Systems and methods for protecting data secrecy and integrity

US 7,694,133 B2
Filed: 09/24/2004
Issued: 04/06/2010
Est. Priority Date: 12/22/1999
Status: Active Grant

First Claim

Patent Images

1. A tangibly embodied computer-readable medium containing computer-executable program instructions, the computer-exectuable program instructions including instructions for:

receiving a data file;

encrypting the data file;

preparing the data file for transmission, the instructions for preparing the data file for transmission including instructions for;

decrypting a copy of the encrypted data file;

receiving a first internal state from the computer code for decrypting the copy of the encrypted data file; and

generating a first validation code by using, at least in part, the first internal state; and

transmitting the encrypted data file and the first validation code.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A technique for integrating message authentication with encryption and decryption is disclosed. Intermediate internal states of the decryption operation are used to generate a validation code that can be used to detect manipulation of the encrypted data. The technique is optimized with respect to processing time, execution space for code and runtime data, and buffer usage. The technique is generally applicable to a variety of block ciphers, including TEA, Rijndael, DES, RC5, and RC6.

Citations

26 Claims

1. A tangibly embodied computer-readable medium containing computer-executable program instructions, the computer-exectuable program instructions including instructions for:
- receiving a data file;
  
  encrypting the data file;
  
  preparing the data file for transmission, the instructions for preparing the data file for transmission including instructions for;
  
  decrypting a copy of the encrypted data file;
  
  receiving a first internal state from the computer code for decrypting the copy of the encrypted data file; and
  
  generating a first validation code by using, at least in part, the first internal state; and
  
  transmitting the encrypted data file and the first validation code.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The tangibly embodied computer-readable medium of claim 1, wherein the computer-readable medium is selected from the group consisting of:
    - CD-ROM, DVD, MINIDISC, floppy disk, tape, flash memory, ROM, RAM, system memory, hard drive, and optical storage.
  - 3. The computer-readable medium of claim 1, further including instructions for executing a cipher algorithm used in one or both of the encryption or decryption processes.
  - 4. The tangibly embodied computer-readable medium of claim 3, wherein a mixing function is executed in association with the cipher algorithm.
  - 5. The tangibly embodied computer-readable medium of claim 3, wherein the cipher algorithm is a block cipher.
  - 6. The tangibly embodied computer-readable medium of claim 5, wherein a mixing function is executed in association with the block cipher.
  - 7. The tangibly embodied computer-readable medium of claim 6, wherein the block cipher is performed in one or more rounds and the mixing function is executed once for every round.

8. A tangibly embodied computer-readable medium containing information including a data structure configured to enable integrated decryption and authentication of an encrypted data file, the data structure including:
- an encrypted data file; and
  
  a first validation code, the first validation code being operable to verify the authenticity of the encrypted data file;
  
  wherein the encrypted data file and the first validation code are configured for use with an integrated decryption and validation procedure that is operable to produce decrypted data and to use at least one internal decryption state to generate a second validation code, the second validation code being equal to the first validation code if the encrypted data are not modified before decryption.
- View Dependent Claims (9, 10)
- - 9. The tangibly embodied computer-readable medium of claim 8, in which the data file includes a binary representation of a computer program.
  - 10. The tangibly embodied computer-readable medium of claim 8, wherein the computer-readable medium is selected from the group consisting of:
    - CD-ROM, DVD, MINIDISC, floppy disk, tape, flash memory, ROM, RAM, system memory, hard drive, and optical storage.

11. A tangibly embodied computer-readable medium containing computer-executable instructions for:
- receiving a data file;
  
  encrypting the data file;
  
  preparing the data file for transmission, the instructions for preparing the data file for transmission including instructions for;
  
  decrypting a copy of the encrypted data file;
  
  receiving a first internal state from the computer code for decrypting the copy of the encrypted data file; and
  
  generating a first validation code by using, at least in part, the first internal state;
  
  executing a mixing function in association with one or both of the encryption or decryption processes; and
  
  transmitting the encrypted data file and the first validation code.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 12. The tangibly embodied computer-readable medium of claim 11, wherein the mixing function is utilized in the generation of the first validation code.
  - 13. The tangibly embodied computer-readable medium of claim 12, wherein the mixing function yields an output validation value used to generate the first validation code.
  - 14. The tangibly embodied computer-readable medium of claim 13, wherein the mixing function combines a state value with an input validation value to yield the output validation value.
  - 15. The tangibly embodied computer-readable medium of claim 14, wherein the state value is a internal intermediate state value.
  - 16. The tangibly embodied computer-readable medium of claim 11, wherein the mixing function is used in one or both of encoding of the data file or decoding of the data file.
  - 17. The tangibly embodied computer-readable medium of claim 11, further including instructions for executing a cipher algorithm that utilizes the mixing function to process data during the encryption process.
  - 18. The tangibly embodied computer-readable medium of claim 17, wherein the data processed by the cipher algorithm is input ciphertext.
  - 19. The tangibly embodied computer-readable medium of claim 17, wherein the data to be processed by the cipher algorithm is split into portions prior to processing.
  - 20. The tangibly embodied computer-readable medium of claim 19, wherein the data to be processed by the cipher algorithm is split into two portions prior to processing.
  - 21. The tangibly embodied computer-readable medium of claim 20, wherein the two portions are comprised of a first half and a second half that are about equal.

22. A tangibly embodied computer-readable medium configured to encrypt data, the tangibly embodied computer-readable medium containing computer-executable instructions for:
- receiving a data file;
  
  encrypting the data file via a block cipher executed in rounds, including a key divided into subkeys;
  
  preparing the data file for transmission, the instructions for preparing the data file for transmission including instructions for;
  
  decrypting a copy of the encrypted data file;
  
  receiving a first internal state from the computer code for decrypting the copy of the encrypted data file; and
  
  generating a first validation code by using, at least in part, the first internal state; and
  
  transmitting the encrypted data file and the first validation code.
- View Dependent Claims (23, 24, 25, 26)
- - 23. The tangibly embodied computer-readable medium of claim 22, wherein the block cipher key is divided into four subkeys that are used in pairs in alternate rounds such that all four subkeys are used in each pair of rounds.
  - 24. The tangibly embodied computer-readable medium of claim 22, wherein the block cipher includes a changing input.
  - 25. The tangibly embodied computer-readable medium of claim 24, wherein the two round functions are executed via a Fesitel cipher procedure.
  - 26. The tangibly embodied computer-readable medium of claim 22, wherein the block cipher processes data via two round functions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Sibert, W. Olin
Primary Examiner(s)
Peeso; Thomas R

Application Number

US10/949,460
Publication Number

US 20050060560A1
Time in Patent Office

2,020 Days
Field of Search

713/164, 713/168, 713/172, 713/182
US Class Current

713/164
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 21/6209   to a single file or object,...

G06F 21/64   Protecting data integrity, ...

G06F 2221/2107   File encryption

H04L 2209/60   Digital content management,...

H04L 63/0428   wherein the data content is...

H04L 63/123   received data contents, e.g...

H04L 9/0625   with splitting of the data ...

H04L 9/0637   Modes of operation, e.g. ci...

H04L 9/3242   involving keyed hash functi...

Systems and methods for protecting data secrecy and integrity

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for protecting data secrecy and integrity

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links