Cryptographic system with masking
First Claim
1. A computer-implemented method of cryptographically transforming a sequence of input blocks of data into a corresponding sequence of output blocks of data, said sequence of input blocks comprising a first input block and one or more subsequent input blocks, each of said one or more subsequent input blocks having a previous input block, said method comprising the steps of:
- enciphering each input block using a first key to generate a first encryption product;
combining each first encryption product by modular addition with a first secret masking value to generate a masked first encryption product, said first secret masking value being generated independently of said input blocks and being different for each subsequent input block;
enciphering each masked first encryption product using a second key to generate a second encryption product;
combining each second encryption product by modular addition with a second secret masking value to generate a masked second encryption product, said second secret masking value being generated independently of said input blocks and being different for each subsequent input block; and
enciphering each masked second encryption product using a third key to generate an output block corresponding to said input block.
0 Assignments
0 Petitions
Accused Products
Abstract
A system for cryptographically transforming a sequence of input blocks of plaintext or ciphertext data into corresponding sequence of output blocks of data while providing enhanced protection against cryptographic attacks. Each input block is enciphered using a first key to generate a first encryption product, which is combined with a first secret masking value generated independently of the input blocks to generate a masked first encryption product. Each masked first encryption product is then enciphered using a second key to generate a second encryption product, which is combined with a second secret masking value generated independently of the input blocks to generate a masked second encryption product. Finally, each masked second encryption result is enciphered using a third key to generate an output block corresponding to the input block.
-
Citations
25 Claims
-
1. A computer-implemented method of cryptographically transforming a sequence of input blocks of data into a corresponding sequence of output blocks of data, said sequence of input blocks comprising a first input block and one or more subsequent input blocks, each of said one or more subsequent input blocks having a previous input block, said method comprising the steps of:
-
enciphering each input block using a first key to generate a first encryption product; combining each first encryption product by modular addition with a first secret masking value to generate a masked first encryption product, said first secret masking value being generated independently of said input blocks and being different for each subsequent input block; enciphering each masked first encryption product using a second key to generate a second encryption product; combining each second encryption product by modular addition with a second secret masking value to generate a masked second encryption product, said second secret masking value being generated independently of said input blocks and being different for each subsequent input block; and enciphering each masked second encryption product using a third key to generate an output block corresponding to said input block. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. Apparatus for cryptographically transforming a sequence of input blocks of data into a corresponding sequence of output blocks of data, said sequence of input blocks comprising a first input block and one or more subsequent input blocks, each of said one or more subsequent input blocks having a previous input block, said apparatus comprising:
-
first enciphering means for enciphering each input block using a first key to generate a first encryption product; first masking means for combining each first encryption product by modular addition with a first secret masking value to generate a masked first encryption product, said first secret masking value being generated independently of said input blocks and being different for each subsequent input block; second enciphering means for enciphering each masked first encryption product using a second key to generate a second encryption product; second masking means for combining each second encryption product by modular addition with a second secret masking value to generate a masked second encryption product, said second secret masking value being generated independently of said input blocks and being different for each subsequent input block; and third enciphering means for enciphering each masked second encryption product using a third key to generate an output block corresponding to said input block. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
-
23. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps for cryptographically transforming a sequence of input blocks of data into a corresponding sequence of output blocks of data, said sequence of input blocks comprising a first input block and one or more subsequent input blocks, each of said one or more subsequent input blocks having a previous input block, said method steps comprising:
-
enciphering each input block using a first key to generate a first encryption product; combining by modular addition each first encryption product with a first secret masking value to generate a masked first encryption product, said first secret masking value being generated independently of said input blocks and being different for each subsequent input block; enciphering each masked first encryption product using a second key to generate a second encryption product; combining by modular addition each second encryption product with a second secret masking value to generate a masked second encryption product, said second secret masking value being generated independently of said input blocks and being different for each subsequent input block; and enciphering each masked second encryption product using a third key to generate an output block corresponding to said input block. - View Dependent Claims (24, 25)
-
Specification