Cryptography – Communication system using cryptography – Time segment interchange
Reexamination Certificate
1998-11-23
2002-12-03
Peeso, Thomas R. (Department: 2132)
Cryptography
Communication system using cryptography
Time segment interchange
C380S278000, C380S281000
Reexamination Certificate
active
06490353
ABSTRACT:
This invention relates to data encrypting and decrypting apparatus and to data encrypting and decrypting methods. It relates particularly but not exclusively to cryptographic systems which use variable keys, systems which use variable length data blocks, and systems which use variable encrypting and decrypting algorithms.
BACKGROUND OF THE INVENTION
Cryptography typically involves converting data from an understandable form into an encrypted form which cannot be understood by persons other than the intended recipient, and transmitting the data to the recipient who deciphers the data. It is useful in many applications, including confidential business communications, Internet commerce, military intelligence, and electronic financial services. In each of these applications, it is essential that communications be secure against eavesdropping and unauthorised access.
Encryption of data is usually accomplished by applying an algorithm to that data, and decryption is accomplished by applying the inverse of that algorithm. In many cases, the encryption step involves a “pass phrase” or key, which is combined with the data according to the algorithm to create the encrypted message, so that it is necessary for the recipient to know both the key and the inverse algorithm in order to decrypt the message.
Cryptography typically serves two purposes. One of these is to ensure that only the intended recipient receives a secret message. This is accomplished by ensuring that only the intended recipient has the key and inverse algorithm necessary to decrypt the message. The other purpose is “message authentication”, which provides assurance to the recipient that the message really did come from the sender. This is accomplished by ensuring that only the sender has the key and algorithm necessary to encrypt messages which make sense when decrypted by the key and inverse algorithm.
One common form of cryptography is public key cryptography, as described in U.S. Pat. Nos.4,218,582 and 4,200,770 by Martin E Hellman, Bailey W Diffie and Ralph C Merkle. This involves finding a pair consisting of an algorithm and an inverse algorithm, for which it is impossible (or “computationally infeasible”) to determine the inverse algorithm from the original algorithm. One set of such algorithm/inverse pairs is known as the RSA algorithm and is described in U.S. Pat. No. 4,405,829 by Ronald L Rivest, Adi Shamir and Leonard M Adleman. The person who creates the algorithm/inverse pair distributes the algorithm publicly but keeps the inverse secret. Anyone can then send a secret message to that person by encrypting the message with the algorithm (or “public key”). Only the person with the inverse algorithm (or “secret key”) can decrypt any such message. Conversely, message authentication can be achieved if the person encrypts a message with the secret key. Any other person can use the public key to decrypt the message and confirm that it came from the secret key holder.
Public key cryptography is susceptible to “spoofing”, in which a person pretends to be someone else, and sends out a public key under that other person's name. Moreover, because the algorithm/inverse pairs tend to be complex, this method of cryptography typically requires considerable computing resources and is comparatively slow.
Another common type of cryptography is known as DES. This is a block cipher which is the US Data Encryption Standard. A block cipher involves partitioning the message into blocks, perhaps with some padding to fill out the final block, and then encrypting and transmitting each block. DES uses a 64-bit block with a 56-bit key. DES is one of many different types of secret key cryptography, which depends upon the secret key being sent by a secured channel from the transmitter to the receiver so that it is kept secret from the rest of the world.
There are various different ways in which a person may attempt to break an encryption code without first having had access to the key and/or algorithm. One of these approaches is known as the “codebook attack”, and it involves building a codebook of all possible transformations between original message text and encrypted data. This approach can work if there are patterns in the encrypted data which correspond with patterns in the message text. A codebook attack can in some instances be effective against DES cryptography.
SUMMARY AND OBJECTS OF THE INVENTION
An object of the present invention is to provide a new cryptographic method. Another object is to provide a cryptographic method which is less computationally intensive than methods based on current methods like the DES and RSA algorithms. Another object is to provide a cryptographic method which is more secure and flexible. Another object is to facilitate the transmission of data securely in real time with minimum delay or latency.
According to a first aspect of the invention, a method of encrypting data includes the following steps:
(a) creating or selecting a master key;
(b) segmenting the data into data blocks of equal or variable lengths;
(c) for each data block selecting a sub-key of arbitrary starting position and of matched or unmatched length from the master key; and
(d) encrypting each data block using its sub-key and a selected or associated encryption algorithm.
When an encrypted message is to be sent to a recipient, it is preferred that the master key be kept secret and provided to the recipient by a secured channel. However, this is not essential, as the master key can be public if the sub-keys or sub-key selection process are kept secret.
The master key may be created or selected in any suitable manner. It may consist of a pass phrase, or it may be generated from a pass phrase according to an algorithm which is available to both message sender and receiver.
The master key or pass phrase may also be a file or file series—text, graphic, image, audio, movie, multimedia or any binary file. Where the master key is a binary file, the file may be one that is in private, restricted, limited or closed distribution. This file might be a file that is linked to a user or group, such as a binary file containing finger-print, voice, image or other user-specific and/or user property information.
In cases where the binary file is readily and publicly available, it may be in the form of a public key or pass phrase, as described above. It can also be a multimedia file, containing data for a movie, video, image, audio, graphics, or a large text file or a non-alphabetic-based language file (e.g. Japanese, Chinese, Middle Eastern, etc.) represented in a format that is readable to the system. The binary file can also be a common file that is part of the operating system or an application program.
Binary files of these types, although easily accessible, typically are large in volume (Kbyte to Mbytes). They can be downloaded from a site on the network or transferred via some other means, secured or otherwise. This downloading might be done on a periodic basis—monthly, weekly, daily or even hourly, or aperiodically, as and when needed.
The master key, if added security be needed, can be amended or replaced in the midst of its use. This event might be triggered by an algorithm.
The step of segmenting data into blocks may involve separating the data into equally-sized blocks, as occurs in the DES method, or it may involve separating the data into data blocks of variable arbitrary length. The use of variable length data blocks is preferred because it increases the degree of difficulty in attacking the encryption system, particularly if the length of each data block when encrypted bears no relationship to the length of the data block before encryption.
Sub-keys may all be of the same length, but it is preferred for the sake of maximising security that they be of variable length. They may be a selection of contiguous bits from the master key, or they may comprise non-contiguous bits determined according to a pre-arranged pattern, such as every second bit from the sub-key start position, or skipping every third byte, etc. It is preferred for the s
Baker & Botts LLP
Peeso Thomas R.
LandOfFree
Data encrypting and decrypting apparatus and method does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Data encrypting and decrypting apparatus and method, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Data encrypting and decrypting apparatus and method will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2974832