Showing papers on "40-bit encryption published in 1990"

Computer software encryption apparatus

Abstract: Data security is provided using an encryption/decryption algorithm which attaches at the primitive BIOS level of the operating system automatically during the power-on self-test routines. The encryption/decryption process is implemented by intercepting the removable media or floppy diskette interrupt in order to add additionasl interrupt ahandling routing instructions which perform the encryption and decryption of data passed between the diskette controller and the data transfer buffer area within system RAM. Bitwise alteratio of the data in a predefined relationship is used to encrypt and decrypt. The encryption/decryption system sttaches before the computer power-up sequence renders data entry hardware active, hence the user cannot readily override the secrity system. Data stored on nonremovable media such as hard disk media is not encrypted, thereby preserving the integrity of more permanent data.

Encryption of streams of addressed information to be used for program code protection

Abstract: An encryption method is taught which chooses certain bytes of data, stored in a particular on-chip memory, as encryption keys. These chosen bytes are used to encrypt themselves, and all of the remaining data in the above mentioned particular memory. The chosen bytes do not have values specifically assigned for encryption, they are merely chosen, according to a rule, from the body of data to be encrypted. When this technique is implemented, each byte of data, stored in the mentioned memory, is combined (for example using an exclusive NOR gate) with one of the designated encryption key bytes prior to disclosure. The user is not required to provide, program, or safeguard a set of key bytes separately. Additionally, no silicon area is wasted in storing such bytes. An intruder would need certain pieces of the original data in order to decipher the results of this encryption technique. Additionally, this technique degrades gracefully. The keys are chosen such that encrypted data does not have a single common dependency. Thus, in the event a single key is discovered, only a very small portion of the encrypted data will be disclosed.

Fast Software Encryption Functions

Abstract: Encryption hardware is not available on most computer systems in use today. Despite this fact, there is no well accepted encryption function designed for software implementation - - instead, hardware designs are emulated in software and the resulting performance loss is tolerated. The obvious solution is to design an encryption function for implementation in software. Such an encryption function is presented here - on a SUN 4/260 it can encrypt at 4 to 8 megabits per second. The combination of modern processor speeds and a faster algorithm make software encryption feasible in applications which previously would have required hardware. This will effectively reduce the cost and increase the availability of cryptographic protection.

Video control system having session encryption key

Abstract: A video system includes a central facility and a terminal. Video program means for provides the terminal with a video program including a series of television fields including a first field containing both a random digital code encrypted according to a code encryption key and program identification data, and a second field containing an unintelligible video signal previously transformed from an intelligible video signal according to the random digital code. The terminal includes means to store terminal identification data and a terminal specific encryption key; and means to send to the central facility the program idenficiation data and the terminal identification data. The central facility includes means for providing a session encryption key, means for encrypting the session encryption key according to the terminal specific encryption key, means for sending the encrypted session encryption key from the central facility to the terminal, a data base for storing and retrieving at least one code encryption key corresponding to the program identification data, means for encrypting the code encryption key according to the session encryption encryption key, and means for sensing the encrypted code encryption key from the central facility to the terminal. The terminal further includes means for receiving the encrypted session encryption key from the central facility, decryption means for decrypting the session encryption key according to the terminal specific encryption key, means for receiving the encrypted code encryption key from the central facility, decryption means for decrypting the code encryption key according to the session encryption encryption key, and decrypting the encrypted random digital code of the first frame in accordance with the code encryption key; and means for transforming the unintelligible video signal of the second frame to the intelligible video signal using the decrypted random digital code.

Correction to Secure communication in INTERNET environments : a hierarchical key management scheme for end-to-end encryption

Abstract: A hierarchical approach for key management is presented which utilizes the existing network specific protocols at the lower levels and protocols between authentication servers and/or control centers of different networks at the higher levels. Details of this approach are discussed for specific illustrative scenarios to demonstrate the implementation simplicity. A formal verification of the security of the resulting system in the sense of protecting the privacy of privileged information is also conducted by an axiomatic procedure utilizing certain combinatory logic principles. This approach is general and can be used for verifying the security of other existing key management schemes. >

Trunked radio communication system having encrypted system control information

Abstract: A trunked communication system having a control resource that encrypts system control messages. In one embodiment, the encryption includes controlling a bit interleaving process (208, 311) as a function of an encryption key (203, 321). In another embodiment, the encryption process includes reordering (202, 302) the information bits that constitute the message itself. If both encryption processes are used, the controlling encryption key can either be the same for both processes, or different.

Communication security in a distributed network

Abstract: In order for a distributed network to function securely, the integrity of the data transmitted over the communication links must be maintained. The use of either link encryption or end-to-end encryption will help to maintain the integrity of transmitted data, although there are differences in the level of security which they provide. This paper begins with an analysis of link encryption and end-to-end encryption. Five communication security goals are then described which concern the protection of transmitted data through the use of these encryption techniques.

How you can use the data encryption standard to encrypt your files and data bases

Abstract: Through this paper, I am going to show you how you can use data encryption to effectively secure your files and databases.

An analysis of NEWDES: a modified version of DES

Abstract: This paper examines an encryption algorithm designed by Robert Scott[3] that is a modified form of the Data Encryption Standard. Scott's goal in varying DES is to improve two aspects of it that are alleged to be weaknesses: the length of the key, and the “secretness” of the design of the S-boxes. An ancillary goal of his is to provide an algorithm that is easy to implement in software on a microcomputer. Scott's algorithm is indeed simple to implement. One of the main reasons for this is that it uses only operations on entire bytes, so there is no individual bit manipulation. Also, as promised, the design of the entire f-function is open for examination. The increase in key length, however, may not be as significant as it first appears to be.

Improved encryption printed circuit board

Abstract: A host computer add on encryption/decryption printed circuit board includes address and control buffers (16), data buffer (18) and board decode logic (20) having input and output terminals selectively connected to the host computer and to first ports of a dual port random access memory (DPR) (18) for storing a block of data and addresses and inputting portions of the block of data and addresses into the DPR's memory. A central processing unit (CPU) (26) is connected to second ports of the DPR, and to a CPU RAM (36), CPU ROM (38), real time clock (32), key image buffer (24), and DES encryption device (28). The CPU pursuant to commands of the host computer fetches: (1) the encryption/decryption key of the key image buffer (24) and information from the DPR for encryption/decryption by the encryption/decryption device (28); (2) the name from the host computer and date, time and length of access time for accumulating an audit trail stored in the key image buffer; and (3) file, auditor, and supervisor identification keys from key image buffer, and host computer (12) for encryption and after comparison allowing access only to those files associated with these keys. In addition a system station key can be included for encryption and comparison for limiting user access only through an assigned station. A wait generator (72, 82) is connected to the CPU, real time clock and encryption/decryption device for clock synchronization of joint operations.

Message encryption in a X.400 message handling system

Abstract: The authors describe a message security mechanism and its implementation on an experimental X.400 message handling system (MHS). An X.400 MHS usually consists of a number of heterogeneous machines communicating in an open system interconnection (OSI) environment which may be subjected to a security threat. A model is set up to identify various levels of security in an MHS network. The security measures are provided at the network level, that is, between the originating and the recipient message transfer agents (MTAs). A decentralized public-key based message encryption algorithm is used to eliminate the requirement of a key distribution center. A set of protocol procedures is defined to enable the change of encryption key at an MTA. A windowing concept is applied to encryption keys to reduce the potential conflict of key changes due to nonuniform message delay through the network. >

Algorithms for Data Encryption

Abstract: An overview of well known and not so well known data encryption systems is given. Some suggestions for their use in capability based computer systems are made and problems are pointed out.