Variable-length cipher system and method
First Claim
1. A method for deterministically encrypting a plaintext symbol set having a variable block size, the method comprising the steps of:
- dividing the plaintext symbol set into first and second portions;
using a tweak to modify at least a portion of the plaintext symbol set to arrive at a data string;
applying a first encryption key to encrypt the data string and generate a second encryption key based upon the data string encrypted by the first encryption key;
computing a determined number of encryption rounds using the second encryption key to create an enciphered symbol set, wherein the encryption rounds comprise successive encryption and modulo combination of alternating portions of the symbol set utilizing a symbol set-associated modulo base by applying a tweakable, variable input length block cipher using the tweak, the tweak being based at least in part upon account information associated with a token; and
providing the enciphered symbol set, the form of the enciphered symbol set corresponding to the plaintext symbol set in accordance with the symbol set-associated modulo base.
12 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for enciphering data are provided. In one embodiment, information is enciphered using a variable block length cipher that returns the encrypted symbol set in the same format as the plaintext symbol set. The cipher can be based on DES, AES or other block ciphers. In one example implementation a method for enciphering token information the invention provides for enciphering token information by constructing a tweak of a defined length using token information; converting the tweak to a bit string of a defined size to form a first parameter; converting a number of digits of plaintext to a byte string of a defined size to form a second parameter, wherein the number of digits converted varies; defining a data encryption standard key; applying the data encryption standard key to the first and second parameters; computing a specified number of encryption rounds; and receiving enciphered token information.
188 Citations
23 Claims
-
1. A method for deterministically encrypting a plaintext symbol set having a variable block size, the method comprising the steps of:
-
dividing the plaintext symbol set into first and second portions; using a tweak to modify at least a portion of the plaintext symbol set to arrive at a data string; applying a first encryption key to encrypt the data string and generate a second encryption key based upon the data string encrypted by the first encryption key; computing a determined number of encryption rounds using the second encryption key to create an enciphered symbol set, wherein the encryption rounds comprise successive encryption and modulo combination of alternating portions of the symbol set utilizing a symbol set-associated modulo base by applying a tweakable, variable input length block cipher using the tweak, the tweak being based at least in part upon account information associated with a token; and providing the enciphered symbol set, the form of the enciphered symbol set corresponding to the plaintext symbol set in accordance with the symbol set-associated modulo base. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer program product for deterministically encrypting a plaintext symbol set having a variable block size the computer program product comprising a non-transitory computer-readable storage medium having computer-readable program code embodied in said medium, the computer-readable program code comprising instructions configured to cause the a processing device to perform the steps of:
-
dividing the plaintext symbol set into first and second portions; using a tweak to modify at least a portion of the plaintext symbol set to arrive at a data string; applying a first encryption key to encrypt the data string and generate a second encryption key based upon the data string encrypted by the first encryption key; computing a determined number of encryption rounds using the second encryption key to create an enciphered symbol set, wherein the encryption rounds comprise successive encryption and modulo combination of alternating portions of the symbol set utilizing a symbol set-associated modulo base by applying a tweakable, variable input length block cipher using the tweak, the tweak being based at least in part upon account information associated with a token; and providing the enciphered symbol set, the form of the enciphered symbol set corresponding to the plaintext symbol set in accordance with the symbol set-associated modulo base. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A magnetic stripe reader, comprising:
-
a magnetic read head proximate a card slot and configured to sense data magnetically encoded on the magnetic stripe of a bankcard and convert the data into an electronic signal; a signal detector configured to receive the electronic signal from the read head and to convert the electronic signal into a symbol set representing track data for the magnetic stripe reader; and an encryption module coupled to the signal detector and configured to deterministically encrypt the plaintext symbol set, wherein the encryption method comprises the steps of; dividing the plaintext symbol set into first and second portions; using a tweak to modify at least a portion of the plaintext symbol set to arrive at a data string; applying a first encryption key to encrypt the data string and generate a second encryption key based upon the data string encrypted by the first encryption key; computing a determined number of encryption rounds using the second encryption key to create an enciphered symbol set, wherein the encryption rounds comprise successive encryption and modulo combination of alternating portions of the symbol set utilizing a symbol set-associated modulo base by applying a tweakable, variable input length block cipher using the tweak, the tweak being based at least in part upon account information associated with a token; and providing the enciphered symbol set, the form of the enciphered symbol set corresponding to the plaintext symbol set in accordance with the symbol set-associated modulo base.
-
Specification