Network encryption system
First Claim
Patent Images
1. Network encryption apparatus comprising:
- encrypting means for generating a random number using a portion of user data discriminated from a sequence of data and for encrypting the user data by logical operation using the random number; and
decrypting means for generating a random number using a decrypted portion of the user data and for decrypting the user data by logical operation using the random number.
4 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a network encryption system and method, and particularly, to a network encryption system and method involving the encryption and/or decryption of user data using random number generation. Even more particularly, the present invention relates to encryption and/or decryption of user data using random numbers that are generated using a portion of the user data discriminated from the data frame or the data packet.
56 Citations
24 Claims
-
1. Network encryption apparatus comprising:
-
encrypting means for generating a random number using a portion of user data discriminated from a sequence of data and for encrypting the user data by logical operation using the random number; and
decrypting means for generating a random number using a decrypted portion of the user data and for decrypting the user data by logical operation using the random number. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
a Data Terminal Equipment (DTE) receiving buffer for discriminating protocol data and the user data from the data sequence respectively and dividing out the user data;
an encrypting key unit for storing an encrypting key having a fixed length;
a random number generating unit for generating the random number using the portion of the user data as a seed value;
a logical operation unit for encrypting, by logical operation, the portion of the user data with the encrypting key, and a remaining portion of the user data with the random number; and
a Data Circuit terminating Equipment (DCE) sending buffer for generating a data frame or data packet by coupling the protocol data with the encrypted user data.
-
-
3. Network encryption apparatus as claimed in claim 2, wherein the logical operation unit comprises:
-
a first logical operation unit for encrypting the portion of the user data by logical operation with the encrypting key; and
a second logical operation unit for encrypting the remaining portion of the user data by logical operation with the random number.
-
-
4. Network encryption apparatus as claimed in claim 3, wherein the logical operation unit has a plurality of logical operation elements connected in parallel.
-
5. Network encryption apparatus as claimed in claim 2, wherein the random number generating unit is initialized by a portion of the user data in order to generate a different random number for each of a plurality of data frames or data packets.
-
6. Network encryption apparatus as claimed in claim 1, wherein the decrypting means comprises:
-
a DCE receiving buffer for discriminating protocol data and the user data from the data sequence and dividing out the user data;
a decrypting key unit for storing a decrypting key having a fixed length;
a first logical operation unit for decrypting a portion of the user data by logical operation with the decrypting key;
a random number generating unit for generating the random number using the decrypted portion of the user data;
a second logical operation unit for decrypting the remaining portion of the user data by logical operation with the random number; and
a DTE sending buffer for generating a data frame or data packet by coupling the protocol data with the decrypted user data.
-
-
7. Network encryption apparatus as claimed in claim 6, wherein the random number generating unit is initialized using the portion of the user data decrypted by the first logical operation unit.
-
8. Network encryption apparatus as claimed in claim 6, wherein the random number generating unit is initialized by the portion of the user data in order to generate a different random number for each of a plurality of data frames or data packets.
-
9. Network encryption apparatus as claimed in claim 6, wherein the logical operation unit has a plurality of logical operation elements connected in parallel.
-
10. Network encryption apparatus, comprising:
-
encrypting means for generating a random number for each of a plurality of data sequences using a first portion of user data from the corresponding one of each data sequence, and for encrypting a second portion of user data in each of the plurality of data sequences by logical operation using the corresponding random number, and for encrypting the first portion of user data in each data sequence with an encrypting key having a fixed length; and
decrypting means for decrypting a first portion of user data from each of a plurality of encrypted data sequences by logical operation with a decrypting key having a fixed length, and for generating a random number for each of the plurality of encrypted data sequences using the corresponding, decrypted first portion of user data, and for decrypting a second portion of user data from each of the plurality of encrypted data sequences by logical operation using the corresponding random number. - View Dependent Claims (11, 12)
a Data Terminal Equipment (DTE) receiving buffer for discriminating protocol data and the user data from a data sequence and dividing out the user data;
an encrypting key unit for storing an encrypting key having a fixed length;
a random number generating unit for generating a random number using the first portion of the user data in the data sequence;
a first logical operation unit for encrypting the first portion of the user data by logical operation with the encrypting key;
a second logical operation unit for encrypting the second portion of the user data in the data sequence by logical operation with the random number; and
a DCE sending buffer for generating a data frame or data packet by coupling the protocol data with the encrypted user data.
-
-
12. Network encryption apparatus as claimed in claim 10, wherein the decrypting means comprises:
-
a DCE receiving buffer for discriminating protocol data and encrypted user data from a data sequence and dividing out the encrypted user data;
a decrypting key unit for storing a decrypting key having a fixed length;
a first logical operation unit for decrypting a first portion of the encrypted user data by logical operation with the decrypting key;
a random number generating unit for generating a random number using the decrypted first portion of the user data;
a second logical operation unit for decrypting a second portion of the encrypted user data by logical operation with the random number; and
a DTE sending buffer for generating a data frame or data packet by coupling the protocol data with the decrypted user data.
-
-
13. Network encryption method comprising:
-
an encryption process including the steps of generating a random number using a first portion of user data in a data sequence and encrypting a second portion of the user data by logical operation using the random number; and
a decryption process including the steps of generating the random number using a decrypted first portion of the user data and decrypting a second portion of the encrypted user data by logical operation using the random number. - View Dependent Claims (14, 15, 16, 17, 18, 19)
storing an encrypting key having a fixed length;
discriminating protocol data and the user data from the data sequence and dividing out the user data;
generating the random number using the first portion of the user data as a seed value;
encrypting the first portion of the user data by logical operation with the encrypting key;
encrypting the second portion of the user data by logical operation with the random number; and
generating a data frame or data packet by coupling the protocol data with the encrypted user data.
-
-
15. Network encryption method as claimed in claim 14, wherein the step of generating the random number comprises the step of:
initializing a random number generator using the seed value, wherein a different random number is generated for each of a plurality of subsequent data sequences.
-
16. Network encryption method as claimed in claim 13, wherein the decryption process further comprises the steps of:
-
storing a decrypting key having a fixed length;
discriminating protocol data and the encrypted user data and dividing out the user data;
decrypting the first portion of the encrypted user data by logical operation with the decrypting key;
generating the random number using the decrypted first portion of the user data;
decrypting the second portion of the encrypted user data by logical operation with the random number; and
generating a data frame or data packet by coupling the protocol data with the decrypted user data.
-
-
17. Network encryption method as claimed in claim 16, wherein the step of generating the random number comprises the step of:
initializing a random number generating unit using the decrypted first portion of the user data as a seed value, wherein a different random number is generated for each of a plurality of subsequent, encrypted data sequences in order to encrypt or decrypt data at every input data frame or data packet in different ways.
-
18. Network encryption apparatus as claimed in claim 17, wherein in the logical operation step, the logical operation operates the user data in a fixed length in parallel.
-
19. Network encryption apparatus as claimed in claim 16, wherein the steps of decrypting the first and second portions of the encrypted user data involve fixed length, parallel logical operations.
-
20. A method for encrypting user data comprising the steps of:
-
generating a random number using a first portion of the user data;
encrypting the first portion of the user data using an encryption key; and
encrypting a second portion of the user data using the random number. - View Dependent Claims (21, 22)
appending a protocol data portion to the first encrypted user data portion and the second encrypted user data portion, thereby generating a data packet.
-
-
22. The method of claim 20 further comprising the steps of:
generating a different random number for each of a plurality of data sequences, wherein the random number associated with each of the plurality of data sequences is generated using a first user data portion from the corresponding data sequence.
-
23. A method for decrypting user data comprising the steps of:
-
discriminating a first encrypted portion of user data from an encrypted data sequence;
decrypting the first encrypted portion of user data using an encryption key;
generating a random number using the decrypted first portion of the user data; and
decrypting a second portion of the encrypted data sequence using the random number. - View Dependent Claims (24)
discriminating a first encrypted portion of user data associated with each of a plurality of data sequences;
decrypting the first encrypted portion of user data associated with each of the plurality of data sequences using a decryption key;
generating a random number for each of the plurality of encrypted data sequences using the decrypted first portion of user data associated with the corresponding data sequence, wherein each random number is different as a result of it being generated by a corresponding first portion of decrypted user data; and
decrypting a second encrypted portion of user data associated with each of the plurality of data sequences using the corresponding random number.
-
Specification