Symmetric key encryption system with synchronously updating expanded key

US 8,041,032 B2
Filed: 08/19/2005
Issued: 10/18/2011
Est. Priority Date: 08/19/2005
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

using at least one processor able to execute instructions to;

receive a cipher key;

expand the cipher key into a plurality of round keys;

create a pre-cipher, based at least in part upon the cipher key and the plurality of round keys;

receive a message comprising a plurality of ciphertext blocks;

use the pre-cipher to decrypt the plurality of ciphertext blocks, yielding a plurality of plaintext blocks;

during decryption of the message;

inspect a designated portion of the last plaintext block of the plurality of plaintext blocks to determine whether a pre-cipher reconfiguration parameter is non-zero; and

when the pre-cipher reconfiguration parameter is non-zero;

extract the pre-cipher reconfiguration parameter from the plaintext block; and

alter the pre-cipher based upon the reconfiguration parameter, to provide an altered pre-cipher.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, apparatus, and system of encryption, including embedding reconfiguration information within a ciphertext block destined for a decryptor. The decryptor identifies the reconfiguration information, extracts such information, and uses it to alter a pre-cipher, which is used for decryption. The encryptor alters its pre-cipher synchronously with the decryptor.

Citations

25 Claims

1. A method comprising:
- using at least one processor able to execute instructions to;
  
  receive a cipher key;
  
  expand the cipher key into a plurality of round keys;
  
  create a pre-cipher, based at least in part upon the cipher key and the plurality of round keys;
  
  receive a message comprising a plurality of ciphertext blocks;
  
  use the pre-cipher to decrypt the plurality of ciphertext blocks, yielding a plurality of plaintext blocks;
  
  during decryption of the message;
  
  inspect a designated portion of the last plaintext block of the plurality of plaintext blocks to determine whether a pre-cipher reconfiguration parameter is non-zero; and
  
  when the pre-cipher reconfiguration parameter is non-zero;
  
  extract the pre-cipher reconfiguration parameter from the plaintext block; and
  
  alter the pre-cipher based upon the reconfiguration parameter, to provide an altered pre-cipher.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the instructions to receive the cipher key comprise instructions to:
    - transmit a public key to an external system prior to receiving the cipher key;
      
      receive a message containing the cipher key, the message having been encrypted by the public key; and
      
      decrypt the message with a private key, to obtain the cipher key.
  - 3. The method of claim 1, wherein the round keys are generated by an AES key expansion algorithm.
  - 4. The method of claim 3, wherein the pre-cipher is generated by an AES cipher algorithm.
  - 5. The method of claim 1, wherein the instructions to alter the pre-cipher comprise instructions to shift the pre-cipher a quantity of bits determined by the parameter.
  - 6. The method of claim 1, wherein the instructions to alter the pre-cipher comprise instructions to shuffle the pre-cipher based upon the parameter.
  - 7. The method of claim 1, wherein the instructions to alter the pre-cipher comprise instructions to generate a pseudo-random number based upon the parameter, and use the pseudo-random number to determine a shift operation to be performed on the pre-cipher.
  - 8. The method of claim 1, wherein the instructions to alter the pre-cipher comprise instructions to generate a pseudo-random number based upon the parameter, and use the pseudo-random number to determine a shuffle operation to be performed on the pre-cipher.
  - 9. The method of claim 1, wherein the designated portion of the last plaintext block comprises a single bit.
  - 10. The method of claim 9, wherein the single bit is the last bit of the last plaintext block.

11. A method comprising:
- using at least one processor able to execute instructions to;
  
  identify a cipher key;
  
  expand the cipher key into a plurality of round keys;
  
  generate a pre-cipher based upon the cipher key, and the plurality of round keys;
  
  encrypt a first plurality of plaintext blocks based upon the pre-cipher yielding a plurality of ciphertext blocks;
  
  transmit the plurality of ciphertext blocks;
  
  detect the occurrence of a condition; and
  
  subsequent to occurrence of the condition;
  
  embed a pre-cipher reconfiguration parameter in a designated portion of the last plaintext block of a second plurality of plaintext blocks;
  
  alter the pre-cipher to correspond with the reconfiguration parameter, to provide an altered pre-cipher;
  
  encrypt the second plurality of plaintext blocks using the altered pre-cipher, to provide a plurality of ciphertext blocks encrypted with the altered pre-cipher; and
  
  transmit the plurality of ciphertext blocks encrypted with the altered pre-cipher.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The method of claim 11, wherein the instructions to detect the occurrence of the condition comprise instructions to determine when more than a threshold quantity of ciphertext blocks have been transmitted.
  - 13. The method of claim 11, wherein the instructions to detect the occurrence of the condition comprise instructions to determine when a timer has elapsed.
  - 14. The method of claim 11, wherein the instructions to embed the pre-cipher reconfiguration parameter comprise instructions to insert the parameter into a plaintext block, encrypt the plaintext block to provide a ciphertext block, and transmit the ciphertext block.
  - 15. The method of claim 11, wherein the instructions to embed the pre-cipher reconfiguration parameter comprise instructions to insert a plurality of parameters into a plurality of plaintext blocks, encrypt the plurality of plaintext blocks to provide a plurality of ciphertext blocks with a plurality of parameters, and transmit the plurality of ciphertext blocks with the plurality of parameters.
  - 16. The method of claim 11, wherein using the at least one processor further comprises using the at least one processor to execute instructions to alter the pre-cipher based upon the parameter.
  - 17. The method of claim 16, wherein using the at least one processor further comprises using the at least one processor to execute instructions to encrypt subsequent plaintext blocks using the altered pre-cipher.

18. An implantable device comprising:
- a sense/stimulator channel; and
  
  an input/output (I/O) interface; and
  
  a controller coupled to the sense/stimulator channel and to the I/O interface, the controller being configured to;
  
  receive physiological or behavioral data from the sensor;
  
  receive a cipher key via the I/O interface;
  
  expand the cipher key into a plurality of round keys;
  
  create a pre-cipher, based at least in part upon the cipher key and the plurality of round keys;
  
  receive a plurality of ciphertext blocks via the I/O interface;
  
  use the pre-cipher to decrypt the plurality of ciphertext blocks, yielding a plurality of plaintext blocks;
  
  inspect a designated portion of the last plaintext block of the plurality of plaintext blocks to determine whether a pre-cipher reconfiguration parameter is non-zero; and
  
  when the pre-cipher reconfiguration parameter is non-zero;
  
  extract a pre-cipher reconfiguration parameter from at least one of the plaintext blocks; and
  
  alter the pre-cipher based upon the parameter.
- View Dependent Claims (19, 20, 21, 22, 23, 24)
- - 19. The device of claim 18, wherein the controller is further configured to generate the round keys based upon an AES key expansion algorithm.
  - 20. The device of claim 19, wherein the controller is further configured to generate the pre-cipher based upon an AES cipher algorithm.
  - 21. The device of claim 18, wherein the controller is further configured to alter the pre-cipher by shifting the pre-cipher a quantity of bytes determined by the parameter.
  - 22. The device of claim 18, wherein the controller is further configured to alter the pre-cipher by shuffling the pre-cipher based upon the parameter.
  - 23. The device of claim 18, wherein the controller is further configured to alter the pre-cipher by generating a pseudo-random number based upon the parameter, and by using the pseudo-random number to determine a shift operation to be performed on the pre-cipher.
  - 24. The device of claim 18, wherein the controller is further configured to alter the pre-cipher by generating a pseudo-random number based upon the parameter, and by using the pseudo-random number to determine a shuffle operation to be performed on the pre-cipher.

25. A non-transitory computer-readable medium, including instructions that, when performed by a computer, cause the computer to:
- identify a cipher key;
  
  expand the cipher key into a plurality of round keys;
  
  generate a pre-cipher based upon the cipher key and the plurality of round keys;
  
  encrypt a first plurality of plaintext blocks based upon the pre-cipher yielding a plurality of ciphertext blocks;
  
  transmit the plurality of ciphertext blocks;
  
  detect the occurrence of a condition; and
  
  subsequent to occurrence of the condition;
  
  embed a pre-cipher reconfiguration parameter in a designated portion of the last plaintext block of a second plurality of plaintext blocks;
  
  alter the pre-cipher to correspond with the reconfiguration parameter, to providean altered pre-cipher;
  
  encrypt the second plurality of plaintext blocks using the altered pre-cipher, to provide a plurality of ciphertext blocks encrypted with the altered pre-cipher; and
  
  transmit the plurality of ciphertext blocks encrypted with the altered pre-cipher.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cardiac Pacemakers Incorporated (Boston Scientific Corporation)
Original Assignee
Cardiac Pacemakers Incorporated (Boston Scientific Corporation)
Inventors
Jelatis, George D., Katoozi, Mehdi
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
KANAAN, SIMON P

Application Number

US11/207,286
Publication Number

US 20070053516A1
Time in Patent Office

2,251 Days
Field of Search

None
US Class Current

380/37
CPC Class Codes

H04L 2209/08   Randomization, e.g. dummy o...

H04L 2209/20   Manipulating the length of ...

H04L 9/0631   Substitution permutation ne...

Symmetric key encryption system with synchronously updating expanded key

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Symmetric key encryption system with synchronously updating expanded key

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links