Byte stream selective encryption/decryption device

US 4,172,213 A
Filed: 11/17/1977
Issued: 10/23/1979
Est. Priority Date: 11/17/1977
Status: Expired due to Term

First Claim

Patent Images

1. An apparatus for providing data communications security in point-to-point and multipoint communications networks, wherein plain text data on a communications line is enciphered on a byte-by-byte basis when received from said communications line, comprising:

means for receiving said plain text data from said communications line on a byte-by-byte basis;

means for generating a plurality of key bits for each byte of said plain text data received from said communications line;

means for storing said plurality of key bits;

means for exclusive ORing each bit of each byte of said plain text data with one of said plurality of key bits generated for the byte previous to each of said bytes of plain text data, whereby a byte of enciphered data is produced corresponding to each of said bytes of plain text data; and

means for transmitting each of said bytes of enciphered data onto said communications line, whereby each of said bytes of plain text data is replaced by the corresponding byte of enciphered data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus for insertion in a communications line for providing message secrecy within a significant portion of existing communications networks. At the transmitter end, the apparatus receives messages from the communications line, enciphers them and retransmits them onto the communications line. At the receiver end, the apparatus receives messages from the communications line, deciphers them and retransmits them onto the communications line. The apparatus contains both a transmitter and receiver and is capable of full duplex operation in a bidirectional communications line. According to the invention, data is enciphered by combining the data received with the output of an algorithm, the algorithm output being dependent on the data previously enciphered and a unique key entered by the user. As data is received it is combined with the output of the algorithm, transmitted and using cipher feedback techniques fed back as an input to the algorithm to be used to encipher subsequently received data. Data is deciphered using equivalent elements as used for enciphering, the basic difference in the apparatus operation being the point from which data fed back into the algorithm is taken. The apparatus operates on a byte-by-byte basis, and contains provisions for responding to control characters and ignoring messages intended for a different apparatus.

Citations

49 Claims

1. An apparatus for providing data communications security in point-to-point and multipoint communications networks, wherein plain text data on a communications line is enciphered on a byte-by-byte basis when received from said communications line, comprising:
- means for receiving said plain text data from said communications line on a byte-by-byte basis;
  
  means for generating a plurality of key bits for each byte of said plain text data received from said communications line;
  
  means for storing said plurality of key bits;
  
  means for exclusive ORing each bit of each byte of said plain text data with one of said plurality of key bits generated for the byte previous to each of said bytes of plain text data, whereby a byte of enciphered data is produced corresponding to each of said bytes of plain text data; and
  
  means for transmitting each of said bytes of enciphered data onto said communications line, whereby each of said bytes of plain text data is replaced by the corresponding byte of enciphered data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 2. The apparatus of claim 1 wherein said key bit generation means comprises:
    - register means, one byte of which receives its input from the output of said exclusive ORing means, said register means including means for presenting a bit pattern from which said key bits will be generated; and
      
      means, connected to said register means, for encoding said presented bit pattern whereby said key bits are produced.
  - 3. The apparatus of claim 2 wherein said encoding means includes means for storing a key variable for use by said encoding means in encoding said presented bit pattern.
  - 4. The apparatus of claim 3 wherein said encoding means further includes means for entering said key variable from a source external to said apparatus.
  - 5. The apparatus of claim 3 further comprising memory storage means, connected to said receiving means and said encoding means, said memory storage means including means for storing a plurality of key variables and a plurality of destination point addresses, wherein each of said plurality of destination point addresses has associated with it one of said plurality of key variables.
  - 6. The apparatus of claim 5 wherein said memory storage means further includes means, responsive to the receipt of a plain text message addressed to one of said plurality of destination point addresses, said means for loading the one of said plurality of key variables associated with the destination point address contained in said plain text message into said key variable storage means.
  - 7. The apparatus of claim 4 wherein said register means further includes means for operating said register means as a shift code counter.
  - 8. The apparatus of claim 2 wherein the one byte of said register means that receives its input from the output of said exclusive ORing means is the high order byte of said register, means.
  - 9. The apparatus of claim 1 further comprising means, connected to said receiving means and said transmitting means, for transmitting each of said bytes of received plain text data onto said communications line and inhibiting the transmission of each of said corresponding bytes of enciphered data.
  - 10. The apparatus of claim 1 further comprising means, connected to said receiving means and said transmitting means, for selectively switching the output of said apparatus, under external control, between said input plain text data and said enciphered text generated within said apparatus.
  - 11. The apparatus of claim 1 further comprising means, connected to said transmitting means, for inhibiting the transmission of said enciphered data.
  - 12. The apparatus of claim 1 further including processing means, said processing means connected between said receiving means and said exclusive ORing means and further connected to said transmitting means, said processing means including means for transferring data between said receiving means, said exclusive ORing means and said transmitting means.
  - 13. The apparatus of claim 12 further comprising means, connected to said processing means, for storing at least one destination point address.
  - 14. The apparatus of claim 13 wherein said processing means further includes means for detecting the receipt of a plain text message addressed to one of said destination point addresses.
  - 15. The apparatus of claim 14 wherein said processing means further includes means, responsive to detecting the receipt of said plain text message addressed to one of said destination point addresses, for transferring said plain text message to said exclusive ORing means on a byte-by-byte basis and transferring each of the corresponding bytes of enciphered data produced to said transmitting means.
  - 16. The apparatus of claim 15 wherein said processing means, in response to the receipt of the end of said plain text message addressed to one of said destination point addresses, will stop transferring data to said exclusive ORing means.
  - 17. The apparatus of claim 16 wherein said processing means further includes means, responsive to the receipt of a first type of control character within said plain text message addressed to one of said destination point addresses, for transferring said plain text data received after said first type of control character to said transmitting means and inhibiting transmission of the corresponding enciphered data.
  - 18. The apparatus of claim 17 wherein said processing means, in response to the receipt of a second type of control character following receipt of said first type of control character, will cease transferring said plain test data received after said second type of control character to said transmitting means and resume transmitting the corresponding enciphered data.
  - 19. The apparatus of claim 14 wherein said processing means further includes means, responsive to the receipt of a plain text message addressed to an address other than one of said destination point addresses, for transferring said plain text message to said transmitting means.
  - 20. The apparatus of claim 12 wherein said processing means further includes means, responsive to the receipt of a plain text control character, for transmitting said received plain text control character onto said communications line and inhibiting the transmission of the corresponding enciphered control character produced.
  - 30. The apparatus of claim 1 further comprising means, connected to said receiving means and said transmitting means, for selectively switching the output of said apparatus, under external control, between said input enciphered data and said plain text generated within said apparatus.
  - 31. The apparatus of claim 1 further comprising means, connected to said transmitting means, for inhibiting the transmission of said deciphered data.
  - 32. The apparatus of claim 1 further including processing means, said processing means connected between said receiving means and said exclusive ORing means and further connected to said transmitting means, said processing means including means for transferring data between said receiving means, said exclusive ORing means and said transmitting means.
  - 33. The apparatus of claim 32 further comprising means, connected to said processing means, for storing at least one destination point address.
  - 34. The apparatus of claim 33 wherein said processing means further includes means for detecting the receipt of an enciphered message addressed to one of said destination point addresses.
  - 35. The apparatus of claim 34 wherein said processing means further includes means, responsive to detecting the receipt of said enciphered message addressed to one of said destination point addresses, for transferring said enciphered message to said exclusive ORing means on a byte-by-byte basis and transferring each of the corresponding bytes of deciphered data produced to said transmitting means.
  - 36. The apparatus of claim 35 wherein said processing means, in response to the receipt of the end of said enciphered message addressed to one of said destination point addresses, will stop transferring data to said exclusive ORing means.
  - 37. The apparatus of claim 36 wherein said processing means further includes means, responsive to the receipt of a first type of control character within said enciphered message addressed to one of said destination point addresses, for transferring said enciphered data received after said first type of control character to said transmitting means and inhibiting transmission of the corresponding plain text data.
  - 38. The apparatus of claim 37 wherein said processing means, in response to the receipt of a second type of control character following receipt of said first type of control character, will cease transferring said enciphered data received after said second type of control character to said transmission means and resume transmitting the corresponding plain text data.
  - 39. The apparatus of claim 34 wherein said processing means further includes means, responsive to the receipt of an enciphered messsage addressed to an address other than one of said destination point addresses, for transferring said enciphered message to said transmitting means.
  - 40. The apparatus of claim 32 wherein said processing means further includes means, responsive to the receipt of a control character, for transmitting said received control character onto said communications line and inhibiting the transmission of the corresponding deciphered control character produced.

21. An apparatus for providing data communications security in point-to-point and multipoint communications networks, wherein enciphered data on a communications line is deciphered on a byte-by-byte basis when received from said communications line, comprising:
- means for receiving said enciphered data from said communications line on a byte-by-byte basis;
  
  means for generating a plurality of key bits for each byte of said enciphered data received from said communications line;
  
  means for storing said plurality of key bits;
  
  means for exclusive ORing each bit of each byte of said enciphered data with one of said plurality of key bits generated for the byte previous to each of said bytes of enciphered data, whereby a byte of plain text data is produced corresponding to each of said bytes of enciphered data; and
  
  means for transmitting each of said bytes of plain text data onto said communications line, whereby each of said bytes of enciphered data is replaced by the corresponding byte of plain text data.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
- - 22. The apparatus of claim 21 wherein said key bit generation means comprises:
    - register means, one byte of which receives its input from said receiving means, said register means including means for presenting a bit pattern from which said key bits will be generated; and
      
      means, connected to said register means, for encoding said presented bit pattern whereby said key bits are produced.
  - 23. The apparatus of claim 22 wherein said encoding means includes means for storing a key variable for use by said encoding means in encoding said presented bit pattern.
  - 24. The apparatus of claim 23 wherein said encoding means further includes means for entering said key variable from a source external to said apparatus.
  - 25. The apparatus of claim 23 further comprising memory storage means, connected to said receiving means and said encoding means, said memory storage means including means for storing a plurality of key variables and a plurality of destination point addresses, wherein each of said plurality of destination point addresses has associated with it one of said plurality of key variables.
  - 26. The apparatus of claim 25 wherein said memory storage means further includes means, responsive to the receipt of an enciphered message addressed to one of said plurality of destination point addresses, said means for loading the one of said plurality of key variables associated with the destination point address contained in said enciphered message into said key variable storage means.
  - 27. The apparatus of claim 22 wherein said register means further includes means for operating said register means as a shift code counter.
  - 28. The apparatus of claim 22 wherein the one byte of said register means that receives its input from said receiving means is the high order byte of said register means.
  - 29. The apparatus of claim 21 further comprising means, connected to said receiving means and said transmitting means, for transmitting each of said received bytes of enciphered data onto said communications line and inhibiting the transmission of each of said corresponding bytes of plain text data.

41. An apparatus for insertion in a bidirectional communications line for providing full duplex data communications security in point-to-point and multipoint communications networks, wherein plain text data being transmitted on said communications line in a first direction is received by said apparatus, enciphered, and transmitted back onto said communications line in said first direction on a byte-by-byte basis, and enciphered data being transmitted on said communications line in a second direction is received by said apparatus, deciphered and transmitted back onto said communications line in said second direction on a byte-by-byte basis, comprising:
- means for receiving said plain text data being transmitted in said first direction from said communications line on a byte-by-byte basis;
  
  first means for generating a first plurality of key bits for each byte of said plain text data received from said communications line;
  
  second means for storing said first plurality of key bits;
  
  third means for exclusive ORing each bit of each received byte of said plain text data with one of said first plurality of key bits generated for the byte of data received previous to each of said bytes of plain text data received, whereby a byte of enciphered data is produced corresponding to each of said received bytes of plain text data;
  
  means for transmitting each of said produced bytes of enciphered data onto said communications line in said first direction, whereby each of said received bytes of plain text data being transmitted in said first direction is replaced by the corresponding produced byte of enciphered data;
  
  means for receiving said enciphered data being transmitted in said second direction from said communications line on a byte-by-byte basis;
  
  fourth means for generating a second plurality of key bits for each byte of said enciphered data received from said communications line;
  
  fifth means for storing said second plurality of key bits;
  
  sixth means for exclusive ORing each bit of each received byte of said enciphered data with one of said second plurality of key bits generated for the byte of data received previous to each of said bytes of enciphered data received, whereby a byte of plain text data is produced corresponding to each of said received bytes of enciphered data; and
  
  means for transmitting each of said produced bytes of plain text data onto said communications line in said second direction, whereby each of said received bytes of enciphered data being transmitted in said second direction is replaced by the corresponding produced byte of plain text data.
- View Dependent Claims (42, 43)
- - 42. The apparatus of claim 41 wherein said first means comprises:
    - first register means, the high order byte of which receives its input from the output of said third means, said first register means for presenting a first bit pattern from which said first plurality of key bits will be generated; and
      
      first encoding means, connected to said first register means, for encoding said first presented bit pattern whereby said first plurality of key bits if produced.
  - 43. The apparatus of claim 42 wherein said fourth means comprises:
    - second register means, the higher order byte of which receives its input from said enciphered data receiving means, said second register means including means for presenting a second bit pattern from which said second plurality of key bits will be generated; and
      
      second encoding means, connected to said second register means, for encoding said second presented bit pattern whereby said second plurality of key bits is produced.

44. An apparatus for use in transmitting enciphered digital data, wherein a sequence of bytes of plain text data is sequentially enciphered on a byte-by-byte basis, comprising:
- means for generating a plurality of key bits for each of said bytes of plain text data; and
  
  means for exclusive ORing each bit of each of said bytes of plain text data with one of said plurality of key bits generated for the byte of plain text data previous to each of said bytes of plain text data, whereby a byte of enciphered data is produced corresponding to each of said bytes of plain text data.
- View Dependent Claims (45, 46)
- - 45. The apparatus of claim 44 wherein said key bit generation means comprises:
    - register means, at least one byte of which receives its input from the output of said exclusive ORing means, said register means for presenting a bit pattern from which said plurality of key bits will be generated; and
      
      means, connected to said register means, for encoding said presented bit pattern, whereby said plurality of key bits are generated.
  - 46. The apparatus of claim 45 further comprising means, connected to said key bit generation means and said exclusive ORing means, said means for storing said plurality of generated key bits.

47. An apparatus for use in transmitting enciphered digital data, wherein a sequence of bytes of enciphered data is sequentially deciphered on a byte-by-byte basis, comprising:
- means for generating a plurality of key bits for each of said bytes of enciphered data; and
  
  means for exclusive ORing each bit of each of said bytes of enciphered data with one of said plurality of key bits generated for the byte of enciphered data previous to each of said bytes of enciphered data, whereby a byte of plain text data is produced corresponding to each of said bytes of enciphered data.
- View Dependent Claims (48, 49)
- - 48. The apparatus of claim 47 wherein said key bit generation means comprises:
    - register means, responsive to at least one byte of enciphered data previous to each of said bytes of enciphered data, said register means for presenting a bit pattern from which said plurality of key bits will be generated; and
      
      means, connected to said register means, for encoding said presented bit pattern, whereby said plurality of key bits are generated.
  - 49. The apparatus of claim 48 further comprising means, connected to said key bit generation means and said exclusive ORing means, said means for storing said plurality of generated key bits.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Unisys Corporation
Original Assignee
Burroughs Corp (Unisys Corporation)
Inventors
Campbell, Carl M. Jr., Gibson, Harold F., Dodds, Thomas J. Jr., Barnes, Vera L.
Primary Examiner(s)
Buczinski, S. C.

Application Number

US05/852,444
Time in Patent Office

705 Days
Field of Search

178/22, 340/146.1 AL
US Class Current

380/29
CPC Class Codes

H04L 2209/12   Details relating to cryptog...

H04L 2209/34   Encoding or coding, e.g. Hu...

H04L 9/065   Encryption by serially and ...

Byte stream selective encryption/decryption device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

49 Claims

Specification

Solutions

Use Cases

Quick Links

Byte stream selective encryption/decryption device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

49 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links