logic circuits configured to:
- receive a plurality of parameters including at least two of an initial key, a nonce, a sequence number, and a previous key;
  
  apply a bit mix function to generate a subsequent key based on the plurality of parameters for key rolling; and
  
  encrypt data using the subsequent key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1 wherein the one or more logic circuits being configured to generate the subsequent key using the bit-mix function in at most two clock cycles of the one or more logic circuits.
  - 3. The system of claim 1 wherein the bit-mix function includes at least one of an XOR logic tree, a substitution-permutation network (SPN), and a double-mix Feistel network (DMFN).
  - 4. The system of claim 1 wherein the one or more logic circuits being configured to generate key K[i] as the subsequent key, wherein the bit-mix function is used in an equation of at least one of:
    - K[i]=MIX(K[i−
      
      1]),
      K[i]=MIX(K[i−
      
      1],i),
      K[i]=MIX(K[0],nonce), or
      K[i]=MIX(K[i−
      
      1],nonce),where i is the sequence number, K[0] is the initial key, MIX is the bit-mix function, and K[i−
      
      1] is the previous key.
  - 5. The system of claim 1 wherein the one or more logic circuits being configured to encrypt a predetermined number of blocks of the data using the subsequent key for encrypting.
  - 6. The system of claim 5 wherein the one or more logic circuits being configured to reapply the bit-mix function to generate the subsequent key after the predetermined number of blocks of the data have been encrypted.
  - 7. The system of claim 1 wherein the one or more logic circuits being configured to authenticate a message using the subsequent key.
  - 8. The system of claim 1 wherein the one or more logic circuits being configured to perform at least one of:
    - applying the bit-mix function according to an amount of secret random key material generated from one of a single key, a random number generator, and a combination of the single key and the random number generator; and
      
      using one or more of an identification (ID) of a sender, an ID of a recipient, a current date, and a time stamp in the bit-mix function to generate a subsequent key based on the plurality of parameters.
  - 9. The system of claim 1 wherein the bit-mix function is both an invertible function and a non-linear function.
  - 10. The system of claim 1 wherein the one or more logic circuits being configured to perform at least one of:
    - applying the bit-mix function according to an amount of secret random key material generated from one single key, a random number generator, or a combination of the single key and the random number generator, wherein the bit-mix function is an invertible function, and a non-linear function; and
      
      using at least one of an identification (ID) of a sender, an ID of a recipient, a current date, and a time stamp in the bit-mix function to generate a subsequent key based on the plurality of parameters.

11. A method for encrypting data in a communication system, the method comprising:
- receiving a plurality of parameters including at least two of an initial key, a nonce, a sequence number, and a previous key;
  
  applying a bit-mix function to generate a subsequent key based on the plurality of parameters for key rolling; and
  
  encrypting data using the subsequent key.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The method of claim 11 further comprising generating the subsequent key using the bit-mix function in at most two clock cycles of the one or more logic circuits.
  - 13. The method of claim 11 further comprising using at least one of an XOR logic tree, a substitution-permutation network (SPN), and a double-mix Feistel network in the bit-mix function.
  - 14. The method of claim 13 further comprising generating key K[i] as the subsequent key, wherein the bit-mix function is used in at least one of the following equations:
    - K[i]=MIX(K[i−
      
      1]),
      K[i]=MIX(K[i−
      
      1],i),
      K[i]=MIX(K[0],nonce), or
      K[i]=MIX(K[i−
      
      1],nonce),where i is the sequence number, K[0] is the initial key, MIX is the bit-mix function, and K[i−
      
      1] is the previous key.
  - 15. The method of claim 11 further comprising encrypting a predetermined number of blocks of the data using the subsequent key for encrypting.
  - 16. The method of claim 11 further comprising reapplying the bit-mix function to generate the subsequent key after a predetermined number of predetermined sized blocks of the data have been encrypted.
  - 17. The method of claim 11 further comprising authenticating a message using the subsequent key.

18. A method for providing security in a communication system, the method comprising:
- receiving a plurality of parameters including at least two of an initial key, a nonce, a sequence number, and a previous key;
  
  applying a bit-mix function to generate a subsequent key based on the plurality of parameters, wherein at least one of an XOR logic tree, a substitution-permutation network (SPN), and a double-mix Feistel network is included in the bit-mix function; and
  
  encrypting data using the subsequent key.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18 further comprising generating key K[i] as the subsequent key, wherein the bit-mix function is used in at least one of the following equations:
    - K[i]=MIX(K[i−
      
      1]),
      K[i]=MIX(K[i−
      
      1],i),
      K[i]=MIX(K[0],nonce), or
      K[i]=MIX(K[i−
      
      1],nonce),where i is the sequence number, K[0] is the initial key, MIX is the bit-mix function, and K[i−
      
      1] is the previous key.
  - 20. The method of claim 18 further comprising performing at least one of:
    - encrypting a predetermined number of blocks of the data using the subsequent key for encrypting;
      
      reapplying the bit-mix function to generate the subsequent key after a predetermined number of predetermined sized blocks of the data have been encrypted;
      
      authenticating a message using the subsequent key; and
      
      decrypting the data using an alternative subsequent key generated by the bit-mix function.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The Boeing Co.
Original Assignee
The Boeing Co.
Inventors
Hars, Laszlo

Granted Patent

US 10,122,690 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/0428 wherein the data content is...

H04L 63/068 using time-dependent keys, ...

Data Encryption and Authentication Using a Mixing Function in a Communication System

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Data Encryption and Authentication Using a Mixing Function in a Communication System

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links