Key controlled block cipher cryptographic system

US 4,255,811 A
Filed: 03/25/1975
Issued: 03/10/1981
Est. Priority Date: 03/25/1975
Status: Expired due to Term

First Claim

Patent Images

1. A cryptographic method for encrypting and decrypting an n-bit block of binary data utilizing an initially provided unique binary key, the encryption operation comprising the performance of a plurality (N) of encryption rounds, each round including the transformational operations of addition-with-carry, a first modulo-2 addition, rotational shifting, and a second modulo-2 addition;

and wherein each included operation is performed using the n-bit result block of the previous transformational operation together with an n-bit key block derived from said initially provided key material, and wherein said decryption operation is identical to the encryption operation except that the direction of the rotational shifting is reversed and the addition-with-carry becomes subtraction-with-borrow.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cryptographic system for encrypting a block of binary data under the control of a key consisting of a set of binary symbols. The cryptographic system may be utilized within a data processing environment to ensure complete privacy of data and information that is stored or processed within a computing system. All authorized subscribers who are permitted access to data within the network are assigned a unique key consisting of a combination of binary symbols. The central processing unit within the computing network contains a complete listing of all distributed authorized subscriber keys. All communications transmitted from terminal input are encrypted into a block cipher by use of the cryptographic system operating under the control of the subscriber key which is inputed to the terminal device. At the receiving station or central processing unit, an identical subscriber key which is obtained from internal tables stored within the computing system is used to decipher all received ciphered communications.

90 Citations

View as Search Results

16 Claims

1. A cryptographic method for encrypting and decrypting an n-bit block of binary data utilizing an initially provided unique binary key, the encryption operation comprising the performance of a plurality (N) of encryption rounds, each round including the transformational operations of addition-with-carry, a first modulo-2 addition, rotational shifting, and a second modulo-2 addition;
- and wherein each included operation is performed using the n-bit result block of the previous transformational operation together with an n-bit key block derived from said initially provided key material, and wherein said decryption operation is identical to the encryption operation except that the direction of the rotational shifting is reversed and the addition-with-carry becomes subtraction-with-borrow.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. A cryptographic method as set forth in claim 1, wherein said method includes in addition to said N-rounds a further addition-with-carry for an encryption operation and a further subtraction-with-borrow for a decryption operation.
  - 3. The method as set forth in claim 2, including performing a first fixed permutation (P) of the bits of the data block before performing said rotational shifting operation and performing the inverse (P^-1) of the first permutation (P) on the n-bits of the data block subsequent to said rotational shifting operation.
  - 4. A cryptographic method as set forth in claim 2, including the steps of generating a different n-bit key block for each transformation operation occurring in said system including selecting said keys so that each key block generated during a given cryptographic operation will be uniquely dependent upon the unique binary key initially provided to the system.
  - 5. A cryptographic method as set forth in claim 4, including the steps of generating said key material by successively accessing predetermined bit positions in a plurality of rotational shift registers having a plurality of bit storage locations, each shift register capacity being relatively prime with respect to every other shift register, until a predetermined number of key bits have been accessed and assembled.
  - 6. A cryptographic method as set forth in claim 1, including the steps of presenting the generated key blocks for the various transformation operations in a first order during an encipherment operation and presenting said key blocks to the various transformation operations in reverse order during a decipherment operation.

7. A cryptographic system for performing cryptographic operations upon a block of binary data under control of a unique binary key supplied to the system, said system comprising means for gating a block of binary data to said cryptographic system, key generation means for storing and operating upon said unique binary key to produce a series of key blocks to be used in said cryptographic operations, initial transformation means for selectively performing an addition-with-carry or a subtraction-with-borrow operation, means for performing a first exclusive-or transformation, rotational shift register transformation means operable under control of a key block produced by said key generator means, means for selectively shifting said rotational shift register in either direction, means for performing a second exclusive-or transformation on a block of binary data received from said shift register means, and means for providing a different generated key block to each of said transformation means whereby the transformation operation upon the block binary data entering same is function of said binary key.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. A cryptographic system as set forth in claim 7, wherein said transformation means operate sequentially on said blocks of binary data presented to the system, said system including a first permutation means for rearranging the bit positions of data entering and leaving said permutation means, said permutation means being located between said first exclusive-or means and said rotational shift register means, and a second permutation means connected between the output of said rotational shift register means and said second exclusive-or means for performing the inverse of the bit transposition performed by said first permutation means.
  - 9. A cryptographic system as set forth in claim 8, including means for generating said successive keys to be utilized during the encryption of a clear data block in a first order of presentation and means for presenting said key material in reverse order during a decipherment operation.
  - 10. A cryptographic system as set forth in claim 9, wherein said means for generating said key material from said originally presented key includes a plurality of bi-directional rotational shift registers, including means for rotating said shift registers in a first direction during an encryption operation and in the reverse direction during a decryption operation.
  - 11. A cryptographic system as set forth in claim 10, wherein each of said rotational shift registers utilized for generating said keys each has a number of storage positions which numbers are relatively prime to each other and wherein the total storage capacity of all of said registers equal the total number of bits of key material originally supplied to the cryptographic system, means for extracting at least one bit from a predetermined storage location in each of said registers to generate a key block, means for shifting said registers between accessing operations and means for repetitively accessing said storage locations until a sufficient number of bits has been obtained to form a block of key material.
  - 12. A cryptographic system as set forth in claim 11, including a rotational commutator means connected to the output of said key generation registers whereby the relative position of the bits from each register may be selectively shifted between successive key generation operations.
  - 13. A cryptographic system as set forth in claim 11, including at least one bidirectionally rotatable shift register for accumulating bytes of key material as it is produced by said key generation means, and means for rotating said accumulating shift register in a first direction during an encryption operation and in the opposite direction during a decryption operation.
  - 14. A cryptographic system as set forth in claim 13, including control means for performing a plurality of cryptographic rounds each including the transformation of addition-with-carry or subtraction-with-borrow, first exclusive-or, a first permutation, rotational shifting, a second permutation the inverse of the first, and a second exclusive-or, and counter means for counting the number of cryptographic rounds performed, and means for testing the current value of said counter to determine if a given cryptographic operation is complete, or requires an addition-with-carry or subtraction-with-borrow operation when in the encryption or decryption modes respectively.

15. A cryptographic system for performing cryptographic operations upon a block of binary data under control of a unique binary key supplied to the system, said system comprising means for gating a block of binary data to said cryptographic system, key generation means for storing and operating upon said unique binary key to produce a series of key blocks to be used in said cryptographic operations, initial transformation means for selectively performing an addition-with-carry or a subtraction-with-borrow operation, means for performing a first exclusive-or transformation, a first permutation means for rearranging the bit positions of data entering and leaving said permutation means, rotational shift register transformation means operable under control of a key block produced by said key generator means, means for selectively shifting said rotational shift register in either direction, and a second permutation means connected to the output of said rotational shift register means for performing the inverse of the bit transposition performed by said first permutation means, means for performing a second exclusive-or transformation on a block of binary data received from said shift register means, and means for providing a different generated key block to each of said transformation means whereby the transformation operation upon the block binary data entering same is a function of said binary key, wherein said means for generating said key blocks from said originally presented key material includes a plurality of bidirectional rotational shift registers, including means for rotating said shift registers in a first direction during an encryption operation and in the reverse direction during a decryption operation.
- View Dependent Claims (16)
- - 16. A cryptographic system as set forth in claim 15, including control means for performing a plurality of cryptographic rounds when in the encryption mode, each round including the transformations of addition-with-carry, a first exclusive-or, a first permutation, rotational shifting, a second permutation the inverse of the first, a second exclusive-or, and a further addition-with-carry and when in the decryption mode, each round including the transformations of subtraction-with-borrow, a first exclusive-or, a first permutation, rotational shifting, a second permutation the inverse of the first, a second exclusive-or, and a further subtraction-with-borrow, and counter means for counting the number of cryptographic rounds performed, means for testing the current value of said counter to determine if a given cryptographic operation is complete, a further cryptographic round is required, or a separate addition-with-carry operation or subtraction-with-borrow operation is required.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Adler, Roy L.
Primary Examiner(s)
Birmiel, Howard A.

Application Number

US05/561,760
Time in Patent Office

2,177 Days
Field of Search

178/22, 235/165, 235/168, 340/172.5, 375/2
US Class Current

380/37
CPC Class Codes

H04L 2209/12   Details relating to cryptog...

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2209/26   Testing cryptographic entit...

H04L 9/0618   Block ciphers, i.e. encrypt...

Key controlled block cipher cryptographic system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

90 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Key controlled block cipher cryptographic system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

90 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links