Device for and method of cryptographically wrapping information

US 7,092,524 B1
Filed: 11/15/2002
Issued: 08/15/2006
Est. Priority Date: 11/15/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method of cryptographically wrapping information, comprising the steps of:

(a) if the information is not an even multiple of y bits then padding the information to a length that is an even multiple of y bits;

(b) parsing the result of step (a) into P₁, P₂, . . . , P_n, where P_ihas a length of y bits for i=1,(c) setting R_i=P_i, where i=1, 2, . . . , n, where n is equal to the length of the information divided by y;

(d) setting A equal to a user-definable initialization vector IV, where IV has a length equal to y;

(e) setting j=0;

(f) setting i=1;

(g) setting t to a user-definable value;

(h) combining A and R_i;

(i) encrypting the result of step (h) using an encryptor that puts out 2y bits;

(j) forming a first user-definable set of y bits and a second user-definable set of y bits from the result of step (i) in an invertible manner;

(k) setting R_iequal to the first user-definable set of y bits;

(l) combining the second user-definable set of y bits with t using a user-definable function;

(m) setting A equal to the result of step (l);

(n) if i=n then incrementing j and reset i=1, otherwise incrementing i; and

(o) if j is equal to a user-definable number then returning A, R₁, R₂, . . . , R_nas the cryptographically wrapped information and stopping, otherwise returning to step (g).

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device for and method of cryptographically wrapping information by first constructing information to be wrapped into an even multiple of y bits. Information to be wrapped is parsed into equal blocks P₁, P₂, . . . , P_n. Next, registers R_iare loaded with the blocks P_i. Next, an initialization vector IV is stored into a register A. Set j=0. Set i=1. Set t=(n×j)+i. Concatenate A and R_i. Encrypt the result of the last step to form 2y encrypted bits. Divide the encrypted bits into a first set of y bits and a second set of y bits. Set R_iequal to the first set. Combine the second set with t using a user-definable function. Set A equal to the combination. If i=n then increment j and reset i=1; otherwise, increment i. If j is equal to a user-definable number then return A, R₁, R₂, . . . , R_nas the cryptographically wrapped information and stop. Otherwise, return to the step where t is set.

30 Citations

View as Search Results

16 Claims

1. A method of cryptographically wrapping information, comprising the steps of:
- (a) if the information is not an even multiple of y bits then padding the information to a length that is an even multiple of y bits;
  
  (b) parsing the result of step (a) into P₁, P₂, . . . , P_n, where P_ihas a length of y bits for i=1,(c) setting R_i=P_i, where i=1, 2, . . . , n, where n is equal to the length of the information divided by y;
  
  (d) setting A equal to a user-definable initialization vector IV, where IV has a length equal to y;
  
  (e) setting j=0;
  
  (f) setting i=1;
  
  (g) setting t to a user-definable value;
  
  (h) combining A and R_i;
  
  (i) encrypting the result of step (h) using an encryptor that puts out 2y bits;
  
  (j) forming a first user-definable set of y bits and a second user-definable set of y bits from the result of step (i) in an invertible manner;
  
  (k) setting R_iequal to the first user-definable set of y bits;
  
  (l) combining the second user-definable set of y bits with t using a user-definable function;
  
  (m) setting A equal to the result of step (l);
  
  (n) if i=n then incrementing j and reset i=1, otherwise incrementing i; and
  
  (o) if j is equal to a user-definable number then returning A, R₁, R₂, . . . , R_nas the cryptographically wrapped information and stopping, otherwise returning to step (g).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein said step of padding the information to a length that is an even multiple of y bits is selected from the group of padding steps comprising padding with zeros, padding with ones, padding with a random number, padding with a predetermined string of ones and zeros, padding a first end of the information, padding a second end of the information, padding within the information, and any combination thereof.
  - 3. The method of claim 1, wherein said step of padding the information to a length that is an even multiple of y bits is comprised of the step of padding the information to a length that is an even multiple of y bits, where y is 64.
  - 4. The method of claim 1, wherein said step of combining A and R_iis comprised of the step of concatenating A and R_iso that A constitutes high order bits and R_iconstitutes low order bits.
  - 5. The method of claim 1, wherein said step of setting t to a user-definable value is comprised of the step of setting t=(n×
    - j)+i.
  - 6. The method of claim 1, wherein said step of encrypting the result of step (h) using an encryptor that puts out 2y bits is comprised of the step of encrypting the result of step (h) using the Advanced Encryption Standard.
  - 7. The method of claim 1, wherein said step of forming a first user-definable set of y bits and a second user-definable set of y bits from the result of step (i) is comprised of forming a first user-definable set of the 64 least significant bits and a second user-definable set of 64 most significant bits from the result of step (i).
  - 8. The method of claim 1, wherein said step of combining the second user-definable set with t using a user-definable function is comprised of the step of combining the second user-definable set with t using a user-definable function selected from the group of functions comprising a bit-wise exclusive-or function, a modular addition function, and a modular subtraction function.
  - 9. The method of claim 1, wherein said step of returning A, R₁, R₂, . . . , R_nas the cryptographically wrapped information and stopping if j is equal to a user-definable number is comprised of the step of returning A, R₁, R₂, . . . , R_nas the cryptographically wrapped information and stopping if j is equal to 6.

10. A method of cryptographically unwrapping cryptographically wrapped information, comprising the steps of:
- (a) parsing the wrapped information into C₀, C₁, . . . , C_n, where C_ihas a length of y bits, where y is the same as that used in forming the wrapped information;
  
  (b) setting R_i=C_i, where i=1, 2, . . . , n, where n is the same as that used in forming the wrapped information;
  
  (c) setting A=C₀;
  
  (d) setting j=k−
  
  1, where k is the same as a user-definable number used to form the wrapped information;
  
  (e) setting i=n;
  
  (f) setting t to the same value of t used to form the wrapped information;
  
  (g) combining A with t using a function that is the inverse of a function used to combine corresponding values to form the wrapped information;
  
  (h) combining the result of step (g) and R_iin a manner that is the inverse of a method used during the wrapping of the information to form two user-definable sets of y bits;
  
  (i) decrypting the result of step (h), using the inverse function of an encryptor used to form the wrapped information;
  
  (j) forming a first user-definable set of y bits and a second user-definable set of y bits from the result of step (i) in a manner that is the inverse of that to combine A and R_ito form the wrapped information;
  
  (k) setting R_iequal to the first user-definable set of y bits;
  
  (l) setting A equal to the second user-definable set of y bits;
  
  (m) if j=0, i=1, and A=IV used to form the wrapped information then returning R₁, R₂, . . . , R_nas the unwrapped information and stopping, otherwise proceeding to the next step;
  
  (n) if j=0, i=1, and A is not equal to IV then returning an error message and stopping, otherwise, proceeding to the next step; and
  
  (o) if i=1 then decrementing j and returning to step (e), otherwise decrementing i and returning to step (f).

11. A device for cryptographically wrapping information, comprising:
- (a) a first register A, having a first y-bit input, a second y-bit input, and a y-bit output;
  
  (b) n registers R₁, R₂, . . . , R_n, connected as a shift-register, where each of the n registers R₁, R₂, . . . , R_nhas a first y-bit input, a second y-bit input, and a y-bit output;
  
  (c) a combiner, having a first input connected to the output of the first register A, having a second input connected to the output of register R₁;
  
  (d) an encryptor, having a first input connected to the output of the combiner, having a second input, and having a 2y-bit output configured as a first y-bit output bus connected to the second input of register R_nand a second y-bit bus; and
  
  (e) a function block, having a first input connected to the second y-bit output bus of the encryptor, having a second input for receiving a y-bit user-definable value T, and having a y-bit output connected to the second input of the first register A.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The device of claim 11, wherein y is 64.
  - 13. The device of claim 11, wherein the combiner is a concatenator.
  - 14. The device of claim 11, wherein the encryptor is the Advanced Encryption Standard, having the a first 64-bit output bus that carries the least significant bits of the output of the combiner and a second 64-bit bus that carries the most significant bits of the output of the combiner.
  - 15. The device of claim 11, wherein the function block is a function block selected from the group of function blocks comprising a bit-wise exclusive-or function block, a modular adder, and a modular subtractor.

16. A device for cryptographically unwrapping cryptographically wrapped information, comprising:
- (a) a first register A, having a first y-bit input, where y is the same as that used to form the wrapped information, a second y-bit input, and a y-bit output;
  
  (b) n registers R₁, R₂, . . . , R_n, connected as a shift-register, where each of the n registers has a first y-bit input, a second y-bit input, and a y-bit output;
  
  (c) a function block, having a first input connected to the output of the first register A, having a second input, and having a y-bit output that performs an inverse function of a function block used to form the wrapped information;
  
  (d) a combiner, having a first input connected to the output of the function block, having a second input connected to the y-bit output of register R_n, and having a 2y-bit output, where the combiner performs an inverse function of a combiner used to form the wrapped information; and
  
  (e) a decryptor that performs the inverse of an encryptor used to form the wrapped information, having a first input connected to the output of the combiner, having a second input for receiving a decryption key that will invert an encryption process used to form the wrapped information, and having a 2y-bit output configured as an output of the encryptor used to form the wrapped information having a first y-bit bus connected to the input of register R₁and a second y-bit bus connected to the input of the first register A.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
National Security Agency
Original Assignee
The United States of America As Represented By The Director National Security Agency
Inventors
Timmel, Paul Stephen
Primary Examiner(s)
Moise, Emmanuel L.
Assistant Examiner(s)
Gelagay, Shewaye

Application Number

US10/299,094
Time in Patent Office

1,369 Days
Field of Search

380/22
US Class Current

380/28
CPC Class Codes

H04L 2209/12   Details relating to cryptog...

H04L 2209/20   Manipulating the length of ...

H04L 9/0631   Substitution permutation ne...

Device for and method of cryptographically wrapping information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

30 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Device for and method of cryptographically wrapping information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links