Cryptography – Particular algorithmic function encoding
Reexamination Certificate
1997-12-12
2001-07-10
Swann, Tod (Department: 2132)
Cryptography
Particular algorithmic function encoding
C380S030000, C713S189000
Reexamination Certificate
active
06259789
ABSTRACT:
COPYRIGHT NOTICE
A portion of the disclosure of this patent document contains material which is subject to copyright protection. The copyright owner has no objections to the reproduction by anyone of the patent disclosure as it appears in the United States Patent and Trademark Office records, but otherwise reserves all copyright rights whatsoever.
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates generally to a computer implemented device and method for cryptography and, more particularly relates to a computer implemented block cipher encryption method utilizing dynamic device keys and a digital signature.
2. Description of the Prior Art
The principal goal of encryption is to render communicated data secure from unauthorized eavesdropping. This is generally referred to as the “secrecy” or “confidentiality” requirement of cryptographic systems. A related requirement is the “authenticity” or “integrity” requirement, which ensures that the communicated information is authentic, i.e. that it has not been tampered with, either deliberately or inadvertently. For purposes of further discussion, some definitions are provided.
“Plaintext” is used to refer to a message before encrypting and after decrypting by a cryptographic system. “Ciphertext” is the form that the encrypted part of the message takes during transmission over a communications channel or within a computer memory storage device. “Encryption” is the process of transformation from plaintext to ciphertext. “Decryption” is the process of transformation from ciphertext to plaintext. Both encryption and decryption are controlled by keys. Without knowledge of the encryption key, a message cannot be encrypted, even with knowledge of the encrypting process. Similarly, without knowledge of the decryption key, the message cannot be decrypted, even with knowledge of the decrypting process.
Data encryption processes scramble plaintext data into ciphertext to prevent unauthorized access to the data. Decryption processes restore the plaintext from the ciphertext (encrypted data). Symmetric key encryption processes utilize the same key for encryption and decryption.
In order to ensure the integrity of the ciphertext, the encryption must be sufficiently complex to prevent unauthorized access to the encrypted data. Two current methods of cryptanalytic attacks, methods designed to break encryption processes, are linear and differential cryptanalysis. In linear cryptanalysis, linear approximations of the block cipher and key schedule used in the encryption process are constructed. Collected plaintexts and associated ciphertexts are used to exploit a bias in the encryption process and key schedule.
If the bias is very small many plaintexts and associated ciphertext pairs are used. This method tries different keys and eventually converges on the correct key. In differential cryptanalysis, pairs of ciphertexts whose plaintexts have particular differences are compared. The evolution of these differences as the plaintexts propagate through the rounds of the encryption process when they are encrypted with the same key are analyzed. Different probabilities are assigned to different keys. As more and more ciphertext pairs are analyzed, the method converges on the correct key. Both cryptanalytic attacks exploit the fact that existing symmetric key block cipher encryption processes use static keys to create the ciphertext.
Still other cryptanalytic attacks exploit the fact that current encryption processes use small key spaces and small block sizes. For certain key spaces and block sizes, current data storage technologies now make it possible to store all combinations of an encrypted block with an associated key for a chosen plaintext block. Thus, breaking the encryption process merely involves a quick look-up table. Accordingly, the present invention seeks to overcome the disadvantages associated with currently available encryption methods and create ciphertext which is very secure and substantially immune to known cryptanalytic attacks.
OBJECTS AND SUMMARY OF THE INVENTION
It is an object of the present invention to provide a computer implemented encryption device and method which is substantially immune to currently available cryptanalytic attacks using an object key comprised of data and methods which operate on the data.
It is another object of the present invention to provide a computer implemented block cipher encryption device and method using an object key which is dynamic, i.e., changing throughout the encryption process.
It is still a further object of the present invention to provide a computer implemented block cipher encryption device and method using a dynamic object key which is modified by a random session object key.
It is yet another object of the present invention to provide a computer implemented block cipher encryption device and method such that each input plaintext data block is encrypted using a new key schedule to create the ciphertext.
It is a further object of the present invention to provide a computer implemented encryption device and method which includes a digital signature appended to the ciphertext, the digital signature being unique to the data being signed.
It is yet another object of the present invention to provide a computer implemented encryption device and method using a secret key composed of two 2048-bit user object keys and 512-bit random session object key.
The present invention provides a computer implemented data encryption device and method utilizing object keys (consisting of data and methods that operate on the data), a large key space and a large block size. The object keys (K_OBJECT) are dynamic keys and are composed of a 4096-bit static initial state that is created by the user and a method that modifies the keys based on seeding from a random session object key (R_OBJECT). The key modification is performed for each input plaintext data block so that each data block is encrypted with a different key. The initial state of the object key is used in the block cipher encryption process to encrypt a 512-bit random session key. The random session object key is used as the initial state of the random session object key (R_OBJECT). The running states of the random session object key (R_OBJECT) seed the object key (K_OBJECT) modification methods. The object key's (K_OBJECT) running state provides an index for seeding of the random session object key's (R_OBJECT) modification method. The encryption process utilizes a 512-bit (64 byte) input block size.
The object key (K_OBJECT) is preferably composed of two 2048-bit sub-object keys (K
1
and K
2
). The two sub-object keys are used as inputs to an expansion function that provides 13584 bytes for the block's key schedule. Similar to the object key (K_OBJECT), the block's key schedule is regenerated anew for each plaintext input block.
The encryption process includes many linear and nonlinear-keyed operations. The keyed operations include addition, 32-bit sliding window rotation, bit-wise exclusive or, 8-bit by 8-bit substitution using different transverse counts for each substitution, byte transposition and bit transposition. All operations are nested and repeated multiple times.
The decryption process is identical to the encryption process with the exception that the keyed encryption operations on the data are run in reverse.
In order to authenticate an encrypted file, a digital signature is provided. To create the digital signature, the ciphertext is used as input into a 2048-bit object keyed one-way hash function to produce a 2048-bit digital signature that is appended to the ciphertext. The 2048-bit digital signature object key is seeded with the output of hash rounds. A third party or secured server can execute verification software that contains the user's secret digital signature key to regenerate the digital signature of the ciphertext that was signed and compare it to the signature that is appended to the ciphertext to determine if they match. The plaintext is not compromised and only the party that
Hoffmann & Baron , LLP
Kabakoff Stephen
Safecourier Software, Inc.
Swann Tod
LandOfFree
Computer implemented secret object key block cipher... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Computer implemented secret object key block cipher..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Computer implemented secret object key block cipher... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2479407