Data encryption system for encrypting plaintext data
First Claim
Patent Images
1. A data encryption system for encrypting plaintext data of 8n bits, n being a positive integer, comprising:
- an input unit for dividing the plaintext data into a first and a second half plaintext data block, each plaintext data block having 4n bits;
a key scheduling device for providing four n-bit constant values and N sets of round subkeys from an 8n-bit master key, N being a positive integer and each set of round subkeys having a first and a second 2n-bit round subkey and a first and a second n-bit round subkey;
N data encryption stages connected in series, each data encryption stage processing a first and a second 4n-bit input to provide a first and a second 4n-bit output, the first half and the second half plaintext data block being provided to a first data encryption stage as a first and a second 4n-bit input thereof, a second 4n-bit input of each data encryption stage being provided as a second 4n-bit output thereof, and a first and a second 4n-bit output of a data encryption stage being provided to its next data encryption stage as a second and a first 4n-bit input thereof, respectively; and
an output unit for combining a first and a second 4n-bit output of a last data encryption stage to generate 8n-bit ciphertext data;
wherein an ith (i being 1 to N) data encryption stage includes an encrypter for encrypting a second 4n-bit input of the ith data encryption stage by using an ith set of round subkeys and the four n-bit constant values to provide an 4n-bit encrypted data block and an EX-OR gate for EX-ORing a first 4n-bit input thereof with the 4n-bit encrypted data block to provide a first 4n-bit output of the ith data encryption stage, and wherein the encrypter of the ith data encryption stage includes;
a first division unit for dividing the second 4n-bit input of the ith data encryption stage to provide a first and a second 2n-bit data subblock;
a first key adding circuit for EX-ORing the first and the second 2n-bit data subblock with a first and a second 2n-bit round subkey of an ith set of round subkeys to generate a first and a second 2n-bit added data subblock;
a second division unit for dividing the first 2n-bit key added data subblock into a first and a second n-bit key added data subblock and dividing the second 2n-bit key added data subblock into a third and a fourth n-bit key added data subblock;
a second key adding circuit having a first addition unit for performing an addition modulo 2n operation on the first and the third n-bit key added data subblock and a first multiplication unit for performing a multiplication modulo 2n+1 operation based on an output of the first addition unit and a first n-bit round subkey of the ith set of round subkeys to generate a first n-bit key/data added data subblock;
a third key adding circuit having a second addition unit for performing the addition modulo 2n operation on the second and the fourth n-bit key added data subblock and a second multiplication unit for performing the multiplication modulo 2n+1 operation based on an output of the second addition unit and a second n-bit round subkey of the ith set of round subkeys to provide a second n-bit key/data added data subblock; and
means for processing the n-bit key added data subblocks and the n-bit key/data added data subblocks by using the four constant values to provide the 4n-bit encrypted data block.
1 Assignment
0 Petitions
Accused Products
Abstract
In order to encrypt plaintext data while maintaining high security, the plaintext data is received and divided into a plurality of plaintext data blocks, each of which has the same bit length. A preset master key is used to obtain a set of round subkeys, and each of the plaintext data blocks is encrypted by using the preset master key and combining the encrypted blocks to thereby provide cipheitext data having a bit length which is identical to that of the plaintext data.
-
Citations
4 Claims
-
1. A data encryption system for encrypting plaintext data of 8n bits, n being a positive integer, comprising:
-
an input unit for dividing the plaintext data into a first and a second half plaintext data block, each plaintext data block having 4n bits;
a key scheduling device for providing four n-bit constant values and N sets of round subkeys from an 8n-bit master key, N being a positive integer and each set of round subkeys having a first and a second 2n-bit round subkey and a first and a second n-bit round subkey;
N data encryption stages connected in series, each data encryption stage processing a first and a second 4n-bit input to provide a first and a second 4n-bit output, the first half and the second half plaintext data block being provided to a first data encryption stage as a first and a second 4n-bit input thereof, a second 4n-bit input of each data encryption stage being provided as a second 4n-bit output thereof, and a first and a second 4n-bit output of a data encryption stage being provided to its next data encryption stage as a second and a first 4n-bit input thereof, respectively; and
an output unit for combining a first and a second 4n-bit output of a last data encryption stage to generate 8n-bit ciphertext data;
wherein an ith (i being 1 to N) data encryption stage includes an encrypter for encrypting a second 4n-bit input of the ith data encryption stage by using an ith set of round subkeys and the four n-bit constant values to provide an 4n-bit encrypted data block and an EX-OR gate for EX-ORing a first 4n-bit input thereof with the 4n-bit encrypted data block to provide a first 4n-bit output of the ith data encryption stage, and wherein the encrypter of the ith data encryption stage includes;
a first division unit for dividing the second 4n-bit input of the ith data encryption stage to provide a first and a second 2n-bit data subblock;
a first key adding circuit for EX-ORing the first and the second 2n-bit data subblock with a first and a second 2n-bit round subkey of an ith set of round subkeys to generate a first and a second 2n-bit added data subblock;
a second division unit for dividing the first 2n-bit key added data subblock into a first and a second n-bit key added data subblock and dividing the second 2n-bit key added data subblock into a third and a fourth n-bit key added data subblock;
a second key adding circuit having a first addition unit for performing an addition modulo 2n operation on the first and the third n-bit key added data subblock and a first multiplication unit for performing a multiplication modulo 2n+1 operation based on an output of the first addition unit and a first n-bit round subkey of the ith set of round subkeys to generate a first n-bit key/data added data subblock;
a third key adding circuit having a second addition unit for performing the addition modulo 2n operation on the second and the fourth n-bit key added data subblock and a second multiplication unit for performing the multiplication modulo 2n+1 operation based on an output of the second addition unit and a second n-bit round subkey of the ith set of round subkeys to provide a second n-bit key/data added data subblock; and
means for processing the n-bit key added data subblocks and the n-bit key/data added data subblocks by using the four constant values to provide the 4n-bit encrypted data block. - View Dependent Claims (2, 3, 4)
a data adding circuit for providing four n-bit EX-ORed data subblocks, wherein a first n-bit EX-ORed data subblock is obtained by EX-ORing the first n-bit key added data subblock and the second key/data added data subblock, a second n-bit EX-ORed data subblock is obtained by EX-ORing the second n-bit key added data subblock and the first n-bit key/data added data subblock, a third n-bit EX-ORed data subblock is obtained by EX-ORing the third n-bit key added data subblock and the second n-bit key/data added data subblock, and the fourth n-bit EX-ORed data subblock is obtained by EX-ORing the fourth n-bit key added data subblock and the first n-bit key/data added data subblock;
a substitution box for substituting the four n-bit EX-ORed data subblocks with four n-bit substituted data blocks;
a constant value adding circuit for respectively EX-ORing the four substituted data blocks with the four constant values to generate four n-bit EX-OR operated data blocks;
a linear transformer for providing four n-bit transformed data blocks by performing an addition modulo 2n operation on four different sets of three EX-OR operated data blocks; and
a combining unit for combining the four n-bit transformed data blocks to generate the 4n-bit encrypted data block.
-
-
3. The data encryption system of claim 2, wherein n=16.
-
4. The data encryption system of claim 3, wherein N=16.
Specification