Cryptography – Particular algorithmic function encoding
Reexamination Certificate
1998-04-13
2001-07-24
Hayes, Gail (Department: 2131)
Cryptography
Particular algorithmic function encoding
C380S037000, C380S270000, C380S247000, C455S410000, C455S411000
Reexamination Certificate
active
06266411
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates generally to wireless telephone cryptography. More particularly, the invention relates to an improved security cryptosystem for rapid and secure encryption in a wireless telephone system.
BACKGROUND OF THE INVENTION
Wireless telephony uses messaging for several purposes including, for example, conveying status information, reconfiguring operating modes, handling call termination, and conveying system and user data such as a subscriber's electronic serial number and telephone number, as well as conversations and other data transmitted by the user. Unlike ordinary wire telephony, in which a central serving station is connected to each subscriber by wire, thus ensuring a fair degree of protection from eavesdropping and tampering by an unauthorized party (attacker), wireless telephone serving stations (i.e., base stations) must transmit and receive messages via signals over the air, regardless of the physical location of the subscribers.
Because the base station must be able to send and receive messages to and from a subscriber anywhere, the messaging process is wholly dependent on signals received from and sent to the subscriber equipment. Because the signals are transmitted over the air, they can be intercepted by an eavesdropper or interloper with the right equipment.
If a signal is transmitted by a wireless telephone in plaintext, a danger exists that an eavesdropper will intercept the signal and use it to impersonate a subscriber, or to intercept private data transmitted by the user. Such private data may include the content of conversations. Private data may also include non-voice data transmitted by the user such as, for example, computer data transmitted over a modem connected to the wireless telephone, and may also include bank account or other private user information transmitted typically by means of keypresses. An eavesdropper listening to a conversation or intercepting non-voice data may obtain private information from the user. The message content of an unencrypted telephone signal (i.e., plaintext signal) is relatively easily intercepted by a suitably adapted receiver.
Alternatively, an interloper can interject himself into an established connection by using a greater transmitting power, sending signals to the base station, and impersonating a party to the conversation.
In the absence of applying cryptography to messages being transmitted by wireless signals, unauthorized use of telephone resources, eavesdropping of messages, and impersonation of called or calling parties during a conversation are possible. Such unauthorized interloping and/or eavesdropping has in fact proven to be a grave problem and is highly undesirable.
The application of cryptography to wireless telephone applications offers a solution to the security problems discussed above, but the application of standard cryptography methods to wireless telephony has encountered significant difficulties due to the computationally-intensive nature of these methods. Specifically, these methods are subject to the constraints imposed by the desire to furnish a small wireless handset and the constraints on processing power imposed by the small size of the handset. The processing power present in typical wireless handsets is insufficient to handle the processing requirements of commonly known cryptographic algorithms such as DES (Data Encryption Standard). Implementing such a commonly known cryptographic algorithm in a typical wireless telephone system would potentially increase the time needed to process signals (i.e., encrypt and decrypt), thereby causing unacceptable delays for subscribers.
One cryptographic system for wireless telephony is disclosed in Reeds U.S. Pat. No. 5,159,634 (“Reeds”), incorporated herein by reference. Reeds describes a cryptographic system incorporated in a cryptographic algorithm known as the Cellular Message Encryption Algorithm (CMEA) process. There exists a desire to substantially improve this and other presently existing cryptographic systems for wireless telephony consistent with the resources available in this context.
SUMMARY OF THE INVENTION
The present invention advantageously addresses this and other desires. In one method according to the present invention, first and second CMEA keys are generated. Plaintext is introduced, and subjected to a first input transformation to produce a first input transformed message. The first input transformed message is processed by a first iteration of a CMEA process using the first CMEA key to produce a first intermediate ciphertext. This first intermediate ciphertext is subjected to a first output transformation to produce a first output transformed message. The first output transformed message is subjected to a second input transformation to produce a second input transformed message. The second input transformed message is processed by a second iteration of the CMEA process using the second CMEA key to produce a second intermediate ciphertext. The second intermediate ciphertext is subjected to a second output transformation to produce a second output transformed message. According to another aspect of the present invention, the first and second iterations of the CMEA process employ tbox functions with inputs permuted by secret offsets. According to another aspect of the present invention, the plaintext may be processed by first and second iterations of the CMEA process using first and second CMEA keys, without being subjected to input and output transformations. Encrypted text may be suitably decrypted according to the teachings of the present invention by introducing ciphertext and reversing in order and inverting the steps applied to encrypt plaintext.
An apparatus according to the present invention generates text and supplies it to an I/O interface which identifies it as generated text and supplies the text and the identification to an encryption/decryption processor, which in turn encrypts the text and supplies it to a transceiver for transmission. When the apparatus receives a transmission via the transceiver, the transmission is identified as incoming ciphertext, and the ciphertext and identification are supplied to the encryption/decryption processor which decrypts the ciphertext and supplies it as text to the I/O processor for routing to its destination. In a preferred embodiment, this apparatus is integrated into a wireless phone utilizing a standard microprocessor and memory consistent with those presently typically employed in such phones.
REFERENCES:
patent: 5003597 (1991-03-01), Merkle
patent: 5159634 (1992-10-01), Reeds, III
patent: 5438622 (1995-08-01), Normile et al.
patent: 5594797 (1997-01-01), Alanara et al.
patent: 6075859 (2000-06-01), Rose
Schneier, Bruce, “Applied Cryptography: Protocols, Algorithms, and Source Code in C”, 10/1995, pp. 183, 270-273, 294-295 and 357.*
TR45.3 Appendix A to IS-54 Rev. B Dual-Mode Cellular System. pp. 1-25. Feb. 1992.*
Counterpane Labs. “Flaw in Cell Phone Encryption Identified; Design Process Blamed”. pp. 1-3. Mar. 1997.*
Wagner et al. “Cryptoanalysis of the Cellular Message Encryption Algorithm”. pp. 1-12, Aug. 1997.*
Schneier, Bruce, Applied Cryptography: Protocols, Algorithms, and Source in C. Oct. 1995. pp. 316-318, 362-363, 366-367.
Etzel Mark H.
Frank Robert John
Heer Daniel Nelson
McNelis Robert Joseph
Mizikovsky Semyon B.
Hayes Gail
Lucent Technologies - Inc.
Song Ho S.
LandOfFree
Method and apparatus for multiple-iteration CMEA encryption... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for multiple-iteration CMEA encryption..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for multiple-iteration CMEA encryption... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2497083