Cryptography – Communication system using cryptography – Time segment interchange
Reexamination Certificate
1997-02-25
2003-01-07
Barrón, Gilberto (Department: 2132)
Cryptography
Communication system using cryptography
Time segment interchange
C380S029000, C380S044000
Reexamination Certificate
active
06504930
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to an encryption method and encryption apparatus for encrypting a plain text, and a decryption method and decryption apparatus for decrypting a cipher text.
2. Description of the Related Art
It is conventionally known that information is encrypted in order to secure privacy for the information when communicating and recording. Information is encrypted into meaningless information and transferred or recorded in a recording medium. When the encrypted information is received, it is decrypted to get the original information.
There are two main encryption/decryption methods: a private key cryptosystem and a public key cryptosystem. In the private key cryptosystem, the same key is used for encryption and decryption. The encryption side and the decryption side have the same key in private. On the other hand, the public key cryptosystem uses different keys at the encryption side and the decryption side. The key used at the encryption side is open to the public whereas the key used at the decryption side is kept in private.
Known as a private key cryptosystem is the encryption/decryption algorithm specified in a Data Encryption Standard (DES), which is a standard encryption/decryption method in the United States. In the DES system, the encryption/decryption algorithm is open to the public and the ciphering strength is maintained just by a ciphering key. The reason why the encryption/decryption algorithm is made public is that it is expected that a vast amount of calculation is required for decryption without the ciphering key even when the algorithm is known and the calculation will need more than some hundred or thousand years with the use of a high-speed calculation unit.
Encryption is basically performed by a combination of transposition, which changes the sequence of characters, and substitution, which replaces a character with another character according to a specified rule. An encryption/decryption algorithm and a ciphering key indicate how the sequence of characters are changed and which character is replaced with which character.
Various encryption/decryption systems superior in security and speed have been developed in addition to the DES system. For example, an encryption/decryption system (MULTI
2
system) disclosed in the U.S. Pat. No. 4,982,429 and No. 5,103,479 and the Japanese Unexamined Patent Publication No. 1-276189 is known.
The International Standardization Organization (ISO) also specifies an encryption system in ISO 9979/0009 and an encryption-use mode in ISO/IEC 10116.
In the MULTI
2
encryption system, an input data is 64 bits long and an output data is also 64 bits long. A 256-bit work key used for encryption is generated by a 256-bit system key and a 64-bit data key. The number of encryption stages is a positive integer.
FIG. 12
shows an outlined configuration of the encryption algorithm in the MULTI
2
system. As shown in
FIG. 12
, a 256-bit work key Kw is generated in the encryption algorithm with the use of a 64-bit data key Ks and a 256-bit system key J. This operation is called a key schedule processing and is conducted by an encryption-algorithm executing means C. The generated work key Kw is supplied to an encryption-algorithm executing means F to encrypt an input 64-bit-blocked plain text. The same encryption algorithm can be conducted by the encryption-algorithm executing means C and the encryption-algorithm executing means F.
The basic encryption algorithm of the MULTI
2
system has been described above. The original plain text may be found by calculating the distribution of frequencies of characters or words that appear in statistical processing in advance and by computing a matching condition of the frequency distribution and that of character-string patterns in the obtained ciphered text.
There is a mode of operation in which a cipher text is generated by calculating logical exclusive OR between a 64-bit encrypted block and a 64-bit data block to be input next. This encryption mode is called a cipher block chaining (CBC) mode. The encryption-algorithm executing means F performs a CBC-mode encryption/decryption algorithm.
In a communication system in which a data unit used for communication is determined in advance, such as a packet communication, when a block encryption system employing a block having 64 bits is used and a data unit which cannot be divided by the number of bits in one block is input, there appears a fractional data having less than the number of bits in one block. This fractional data is handled in an output feedback (OFB) mode.
Fractional data, if any, is supplied to an encryption-algorithm executing means G and encrypted with the use of random numbers generated by using the work key Kw in the OFB mode. With this configuration, when one block has 64 bits, data having less than one block's worth of bits is encrypted and a cipher text is obtained. The CBC mode and OFB mode are called encryption-use modes.
FIG. 13
shows an outlined configuration of the decryption algorithm in the MULTI
2
system. As shown in
FIG. 13
, a 256-bit work key Kw is generated in an encryption algorithm with the use of a 64-bit data key Ks and a 256-bit system key J. The work-key generation is performed in a key schedule processing in which the same encryption algorithm as that used in the encryption side is used. The encryption algorithm is conducted by an encryption-algorithm executing means c. The generated work key Kw is supplied to a decryption-algorithm executing means f to decrypt an input 64-bit cipher text.
In this decryption algorithm, transposition and substitution in the encryption algorithm performed in the encryption-algorithm executing means F is conducted in the reverse order.
Cipher text encrypted in the OFB mode is supplied to an encryption-algorithm executing means g and decrypted with the use of random numbers generated by using the work key Kw. With this configuration, a 64-bit one-block cipher text is decrypted and the original 64-bit one-block plain text is obtained. The decryption-algorithm executing means f performs a CBC-mode decryption algorithm.
Encryption-use modes will be described below by referring to
FIGS. 14A and 14B
.
FIG. 14A
shows an outlined configuration of encryption and decryption in the CBC mode and
FIG. 14B
illustrates an outlined configuration of encryption and decryption in the OFB mode.
In the CBC mode, as shown in
FIG. 14A
, the i-th plain-text block M(i) is input to a logical exclusive OR circuit
101
and is exclusive-ORed with the one-block-before cipher-text block C(i−1) which is delayed and fed back by a register (REG)
103
. The exclusive ORed data is encrypted by an encryption-algorithm executing means
102
with the use of the work key generated according to the data key Ks. The encrypted i-th cipher block C(i) is expressed as follows:
C
(
i
)=
EKs
(
M
(
i
).
EOR. C
(
i−
1))
where EKs(m) indicates that m is encrypted with Ks and EOR indicates logical exclusive OR operation.
The cipher-text block C(i) is transmitted and received by the receiving side. The received cipher-text block C(i) is decrypted by a decryption-algorithm executing means
111
with the use of the work key generated according to the data key Ks, and is supplied to a logical exclusive OR circuit
113
. The one-block-before cipher-text block C(i−1) which is delayed by a register (REG)
112
is input to the logical exclusive OR circuit
113
and logical exclusive OR between the two inputs is calculated. In this case, the same data key Ks is used both in the transmitting side and receiving side. The i-th plain-text block M(i) is obtained from the logical exclusive OR circuit
113
. The i-th plain-text block M(i) is expressed as follows:
M
(
i
)=
DKs
(
C
(
i
).
EOR.C
(
i−
1))
where DKs(c) indicates that c is decrypted with Ks.
In the OFB mode, the i-th plain-text block M(i) is input to a logical exclusive OR circuit
105
. The output of an encryption-algorithm executing means
104
, which is converte
Barrón Gilberto
Frommer William S.
Frommer & Lawrence & Haug LLP
Meislahn Douglas J.
Savit Glenn F.
LandOfFree
Encryption and decryption method and apparatus using a work... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Encryption and decryption method and apparatus using a work..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Encryption and decryption method and apparatus using a work... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3043204