Block cipher system for data security

US 3,958,081 A
Filed: 02/24/1975
Issued: 05/18/1976
Est. Priority Date: 02/24/1975
Status: Expired due to Term

First Claim

Patent Images

1. A device for ciphering a message block of data bits under control of a set of cipher key bits by a predetermined number of iteration operations, said cipher device comprising:

first store means storing a first half of said message block of data bits,second store means storing a second half of said message block of data bits,control means including third store means storing said set of cipher key bits, andfirst linear transformation means connected to said third store means producing a permuted set of cipher key bits from said set of cipher key bits,expansion means connected to said first store means duplicating predetermined ones of the data bits of the first half of said message block to produce an expanded first half of said message block containing data bits equal in number to the number of cipher key bits in said permuted set of cipher key bits,means connected to said expansion means and said control means carrying out a substitution transformation function in accordance with the data bits of said expanded first half of said message block and the cipher key bits of said permuted set of cipher key bits to produce a substitution set of bits equal in number to the number of bits in the first half of said message block,second linear transformation means connected to said substitution transformation means producing a permuted substitution set of bits,the combined transformation performed by said substitution transformation means and said second linear transformation means resulting in a product block cipher of the first half of said message block,means connected to said second store means and said second linear transformation means modifying the data bits of the second half of said message block in accordance with the product block cipher of the first half of said message block to produce a set of bits representing a modified second half of said message block,means connected between said modifying means and said first store means to load said modified second half of said message block from said modifying means into said first store means, andmeans connected between said first store means and said second store means to load the first half of said message block from said first store means into said second store means concurrently with said modified second half of said message block being loaded into said first store means to complete a first iteration operation of said cipher device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device for ciphering message blocks of data bits under control of a cipher key. The cipher device performs an enciphering process for each message block of data by carrying out a predetermined number of iteration operations in the first of which a first half of the message block of data bits is first expanded by duplicating predetermined ones of the data bits. The data bits of the expanded message block are combined by modulo-2 addition with an equal number of cipher key bits, selected in accordance with an arbitrary but fixed permutation, to produce a plurality of multi-bit segments forming the arguments for a plurality of different nonlinear substitution function boxes. The substitution boxes perform a plurality of nonlinear transformation functions to produce a substitution set of bits which are equal in number to the number of data bits in the first half of the message block. The substitution set of bits is then subjected to a linear transformation in accordance with an arbitrary but fixed permutation. The combined nonlinear transformation and linear transformation results in a product block cipher of the first half of the message block. The second half of the message block is then modified by modulo-2 addition with the product block cipher of the first half of the message block to produce a modified second half of the message. The modified second half of the message block then replaces the first half of the message block which at the same time replaces the second half of the message block in preparation for the next iteration operation. During the next iteration operation, the cipher key bits are shifted according to a predetermined shift schedule to provide a new set of permuted cipher key bits. The modified second half of the message block is then used with the new set of permuted cipher ket bits in a similar product block cipher operation, the result of which is used to modify the first half of the message block. The modified first half of the message block then replaces the modified second half of the message block which at the same time replaces the first half of the message block in preparation for the next iteration operation. During each of the remaining iteration operations of the enciphering process except the last, the cipher key bits are shifted according to the predetermined shift schedule, a modified half of the message block is remodified according to a product block cipher of the previously modified half of the message block and the resulting remodified half of a message block is effectively transposed with the previously modified half of the message block. During the last iteration operation, the cipher key bits are shifted a last time according to the shift schedule and a last remodification of a modified half of the message block is performed according to a product block cipher of the previously modified half of the message block but the resulting remodified half of the message block and the previously modified half of the message block are not transposed and now constitute the enciphered version of the original message block. Deciphering an enciphered message block is carried out by the same series of iteration operations under control of the same cipher key shifted during the iteration operations according to a predetermined shift schedule in a direction opposite to that in the enciphering process to reverse the enciphering process and undo every iteration that was carried out in the enciphering process to produce a resulting message block identical with the original message block.

256 Citations

16 Claims

1. A device for ciphering a message block of data bits under control of a set of cipher key bits by a predetermined number of iteration operations, said cipher device comprising:
- first store means storing a first half of said message block of data bits,second store means storing a second half of said message block of data bits,control means including third store means storing said set of cipher key bits, andfirst linear transformation means connected to said third store means producing a permuted set of cipher key bits from said set of cipher key bits,expansion means connected to said first store means duplicating predetermined ones of the data bits of the first half of said message block to produce an expanded first half of said message block containing data bits equal in number to the number of cipher key bits in said permuted set of cipher key bits,means connected to said expansion means and said control means carrying out a substitution transformation function in accordance with the data bits of said expanded first half of said message block and the cipher key bits of said permuted set of cipher key bits to produce a substitution set of bits equal in number to the number of bits in the first half of said message block,second linear transformation means connected to said substitution transformation means producing a permuted substitution set of bits,the combined transformation performed by said substitution transformation means and said second linear transformation means resulting in a product block cipher of the first half of said message block,means connected to said second store means and said second linear transformation means modifying the data bits of the second half of said message block in accordance with the product block cipher of the first half of said message block to produce a set of bits representing a modified second half of said message block,means connected between said modifying means and said first store means to load said modified second half of said message block from said modifying means into said first store means, andmeans connected between said first store means and said second store means to load the first half of said message block from said first store means into said second store means concurrently with said modified second half of said message block being loaded into said first store means to complete a first iteration operation of said cipher device.
- View Dependent Claims (2, 3)
- - 2. A cipher device as defined in claim 1 wherein a second iteration operation of said cipher device is performed and further comprising:
    - means effective during said second iteration operation to shift said set of cipher key bits in said control means in a predetermined direction according to a predetermined shift schedule to produce a new permuted set of cipher key bits,said cipher device being further effective during said second iteration operation to modify the first half of said message block of data stored in said second store means in accordance with said modified second half of said message block of data stored in said first store means and said new permuted set of cipher key bits produced by said control means to produce a modified first half of said message block of data in a similar manner in which the second half of said message block was modified during said first iteration operation and concurrently load said modified first half of said message block from said modifying means into said first store means and said modified second half of said message block from said first store means into said second store means to complete said second iteration operation of said cipher device.
  - 3. A cipher device as defined in claim 2 wherein the remaining iteration operations of said predetermined number of iteration operations are each performed in a similar manner as is performed in said second iteration operation to repetitivelyshift each set of cipher key bits in said control means in said predetermined direction according to said predetermined shift schedule to produce another new permuted set of cipher key bits in each remaining iteration operation,remodify each modified half of said message block of data stored in said second store means in accordance with each previously modified half of said message block of data stored in said first store means and each other new permuted set of cipher key bits produced by said control means to produce a remodified half of said message block of data stored in said second store means in each remaining iteration operation, andconcurrently load each presently remodified half of said message block of data from said modifying means into said first store means and each previously modified half of said message block of data from said first store means into said second store means in each remaining iteration operation except the last, and further comprising:
    - first output means,second output means,means connected between said first store means and said first output means effective after the last iteration operation to transfer the previously modified half of said message block from said first store means to said first output means, andmeans connected between said modifying means and said second output means effective after the last iteration operation to transfer the presently remodified half of said message block from said modifying means to said second output means,whereby said first and second output means contains a cipher of said message block of data bits.

4. A device for enciphering message blocks of data bits under control of a set of cipher key bits by a predetermined number of iteration operations, said cipher device comprising:
- first store means storing a first half of message block of data bits,second store means storing a second half of a message block of data bits,control means including third store means storing said set of cipher key bits, andfirst linear transformation means connected to said third store means producing a permuted set of cipher key bits from said set of cipher key bits,means shifting said set of cipher key bits in said control means in a predetermined direction according to a predetermined shift schedule to produce a preshifted permuted set of cipher key bits,expansion means connected to said first store means duplicating predetermined ones of the data bits of the first half of said message block to produce an expanded first half of said message block containing data bits equal in number to the number of cipher key bits in said preshifted permuted set of cipher key bits,means connected to said expansion means and said control means carrying out a substitution transformation function in accordance with the data bits of said expanded first half of said message block and the cipher ket bits of said preshifted permuted set of cipher key bits to produce a substitution set of bits equal in number to the number of bits in the first half of said message block, lsecond linear transformation means connected to said substitution transformation means producing a permuted substitution set of bits,means connected to said second store means and said second linear transformation means modifying the data bits of the second half of said message block in accordance with said permuted substitution set of bits to produce a set of data bits representing a modified second half of said message block,means connected between said modifying means and said first store means to load said modified second half of said message block of data from said modifying means into said first store means, andmeans connected between said first store means and said second store means to load the first half of said message block of data from said first store means into said second store means concurrently with said modified second half of said message block of data being loaded into said first store means to complete a first iteration operation of said encipher device,whereby said encipher device is effective during a second iteration operation to shift the set of cipher key bits in said control means in said predetermined direction according to said predetermined shift schedule to produce a new permuted set of cipher key bits, modify the first half of said message block of data stored in said second store means in accordance with the modified second half of said message block of data stored in said first store means and said new permuted set of cipher key bits to produce a modified first half of said message block of data and concurrently load the modified first half of said message block of data from said modifying means into said first store means and the modified second half of said message block of data from said first store means into said second store means.
- View Dependent Claims (5)
- - 5. An encipher device as defined in claim 4 wherein the remaining iteration operations of said predetermined number of iteration operations are each performed in a similar manner as is performed in said second iteration operation to repetitivelyshift each set of cipher key bits in said control means in said predetermined direction according to said predetermined shift schedule to produce another new permuted set of cipher key bits in each remaining iteration operation,remodify each modified half of said message block of data stored in said second store means in accordance with each previously modified half of said message block of data stored in said first store means and each other new permuted set of cipher key bits to produce a remodified half of said message block of data, stored in said second store means in each remaining iteration operation, andconcurrently load each presently remodified half of said message block of data from said modifying means to said first store means and each previously modified half of said message block of data from said first store means to said second store means in each remaining iteration operation except the last, and further comprising:
    - first output means,second output means,means connected between said first store means and said first output means effective after the last iteration operation to transfer the previously remodified half of said message block from said first store means to said first output means, andmeans connected between said modifying means and said second output means effective after the last iteration operation to transfer the presently remodified half of said message block from said modifying means to said second output means,whereby said first and second output means contains an encipher of said message block of data bits.

6. A device for enciphering 64-bit message blocks of data under control of a set of cipher key bits by a predetermined number of iteration operations, said encipher device comprising:
- first store means storing a 32-bit first half of a message block of data,second store means storing a 32-bit second half of a message block of data,control means including third store means storing said set of cipher key bits, andfirst linear transformation means connected to said third store means producing a 48-bit permuted set of cipher key bits from said set of cipher key bits,means shifting said set of cipher key bits in said control means in a predetermined direction according to a predetermined shift schedule to produce a preshifted 48-bit permuted set of cipher key bits,expansion means connected to said first store means duplicating 16 predetermined ones of the data bits of the 32-bit first half of said message block to produce an expanded 48-bit first half of said message block,means connected to said expansion means and said control means carrying out a substitution transformation function in accordance with the 48 data bits of said expanded first half of said message block and the 48 cipher key bits of said preshifted permuted set of cipher key bits to produce a substitution set of 32 bits,second linear transformation means connected to said substitution transformation means producing a permuted substitution set of 32 bits,means connected to said second store means and said second linear transformation means modifying the data bits of the 32-bit second half of said message block in accordance with said permuted substitution set of 32 bits to produce a set of 32 data bits representing a modified second half of said message block,means connected between said modifying means and said first store means to load said modified 32-bit second half of said message block of data from said modifying means into said first store means, andmeans connected between said first store means and said second store means to load the 32-bit first half of said message block of data from said first store means into said second store means concurrently with said modified 32-bit second half of said message block of data being loaded into said first store means to complete a first iteration operation of said encipher device,whereby said encipher device is effective during a second iteration operation to shift the set of cipher key bits in said control means in said predetermined direction according to said predetermined shift schedule to produce a new 48-bit permuted set of cipher key bits, modify the 32-bit first half of said message block of data stored in said second store means in accordance with the modified 32-bit second half of said message block of data stored in said first store means and said new 48-bit permuted set of cipher key bits to produce a modified 32-bit first half of said message block of data and concurrently load the modified 32-bit first half of said message block of data from said modifying means into said first store means and the modified 32-bit second half of said message block of data from said first store means into said second store means.
- View Dependent Claims (7)
- - 7. An encipher device as defined in claim 6 wherein the remaining iteration operations of said predetermined number of iteration operations are each performed in a similar manner as is performed in said second iteration operation to repetitivelyshift each set of cipher key bits in said control means in said predetermined direction according to said predetermined shift schedule to produce another new 48-bit permuted set of cipher key bits in each remaining iteration operation,remodify each modified 32-bit half of said message block of data stored in said second store means in accordance with each previously modified 32-bit half of said message block of data stored in said first store means and each other new 48-bit permuted set of cipher key bits to produce a remodified 32-bit half of said message block of data stored in said second store means in each remaining iteration operation, andconcurrently load each presently remodified 32-bit half of said message block of data from said modifying means to said first store means and each previously modified 32-bit half of said message block of data from said first store means to said second store means in each remaining iteration operation except the last, and further comprising:
    - first output means,second output means,means connected between said first store means and said first output means effective after the last iteration operation to transfer the previously remodified 32-bit half of said message block from said first store means to said first output means, andmeans connected between said modifying means and said second output means effective after the last iteration operation to transfer the presently remodified 32-bit half of said message block from said modifying means to said second output means,whereby said first and second output means contains a 64-bit encipher of said 64-bit message block of data.

8. A device for deciphering enciphered message blocks of data bits under control of a set of cipher key bits by a predetermined number of iteration operations, said deciper device comprising:
- first store means storing a first half of an enciphered message block of data bits,second store means storing a second half of an enciphered message block of data bits,control means including third store means storing said set of cipher key bits, andfirst linear transformation means connected to said third store means producing a permuted set of cipher key bits from said set of cipher key bits,expansion means connected to said first store means duplicating predetermined ones of the data bits of the first half of said enciphered message block to produce an expanded first half of said enciphered message block containing data bits equal in number to the number of cipher key bits in said permuted set of cipher key bits,means connected to said expansion means and said control means carrying out a substitution transformation function in accordance with the data bits of said expanded first half of said enciphered message block and the cipher key bits of said permuted set of cipher key bits to produce a substitution set of bits equal in number to the number of bits in the first half of said enciphered message block,second linear transformation means connected to said substitition transformation means producing a permuted substitution set of bits,means connected to said second store means and said second linear transformation means modifying the data bits of the second half of said enciphered message block in accordance with said permuted substitution set of bits to produce a set of data bits representing a modified second half of said enciphered message block,means connected between said modifying means and said first store means to load said modified second half of said enciphered message block of data from said modifying means into said first store means,means connected between said first store means and said second store means to load the first half of said enciphered message block of data from said first store means into said second store means concurrently with said modified second half of said enciphered message block of data being loaded into said first store means to complete a first iteration operation of said decipher device, andmeans effective during a second iteration operation to shift said set of cipher key bits in said control means in a predetermined direction according to a predetermined shift schedule to produce a new permuted set of cipher key bits,whereby said decipher device is further effective during said second iteration operation to modify the first half of said enciphered message block of data stored in said second store means in accordance with the modified second half of said enciphered message block of data stored in said first store means and said new permuted set of cipher key bits to produce a modified first half of said enciphered message block of data and concurrently load the modified first half of said enciphered message block of data from said modifying means into said first store means and the modified second half of said enciphered message block of data from said first store means into said second store means to complete said second iteration operation of said decipher device.
- View Dependent Claims (9)
- - 9. A decipher device as defined in claim 8 wherein the remaining iteration operations of said predetermined number of iteration operations are each performed in a similar manner as is performed in said second iteration operation to repetitivelyshift each set of cipher key bits in said control means in said predetermined direction according to said predetermined shift schedule to produce another new permuted set of cipher key bits in each remaining iteration operation,remodify each modified half of said enciphered message block of data stored in said second store means in accordance with each previously modified half of said enciphered message block of data stored in said first store means and each other new permuted set of cipher key bits to produce a remodified half of said enciphered message block of data stored in said second store means in each remaining iteration operation, andconcurrently load each presently remodified half of said enciphered message block of data from said modifying means into said first store means and each previously modified half of said enciphered message block of data from said first store means into said second store means in each remaining iteration operation except the last, and further comprising:
    - first output means,second output means,means connected between said first store means and said first output means effective after the last iteration operation to transfer the previously modified half of said enciphered message block from said first store means to said first output means, andmeans connected between said modifying means and said second output means effective after the last iteration operation to transfer the presently remodified half of said enciphered message block from said modifying means to said second output means,whereby said first and second output means contains a decipher of said enciphered message block of data,said shifting means postshifting the set of cipher key bits in said control means in said predetermined direction according to said predetermined shift schedule after the last iteration operation to complete a revolution of the set of cipher key bits through said third store means of said control means in preparation for deciphering the next enciphered message block of data.

10. A device for deciphering 64-bit enciphered message blocks of data under control of a set of cipher key bits by a predetermined number of iteration operations, said decipher device comprising:
- first store means storing a 32-bit first half of an enciphered message block of data,second store means storing a 32-bit second half of a message block of data,control means including third store means storing said set of cipher key bits, andfirst linear transformation means connected to said third store means producing a 48-bit permuted set of cipher key bits from said set of cipher key bits,expansion means connected to said first store means duplicating 16 predetermined ones of the data bits of the 32-bit first half of said enciphered message block to produce an expanded 48-bit first half of said enciphered message block,means connected to said expansion means and said control means carrying out a substitution transformation function in accordance with the 48 data bits of said expanded first half of said enciphered message block and the 48 cipher key bits of said permuted set of cipher key bits to produce a substitution set of 32 bits,second linear transformation means connected to said substitution transformation means producing a permuted substitution set of 32 bits,means connected to said second store means and said second linear transformation means modifying the data bits of the 32-bit second half of said enciphered message block in accordance with said permuted substitution set of 32 bits to produce a set of 32 data bits representing a modified second half of said enciphered message block,means connected between said modifying means and said first store means to load said modified 32-bit second half of said enciphered message block of data from said modifying means into said first store means,means connected between said first store means and said second store means to load the 32-bit first half of said enciphered message block of data from said first store means into said second store means concurrently with said modified 32-bit second half of said enciphered message block of data being loaded into said first store means to complete a first iteration operation of said decipher device, andmeans effective during a second iteration operation to shift said set of cipher key bits in said control means in a predetermined direction according to a predetermined shift schedule to produce a new 48-bit permuted set of cipher key bits,whereby said decipher device is effective during said second iteration operation to modify the 32-bit first half of said enciphered message block of data stored in said second store means in accordance with the modified 32-bit second half of said enciphered message block of data stored in said first store means and said new 48-bit permuted set of cipher key bits to produce a modified 32-bit first half of said enciphered message block of data and concurrently load the modified 32-bit first half of said enciphered message block of data from said modifying means into said first store means and the modified 32-bit half of said enciphered message block of data from said first store means into said second store means to complete said second iteration operation of said decipher device.
- View Dependent Claims (11)
- - 11. A decipher device as defined in claim 10 wherein the remaining iteration operations of said predetermined number of iteration operations are each performed in a similar manner as is performed in said second iteration operation to repetitivelyshift each set of cipher key bits in said control means in said predetermined direction according to said predetermined shift schedule to provide another new 48-bit permuted set of cipher key bits in each remaining iteration operation,remodify each modified 32-bit half of said enciphered message block of data stored in said second store means in accordance with each previously modified 32-bit half of said enciphered message block of data stored in said first store means and each other new 48-bit permuted set of cipher key bits to produce a remodified 32-bit half of said enciphered message block of data stored in said store means in each remaining iteration operation, andconcurrently load each presently remodified 32-bit half of said enciphered message block of data from said modifying means into said first store means and each previously modified 32-bit half of said enciphered message block of data from said first store means into said second store means in each remaining iteration operation except the last, and further comprising:
    - first output means,second output means,means connected between said first store means and said first output means effective after the last iteration operation to transfer the previously modified 32-bit half of said enciphered message block from said first store means to said first output means, andmeans connected between said modifying means and said second output means effective after the last iteration operation to transfer the presently remodified 32-bit half of said message block from said modifying means to said second output means,whereby said first and second output means contains a 64-bit decipher of said 64-bit enciphered message block of data bits,said shifting means postshifting the set of cipher key bits in said control means in said predetermined direction according to said predetermined shift schedule after the last iteration operation to complete a revolution of the set of cipher key bits through said third store means of said control means in preparation for deciphering the next enciphered message block of data.

12. In a data processing network having a sending station including an encipher device to encipher a message block of data bits under control of a first set of cipher key bits by a predetermined number of iteration operations for transmission to a receiving station including a decipher device to decipher said enciphered message block of data bits under control of a second set of cipher key bits by an equal predetermined number of iteration operations, said encipher device of said sending station comprising:
- first store means storing a first half of said message block of data bits,second store means storing a second half of said message block of data bits,first control means including third store means storing said first set of cipher key bits, andfirst linear transformation means connected to said third store means producing a permuted set of cipher key bits from said first set of cipher key bits,first expansion means connected to said first store means duplicating predetermined ones of the data bits of the first half of said message block to produce an expanded first half of said message block containing data bits equal in number to the number of cipher key bits in said permuted set of cipher key bits,first substitution transformation means connected to said first expansion means and said first control means carrying out a substitution transformation function in accordance with the data bits of said expanded first half of said message block and the cipher key bits of said permuted set of cipher key bits to produce a first substitution set of bits equal in number to the number of bits in the first half of said message block,second linear transformation means connected to said first substitution transformation means producing a permuted first substitution set of bits,first modifying means connected to said second store means and said second linear transformation means modifying the data bits of the second half of said message block in accordance with said permuted first substitution set of bits to produce a set of bits representing a modified second half of said message block,means connected between said first modifying means and said first store means to load said modified second half of said message block from said first modifying means into said first store means,means connected between said first store means and said second store means to load the first half of said message block from said first store means into said second store means concurrently with said modified second half of said message block being loaded into said first store means to complete a first iteration operation of said encipher device,means effective during a second iteration operation to shift said first set of cipher key bits in said first control means in a first direction according to a first predetermined shift schedule to produce a new permuted set of cipher key bits,said encipher device being further effective during said second iteration operation to modify the first half of said message block of data stored in said second store means in accordance with said modified second half of said message block of data stored in said first store means and said new permuted set of cipher key bits to produce a modified first half of said message block of data in a similar manner in which the second half of said message block was modified during said first iteration operation of said encipher device and concurrently load said modified first half of said message block from said first modifying means into said first store means and said modified second half of said message block from said first store means into said second store means to complete said second iteration operation of said encipher device,said encipher device being further effective during the remaining iteration operations of said predetermined number of iteration operations each of which is performed in a similar manner as is performed in said second iteration operation to repetitivelyshift each set of cipher key bits in said first control means in said first direction according to said first predetermined shift schedule to produce another new permuted set of cipher key bits in each remaining iteration operation,remodify each modified half of said message block of data stored in said second store means in accordance with each previously modified half of said message block of data stored in said first store means and each other new permuted set of cipher key bits to produce a remodified half of said message block of data stored in said second store means in each remaining iteration operation, andconcurrently load each presently remodified half of said message block of data from said first modifying means into said first store means and each previously modified half of said message block of data from said first store means into said second store means in each remaining iteration operation except the last,first output means,second output means,means connected between said first store means and said first output means effective after the last iteration operation to transfer the previously modified half of said message block from said first store means to said first output means,means connected between said first modifying means and said second output means effective after the last iteration operation to transfer the presently remodified half of said message block from said first modifying means to said second output means, whereby said first and second output means contain an encipher of said message block of data, andmeans to control said first and second output means to transmit said enciphered message block of data bits from said output means to said receiving station.
- View Dependent Claims (13)
- - 13. In a data processing network as defined in claim 12 wherein said decipher device of said receiving station comprises:
    - fourth store means for receiving and storing a first half of said enciphered message block of data bits,fifth store means for receiving and storing a second half of said enciphered message block of data bits,second control means including sixth store means for storing said second set of cipher key bits, andthird linear transformation means connected to said sixth store means producing a permuted set of cipher bits from said second set of cipher key bits,second expansion means connected to said fourth store means duplicating predetermined ones of the data bits of the first half of said enciphered message block to produce an expanded first half of said enciphered message containing data bits equal in number to the number of cipher key bits in said permuted set of cipher key bits produced by said second control means,second substitution transformation means connected to said second expansion means and said second control means carrying out a substitution transformation function in accordance with said expanded first half of said enciphered modified block and the cipher bits of said permuted set of cipher key bits produced by said second control means to produce a second substitution set of bits equal in number to the number of bits in the first half of said enciphered message block,fourth linear transformation means connected to said second substitution transformation means producing a permuted second substitution set of bits,second modifying means connected to said fifth store means and said fourth linear transformation means modifying the data bits of the second half of said enciphered message block in accordance with said permuted second substitution set of bits to produce a set of bits representing a modified second half of said enciphered message block,means connected between said second modifying means and said fourth store means to load said modified second half of said enciphered message block from said second modifying means into said fourth store means,means connected between said fourth store means and said fifth store means to load the first half of said enciphered message block from said fourth store means into said fifth store means concurrently with said modified second half of said enciphered message block being loaded into said fourth store means to complete a first iteration operation of said decipher device,means effective during a second iteration operation of said decipher device to shift said second set of cipher key bits in said second control means in a second direction opposite to said first direction of cipher key shifting of said encipher device according to a second predetermined shift schedule to produce a new permuted set of cipher key bits from said second control means,said decipher device being further effective during said second iteration operation to modify the first half of said enciphered message block of data stored in said fifth store means in accordance with said modified second half of said enciphered message block of data stored in said fourth store means and said new permuted set of cipher key bits produced by said second control means to produce a modified first half of said enciphered message block of data in a similar manner in which the second half of said enciphered message block was modified during said first iteration operation of said decipher device and concurrently load said modified first half of said enciphered message block from said second modifying means into said fourth store means and said modified second half of said enciphered message block from said fourth store means into said fifth store means to complete said second iteration operation of said decipher device,said decipher device being further effective during the remaining iteration operations of said predetermined number of iteration operations each of which is performed in a similar manner as is performed in said second iteration operation of said decipher device to repetitivelyshift each set of cipher key bits in said second control means in said second direction according to said second predetermined shift schedule to provide another new permuted set of cipher key bits from said second control means in each remaining iteration operation,remodify each modified half of said enciphered message block of data stored in said fifth store means in accordance with each previously modified half of said enciphered message block of data stored in said fourth store means and each other new permuted set of cipher key bits produced by said second control means to produce a remodified half of said enciphered message block of data in each remaining iteration operation, andconcurrently load each presently remodified half of said enciphered message block of data from second modifying means into said fourth store means and each previously modified half of said enciphered message block of data from said fourth store means into said fifth store means in each remaining iteration operation except the last,third output means,fourth output means,means connected between said fourth store means and said third output means effective after the last iteration operation of said decipher device to transfer the previously modified half of said enciphered message block from said fourth store means to said third output means, andmeans connected between said second modifying means and said fourth output means effective after the last iteration operation of said decipher device to transfer the presently remodified half of said enciphered message block from said second modifying means to said fourth output means,whereby said third and fourth output means contains said decipher of said enciphered message block of data.

14. A process for performing a cipher operation on a message block of data bits comprising the steps of:
- a. storing a first half of said message block of data bits in a first store means,b. storing a second half of said message block of data bits in a second store means,c. storing a set of cipher key bits in a third store means,d. linearly transforming said set of cipher key bits stored in said third store means to produce a transformed set of cipher key bits,e. duplicating predetermined ones of the data bits stored in said first store means to produce an expanded set of data bits equal in number to the number of cipher key bits in said transformed set of cipher key bits,f. carrying out a substitution transformation function in accordance with the data bits of said expanded set of data bits and the cipher key bits of said transformed set of cipher key bits to produce a substitution set of bits equal in number to the number of bits stored in said first store means,g. linearly transforming said substitution set of bits to produce a transformed substitution set of bits,h. modifying the data bits stored in said second store means in accordance with said transformed substitution set of bits to produce a set of bits representing a modified half of said message block of data,i. concurrently transferring said modified half of said message block of data to said first store means and the half of said message block of data stored in said first store means to said second store means,j. shifting said set of cipher key bits in said third store means in a predetermined direction according to a predetermined shift schedule to produce a new set of cipher key bits,k. repeating steps d to i to modify the half of said message block of data stored in said second store means in accordance with the modified half of said message block of data stored in said first store means and said new set of cipher key bits stored in said third store means to produce a modified half of said message block of data and concurrently transfer the presently modified half of said message block of data to said first store means and said previously modified half of said message block of data from said first store means to said second store means, andl. repeating steps j and k for a predetermined number of iterations to repetitively shift each new set of cipher key bits in said third store means in said predetermined direction according to said predetermined shift schedule to produce another new set of cipher key bits in each iteration, remodify each modified half of said message block of data store in said second store means in accordance with each modified half of said message block of data stored in said first store means and each other new set of cipher key bits in each iteration to produce a remodified half of said message block of data, and concurrently transfer each presently remodified half of said message block of data to said first store means and each previously remodified half of said message block of data from said first store means to said second store means in each iteration except the last,whereby the combination of said previously remodified half of said message block of data produced during the next to the last iteration and stored in said first store means and the presently remodified half of said message block of data produced during the last iteration represent a cipher of said message block of data.

15. A process for enciphering message blocks of data bits comprising the steps of:
- a. storing a first half of a message block of data bits in a first store means,b. storing a second half of a message block of data bits in a second store means,c. storing a set of cipher key bits in a third store means,d. preshifting said set of cipher key bits in said third store means in a predetermined direction according to a predetermined shift schedule to provide a shifted set of cipher key bits,e. linearly transforming said shifted set of cipher key bits stored in said third store means to produce a transformed set of cipher key bits,f. duplicating predetermined ones of the data bits stored in said first store means to produce an expanded set of data bits equal in number to the number of cipher key bits in said transformed set of cipher key bits,g. carrying out a substitution transformation function in accordance with the data bits of said expanded set of data bits and the cipher key bits of said transformed set of cipher key bits to produce a substitution set of bits equal in number to the number of bits stored in said first store means,h. linearly transforming said substitution set of bits to produce a transformed substitution set of bits,i. modifying the data bits stored in said second store means in accordance with said transformed substitution set of bits to produce a set of data bits representing a modified half of said message block of data,j. concurrently transferring said modified half of said message block of data to said first store means and the half of said message block of data stored in said first store means to said second store means,k. shifting said set of cipher key bits in said third store means in said predetermined direction according to said predetermined shift schedule to produce a new set of cipher key bits,l. repeating steps e to j to modify the half of said message block of data stored in said second store means in accordance with the modified half of said message block of data stored in said first store means and said new set of cipher key bits stored in said third store means to produce a modified half of said message block of data and concurrently transfer the presently modified half of said message block of data to said first store means and said previously modified half of said message block of data from said first store means to said second store means,m. repeating steps k and l for a predetermined number of iterations to repetitively shift each new set of cipher key bits in said third store means in said predetermined direction according to said predetermined shift schedule to produce another new set of cipher key bits in each iteration, remodify each modified half of said message block of data stored in said second store means in accordance with each modified half of said message block of data stored in said first store means and each other new set of cipher key bits to produce a remodified half of said message block of data in each iteration, and concurrently transfer each presently remodified half of said message block of data to said first store means and each previously remodified half of said message block of data from said first store means to said second store means in each iteration except the last,whereby the combination of said previously remodified half of said message block of data produced during the next to the last iteration and stored in said first store means and the presently remodified half of said message block of data produced during the last iteration represent an encipher of said message block of data, andn. repeating steps a to m repetitively to encipher succeeding message blocks of data.

16. A process for deciphering enciphered message blocks of data comprising the steps of:
- a. storing a first half of an enciphered message block of data bits in a first store means,b. storing a second half of an enciphered message block of data bits in a second store means,c. storing a set of cipher key bits in a third store means,d. linearly transforming said set of cipher key bits stored in said third store means to produce a transformed set of cipher key bits,e. duplicating predetermined ones of the data bits stored in said first store means to produce an expanded set of data bits equal in number to the number of cipher key bits in said transformed set of cipher key bits,f. carrying out a substitution transformation function in accordance with the data bits of said expanded set of data bits and the cipher key bits of said transformed set of cipher key bits to produce a substitution set of bits equal in number to the number of bits stored in said first store means,g. linearly transforming said substitution set of bits to produce a transformed substitution set of bits,h. modifying the data bits stored in said second store means in accordance with said transformed substitution set of bits to produce a set of data bits representing a modified half of said enciphered message block of data,i. concurrently transferring said modified half of said enciphered message block of data to said first store means and the half of said enciphered message block of data stored in said first store means to said second store means,j. shifting said set of cipher key bits in said third store means in a predetermined direction according to a predetermined shift schedule to present a new set of cipher key bits,k. repeating steps d to i to modify the half of said enciphered message block of data stored in said second store means in accordance with the modified half of said enciphered message block of data stored in said first store means and said new set of cipher key bits stored in said third store means and concurrently transfer the presently modified half of said enciphered message block of data to said first store means and said previously modified half of said enciphered message block of data from said first store means to said second store means,l. repeating steps j and k for a predetermined number of iterations to repetitively shift each new set of cipher key bits in said third store means in said predetermined direction according to said predetermined shift schedule to provide another new set of cipher key bits in each iteration, remodify each modified half of said enciphered message block of data store in said second store means in accordance with each modified half of said enciphered message block of data stored in said first store means and each other new set of cipher key bits in each iteration, and concurrently transfer each presently remodified half of said enciphered message block of data to said first store means and each previously remodified half of said enciphered message block of data from said first store means to said second store means in each iteration except the last,whereby the combination of said previously remodified half of said enciphered message block of data produced during the next to the last iteration and stored in said first store means and the presently remodified half of said enciphered message block of data produced during the last iteration represent a decipher of said enciphered message block of data.m. post shifting the set of cipher key bits in said third store means in said predetermined direction according to said predetermined shift schedule after the last iteration to complete a revolution of said set of cipher key bits through said third store means, andn. repeating steps a to m repetitively to decipher succeeding enciphered message blocks of data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Meyer, Carl H. W., Ehrsam, William Friedrich, Powers, Robert Lowell, Prentice, Paul Norman, Tuchman, Walter Leonard, Smith, John Lynn
Primary Examiner(s)
Birmiel, Howard A.

Application Number

US05/552,685
Time in Patent Office

449 Days
Field of Search

04L/9/02, 178/22, 340/172.5
US Class Current

380/29
CPC Class Codes

H04L 2209/125   Parallelization or pipelini...

H04L 2209/24   Key scheduling, i.e. genera...

H04L 9/0625   with splitting of the data ...

Block cipher system for data security

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

256 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Block cipher system for data security

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

256 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links