Cryptography – Communication system using cryptography – Time segment interchange
Reexamination Certificate
1999-08-24
2004-11-16
Smithers, Matthew (Department: 2137)
Cryptography
Communication system using cryptography
Time segment interchange
C380S043000
Reexamination Certificate
active
06819764
ABSTRACT:
BACKGROUND OF THE INVENTION
This invention relates to a data processor, a communication system and a recording medium.
Encryption in data transmission is generally performed due to recent progresses in computers and a communication technology. There have been available a public key cryptosystem and a secret key cryptosystem and the DES encryption system is widely accepted as the secret key cryptosystem.
FIGS. 1A
to
1
C are block diagrams for illustrating the DES encryption system.
In encryption under the DES system, data which are created by applying initial transposition IP to a plain text is further subjected to processing through round functions 16 times. Subsequently, the data which have been subjected to the round function processing receives inverse transposition Ip
−1
which is inversion of the initial transposition, thereby producing a cipher text. Herein, the processing through round functions are executed by providing the round functions with extended keys generated from an original key.
That is, an encryption device adopted in the DES system is mainly constructed of a data randomize section in which data as an object to be encrypted through numerous round functions are randomized and a key conversion section which provides the round functions of the data randomize section with extended keys.
On the other hand, decryption in the DES system is achieved in such a manner that data as an object to be decrypted are subjected to processing through round functions in the order reverse in the encryption as shown in FIG.
1
B. Therefore, extended keys supplied from the key conversion section are generated in the reverse order in which the keys are used in the encryption starting with a key used in the last round function in the encryption.
A first advantage of the DES system is that a considerable part of encryption circuitry is commonly adopted in decryption. That is, round functions for encryption and decryption used in the data randomize section are the same between both processing only with the exception that the order of use of the functions are reversed as shown in
FIGS. 1A and 1B
.
A second advantage of the DES system is that only one key is always an object of management since the same secret key is used in both ways of encryption and decryption. In the DES system, the following processing is performed in the key conversion section so that extended keys can be generated in the reverse order using the only one key.
That is, in a case of the encryption, the secret key receives a left rotate shift to generate extended keys. At this point, the extended keys can be generated in the reverse order by designating the sum of shifts to a given value. That is, in the decryption, the secret key is only required to be subjected to a right rotate shift to generate the extended keys. Thereby, the last extended key in the encryption and the first extended key in the decryption are the same.
However, in the DES system described above has a problem as follows:
Processing in the key conversion section, first, includes a left rotate shift in encryption and a right rotate shift in decryption, which are different in terms of processing, and therefore, the same circuitry cannot be shared in function between encryption and decryption devices in the key conversion section. That is, when an encryption/decryption device for encrypting and decrypting data is constructed as an actual device, part of the circuitry which is commonly used in both of encryption and decryption is not necessarily much enough. Hence, the overall scale of the encryption/decryption device cannot be constructed to be sufficiently small.
Then, since in the DES system, processing in the key conversion section is performed only through transposition, a security problem arises from the fact that there is an encryption key with a weak security, which is generally called a weak key. In addition, since the processing in the key conversion section is not non-linear, contribution of the processing to the cryptographic robustness of an extended key thus generated cannot be so large. Non-linear part of the DES system is limited to part called as an S-box in a function f in a round function shown in FIG.
1
C.
Accordingly, there has been desired a cryptosystem in which extended keys generated from the key conversion section sufficiently contribute to cryptographic robustness.
On the other hand, in order to eliminate a weak point of the key conversion section such as a weak key associated with the DES system, oneway function such as a hash function has been employed in the key conversion section as trial. For example, FEAL calculates extended keys which the data randomize section requires in a case where oneway function is used for the conversion.
While the FEAL is more secure in that no weak keys are not present in the system, extended keys cannot be generated in the reverse order as in the DES system since oneway function is adopted in the key conversion section. Therefore, in order to enable decryption in the FEAL, all kinds of extended keys which can be achieved from a secret key are once generated in the key conversion section same as used for encryption to store them in a buffer. Then, the extended keys already stored in the buffer is retrieved in the order reverse to the order of generation and decryption is thus completed.
In such a way, however, another problem arises since storage of the extended keys requires an increase in the cost, that is, an increase in memory requirement. Besides, thus generated extended keys not only increases a memory requirement, but requires an additional management cost of numerous keys, though temporarily. Furthermore, due to a time period required for key extended conducted in advance in decryption, a time required for decryption is problematically long.
In conventional techniques, as described above, if extended keys are generated in the reverse order, the scale of a secret key encryption device cannot sufficiently be compact and in addition security is deteriorated. On the other hand, if security is desired to be increased, extended keys cannot be generated in the reversed order and thereby not only is a memory resource is largely required, but there arises a necessity for management of numerous keys and a processing time period is extended, which has led to a problem.
BRIEF SUMMARY OF THE INVENTION
The present invention has been made in light of such circumstances and accordingly it is an object of the present invention to provide a data processor, a communication system and a recording medium whereby the scale of a secrete key encryption device can be small, security of a key is increased and further, key management can be made easy.
The essence of the present invention is not only to employ an involution function in which conversion and inverse conversion are same for generation of an extended key, but also to enable generation of an extended key in a reverse order by using the involution function in a reverse order based on a decryption key in decryption which key is a result of processing a encryption key in a key conversion section.
According to the present invention, since there is no limitation on a function to be employed in the key conversion section with the exception that an original key is converted by using an involution function and further it is not necessary for an encryption key and a decryption key to be same, there is only very little limitation imposed on functions which can be employed in the key conversion section. Hence, it is possible that functions by which extended keys with high security are generated are selected and the key conversion section can be constructed of such functions. Besides, since an extended key can be generated from a decryption key in a reverse order, the same key conversion section can be employed in encryption and decryption, which entails a smaller scale of a device circuit.
Further, by employing an asymmetric key in a secrete key cryptosystem through a crucial change, the present inventors have reached the present invention.
Encryptio
Sano Fumihiko
Shimizu Hideo
LandOfFree
Data processor, communication system and recording medium does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Data processor, communication system and recording medium, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Data processor, communication system and recording medium will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3349756