Method and apparatus for data encryption

US 6,108,421 A
Filed: 03/06/1998
Issued: 08/22/2000
Est. Priority Date: 03/06/1998
Status: Expired due to Term

First Claim

Patent Images

1. A block cipher device for use in encrypting and decrypting information in a cryptographically secured digital communication system comprising:

(a) a first stage adapted to receive an input data block and a control data block, said first stage comprising;

(i) a plurality of serially connected units including a sum modulo-two unit responsive to the input data block and a first subset of the control data block, and(ii) a first nibble swap unit responsive to the output signal from said sum modulo-two unit and a second subset of the control data block for reordering the output signal from said sum modulo-two unit;

(b) a key scheduler responsive to a key data block including means for randomizing the key data block; and

(c) a second stage adapted to receive the randomized key data block from said key scheduler in first and second key data sub-blocks, the control data block and the output signal from said first stage, said second stage comprising a plurality of serially connected units including;

(i) a first linear modulo unit responsive to said first key data sub-block from the key scheduler, the output signal from said first stage, and the control data block for performing a modulo summing operation based on a first modulus q,(ii) an n^th power modulo unit responsive to the output signal from said first linear modulo unit for performing an n^th power modulo operation based on a second modulus p to thereby provide an output signal of predetermined size, with n>

1 and with p=2^K -X where X is selected such that the greatest common denominator between n and (2^K -X-1) is one and K is said predetermined size, and(iii) a second linear modulo unit responsive to the second key data sub-block and the output signal from said n^th power modulo unit for performing a modulo summing operation based on a third modulus r,said first, second, and third modulus p, q and r respectively being unique from each other.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for use in encrypting and decrypting digital communications converting an initial block to final block based on freely selectable control information and secret key information. The apparatus or method having a plurality of units or steps operating on plain text or cipher text to provide a final block. The steps or methods including three modulo operations having unique modulus and meeting a specified constraint.

32 Citations

View as Search Results

27 Claims

1. A block cipher device for use in encrypting and decrypting information in a cryptographically secured digital communication system comprising:
- (a) a first stage adapted to receive an input data block and a control data block, said first stage comprising;
  
  (i) a plurality of serially connected units including a sum modulo-two unit responsive to the input data block and a first subset of the control data block, and(ii) a first nibble swap unit responsive to the output signal from said sum modulo-two unit and a second subset of the control data block for reordering the output signal from said sum modulo-two unit;
  
  (b) a key scheduler responsive to a key data block including means for randomizing the key data block; and
  
  (c) a second stage adapted to receive the randomized key data block from said key scheduler in first and second key data sub-blocks, the control data block and the output signal from said first stage, said second stage comprising a plurality of serially connected units including;
  
  (i) a first linear modulo unit responsive to said first key data sub-block from the key scheduler, the output signal from said first stage, and the control data block for performing a modulo summing operation based on a first modulus q,(ii) an n^th power modulo unit responsive to the output signal from said first linear modulo unit for performing an n^th power modulo operation based on a second modulus p to thereby provide an output signal of predetermined size, with n>
  
  1 and with p=2^K -X where X is selected such that the greatest common denominator between n and (2^K -X-1) is one and K is said predetermined size, and(iii) a second linear modulo unit responsive to the second key data sub-block and the output signal from said n^th power modulo unit for performing a modulo summing operation based on a third modulus r,said first, second, and third modulus p, q and r respectively being unique from each other.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The block cipher device of claim 1 wherein one of the plurality of serially connected units of said first stage is a substitution unit responsive to the output signal from the first nibble swap unit and a third subset of the control data block to provide customizable cipher variations.
  - 3. The block cipher device of claim 2 wherein one of the plurality of serially connected units of said first stage is a second nibble swap unit responsive to a fourth subset of the control data block and the output signal from said substitution unit for reordering the output signal from said substitution unit.
  - 4. The block cipher device of claim 1 wherein said first nibble swap unit reorders the output signal from said sum modulo-sum unit as a function of the second subset of the control data block.
  - 5. The block cipher device of claim 1 wherein said means for randomizing includes a selectively customized look-up table.
  - 6. The block cipher device of claim 1 wherein said key scheduler also includes a shift register responsive to the key data block.
  - 7. The block cipher device of claim 6 wherein said means for randomizing is responsive to said shift register.
  - 8. The block cipher device of claim 7 wherein the key scheduler comprises a combiner responsive to serial output from the shift register and serial output from the look-up table, the combiner serially combining the serial output from the shift register and the serial output from the look-up table using a modulo two summing operation, and the combiner adapted to provide a combined data output.
  - 9. The block cipher device of claim 8 wherein the key scheduler comprises a path between the combiner and the shift register allowing the combined output to be stored in the shift register.
  - 10. The block cipher device of claim 9 wherein the first key data block is derived from the contents of the shift register.
  - 11. The block cipher device of claim 10 wherein the second key data block is derived from the contents of the shift register using a modulo-two summing operation.
  - 12. The block cipher device of claim 1 wherein the first modulus is based on a fifth subset of the control data block.
  - 13. The block cipher device of claim 1 wherein the plurality of serially connected units of the second stage includes a non-invertible operation unit responsive to the output signal from the n^th power modulo unit, the non-invertible operation unit having a structure for discarding a portion of the output from the n^th power modulo unit.
  - 14. The block cipher device of claim 13 wherein the non-invertible operation unit provides an input for the second linear modulo unit.

15. A method for converting an initial data block into a final data block for use in encrypting and decrypting information in a communication system comprising the steps of:
- (a) providing an initial data block, a control data block, a first key data block and a second key data block;
  
  (b) combining the initial data block and the control data block to provide a first data output signal;
  
  (c) transposing segments of the first data output signal responsively to a first subset of the control data block to provide a second data output signal;
  
  (d) expanding the second data output signal responsively to a third subset of the control data block to provide a third data output signal;
  
  (e) re-ordering the third data output signal responsively to a fourth subset of the control data block to provide a fourth data output signal;
  
  (f) combining the fourth data output signal with a first key data block to provide a fifth data output signal;
  
  (g) performing an n^th power modulo operation using the fifth data output signal to provide a sixth data output signal;
  
  (h) combining a preselected portion of the sixth data output signal with a second key data block to provide a final data block.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 16. The method of claim 15 wherein the first key data block and second key data block are derived from a common key data block by the steps of:
    - (a) storing the key data block in a shift register;
      
      (b) providing a look-up table having a path to the shift register for modifying the contents of the look-up table;
      
      (c) serially queuing out and combining the content of the shift register and the content of the look-up table to provide a key scheduler output;
      
      (d) storing the key scheduler output in the shift register; and
      
      (e) repeating the steps of serially queuing out and combining, and storing the key scheduler.
  - 17. The method of claim 16 wherein the look-up table is customizable.
  - 18. The method of claim 17 wherein the first key data block at any point in time is a function of the shift register at that point in time.
  - 19. The method of claim 18 wherein the second key data block at any point in time is a function of the modulo-two sum of the key scheduler output stored in the shift register at that point in time.
  - 20. The method of claim 15 wherein n is greater than one.
  - 21. The method of claim 20 wherein step (h) includes the step of performing a modulo operation based on a modulus r.
  - 22. The method of claim 21 wherein the n^th power modulo unit uses a modulus p which is unique from the modulus r.
  - 23. The method of claim 22 wherein the modulus q is a function of a fifth subset of the control data block.
  - 24. The method of claim 22 wherein the modulus p=2^K -X with X selected so that the greatest common denominator between n and (p-1) is equal to 1 and K is the size of the sixth output signal.
  - 25. The method of claim 15 wherein step (f) includes the step of performing a modulo operation based on the modulus q.
  - 26. The method of claim 22 wherein step (f) includes the step of performing a modulo operation based on the modulus q.
  - 27. The method of claim 26 wherein modulus q is unique from the modulus p and the modulus r.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Harris Corporation (L3Harris Technologies, Inc.)
Original Assignee
Harris Corporation (L3Harris Technologies, Inc.)
Inventors
Kurdziel, Michael Thomas, Clements, Robert Paul
Primary Examiner(s)
Swann, Tod R.
Assistant Examiner(s)
Kabakoff, Stephen

Application Number

US09/035,765
Time in Patent Office

900 Days
Field of Search

380/28, 380/29, 380/37, 380/241
US Class Current

380/28
CPC Class Codes

H04L 2209/08   Randomization, e.g. dummy o...

H04L 2209/12   Details relating to cryptog...

H04L 2209/24   Key scheduling, i.e. genera...

H04L 9/0637   Modes of operation, e.g. ci...

Method and apparatus for data encryption

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

32 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for data encryption

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links