Cryptography – Key management – Having particular key generator
Patent
1995-06-02
1997-12-30
Cangialosi, Salvatore
Cryptography
Key management
Having particular key generator
380 43, 380 47, H04L 900
Patent
active
057039526
DESCRIPTION:
BRIEF SUMMARY
This invention relates a method and apparatus for generating a cipher stream. Embodiments of the invention may find use in enciphering or encrypting of digital messages, such as in telecommunications and computer communications systems.
In digital communication systems, such as broadband integrated systems digital networks (B-ISDN) it is often advantageous for digital messages transmitted thereon to be encrypted or enciphered such that a person intercepting the message is unable to ascertain its meaning. Therefore, at the sending site on the network a plain text message is, under control of an enciphering key, transformed into cipher text which is preferably unintelligible to anyone not having the secret deciphering key. At the legitimate receiving site on the network, the cipher text, is under control of the secret deciphering key, retransformed into the original plain text message. Cryptographic systems which operate in this way are commonly classified into block ciphers and stream ciphers.
Stream ciphers act by dividing the plain text into characters, each of which is enciphered utilising a time varying function whose time dependency is governed by the internal state of the stream cipher. The time varying function is produced by a key stream generator, which generates a digital cipher stream in accordance with key data which is kept secret. The key stream generator is constructed such that the cipher stream produced is a pseudo random bit stream which is cyclic, but has a period which is much greater than the length of key data provided. In a stream cipher, after each character that is enciphered, the device changes state according to a rule, such that two occurrences of the same character in the plain text message will usually not result in the same cipher text character.
The design of stream ciphers, and the criteria for their effective implementation is well documented, and may be found for example in: Northwood Book, London, 1982; Berlin, 1986; functions, Advances in Cryptology--Eurocrypt '89, Proceedings, Springer-Verlag, 549-562.
In summary, the security of a stream cipher depends on the "randomness" of the output cipher key stream. Assuming an interceptor (cryptoanalyst) has knowledge of the plaintext message, the cryptoanalyst may therefore have full access to the runing key stream. For the system to be secure, the cipher stream must be unpredictable: regardless of the number of cipher stream digits observed, the subsequent cipher stream digits must be no better predictable than by just randomly guessing them. This implies that it is unfeasible for the cryptanalyst to determine the true key as he would be able to reliably predict the cipher stream. A necessary requirement for unpredictability is a long period of the cipher stream. The period defines a linear recursion, thus knowing the value of the period and the first period of the cipher stream determines completely the remainder of the cipher stream. Finding the shortest non-linear feedback shift register able to produce a given sequence is in general a difficult task, however algorithms or methods do exist for doing so. Consequently, for the cipher stream to be unpredictable, it is necessary that its linear complexity (which is the length of the shortest linear feedback shift register able to produce the cipher stream) also be large. Unpredictability also requires that, independent of the preceding digit, the next key cipher digit appears to be drawn from a uniform distribution. Therefore the cipher stream necessarily must have uniform statistics, i.e. an equal distribution of single digits, of pairs, triples of digits, etc.
Finally, it is generally preferable that even with a large linear complexity the cipher stream not be even close to any predictable linear forms, i.e. the cipher stream should not be correlated to any linear form. Additionally, a factor which is not often considered in relation to stream ciphers is that of integrity of the cipher text. A message authentication code (MAC), determined from the content of the plain text mes
REFERENCES:
patent: 4145568 (1979-03-01), Ehrat
patent: 4145569 (1979-03-01), Ehrat
patent: 4860353 (1989-08-01), Brown
Golic, "Correlation via linear sequential circuit approximation of combiners with memory," Eurocrypt '92, Extended Abstracts (1992).
Lai et al., "A Fast Cryptographic Checksum Algorithm Based on Stream Ciphers," Auscrypt '92 Abstracts (1992).
Meier and Staffelbach, "Nonlinearity criteria for cryptographic functions," Proceedings of Eurocrypt '89 (1989).
Meier and Staffelbach, "Fast Correlation Attacks on Certain Stream Ciphers," Journal of Cryptology, vol. 1, 159-176 (1989).
Meier and Staffelbach, "Correlation Properties of Combiners with Memory in Stream Ciphers," Journal of Cryptology, vol. 5, 67-86 (1992).
Rueppel, "Analysis and Design of Stream Ciphers," Communications and Control Engineering Series, Eds. Fettweis et al., Springer-Verlag (1986).
Siegenthaler, "Correlation-immunity of nonlinear combining functions for cryptographic applications," IEEE Transactions on Information Theory, vol. 30, No. 5, 776-780 (1984).
Staffelbach and Meier, "Cryptographic Significance of the Carry for Ciphers Based on Integer Addition," Proceedings of Crypto '90 (1990).
Cangialosi Salvatore
Engellenner Thomas J.
Laurentano Anthony A.
Telstra Corporation Limited
LandOfFree
Method and apparatus for generating a cipher stream does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for generating a cipher stream, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for generating a cipher stream will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-210469