Showing papers on "40-bit encryption published in 1995"

Data encryption security module

Abstract: We have recognized that there is a strong need to control and maintain the secrecy of the intelligence that may be used by computers to communicate with another, for example, by encrypting the messages that they exchange with one another. Thus, the encryption keys used to encrypt such messages need to be managed in a highly secure manner. Accordingly, we provide an encryption module, which, in accord with an aspect of the invention, generates a unique device encryption key (S local ), a cryptographic key formed from a unique identification key (S id ) and an associated public key (KP id ), and at least one program encryption key, in which the public key is generated as a function of the unique identification key. The module then encrypts the unique identification key and program encryption key using said device encryption key and stores the encrypted result in memory internal to security module, thereby securing the keys against misappropriation. In addition, the module provides a mechanism for using the program encryption key to encrypt information that it receives from an external source and store the encrypted information in memory external to the security module, and responsive to receiving from a requester a request for the program encryption key, encrypting the program encryption key, in accord with an aspect of the invention, using a symmetrical encryption key generated as a function of a public key generated by a security module associated with the requester. The former security module then supplies the encrypted program encryption key to the requester.

Block encryption algorithm with data-dependent rotations

Abstract: A simple encryption and decryption device has been developed. The underlying algorithm is a fast block cipher that may be implemented efficiently in hardware or software. The algorithm makes heavy use of data-dependent rotations. The amount of each rotation depends on the data being encrypted and intermediate encryption results. The variables for the algorithm include word size, rounds, and the length of a secret key.

Data encryption key management system

Abstract: The secure management of encryption keys is obtained by preventing external access thereto and ensuring that the keys do not leave an encryption unit in their original form. This result is obtained via a facility which (a) generates a unique device encryption key and at least one program encryption key, (b) encrypts the program encryption key using the device encryption key, and (c) stores the result in local memory. Thereafter, responsive to receipt of an indication to encrypt data, the program encryption key is retrieved from memory and is decrypted using the unique device encryption key. The data is then encrypted using the decrypted program encryption key and the encrypted data is stored in a server for distribution to a user who enters a request for the data. When there is a need to transport the latter key to another element, then the program key is encrypted using a symmetrical encryption key that the facility shares with the other element and the result is supplied to that element. The element then decrypts the encrypted program key using its own version of the symmetrical key.

Authenticated encryption scheme without using a one way function

Abstract: A modified HMPs authenticated encryption scheme with the same low expansion rate and lower communication costs but without the use of a one way function is proposed.

On the VLSI implementation of the international data encryption algorithm IDEA

Abstract: This paper describes a new VLSI realization of the International Data Encryption Algorithm IDEA. The presented VLSI architecture is compared with the VINCI chip, the first silicon realization of the IDEA. Principal design aspects are also discussed. Although the VINCI circuit can be used for real-time encryption in high-speed networks such as ATM, there are requirements for VLSI circuits with faster encryption ability. Further, the implemented test during the normal operation in the VINCI chip cannot detect all possible errors. The proposed new implementation is motivated by the requirement for higher data rates and a new solution for the on-line test problem, which is a main task in implementing cryptographic algorithms. First design results show that the resulting circuit can achieve an encryption rate of about 355 Mb/s. This is achieved by the implementation of one round in a 0.8 /spl mu/m CMOS technology. The architecture includes a concurrent self-test based on a mod-3 residue code self-checking system which allows the detection of permanent and temporary single- and multiple-bit errors in the IDEA datapath and hence the secure prevention of faulty encrypted or decrypted data.

Method and apparatus for digital encryption

Abstract: The present invention is a real time digital encryption system which may be implemented in either hardware or software. The encryption system uses keys and an algorithm in which the encryption is determined in part by the data being encrypted, to obtain a scramble which is uniquely determined by the combination of the encryption keys and the data being encrypted, thereby making any effort at cryptanalysis extremely difficult, if not impossible. Consequently, anyone seeking to decrypt the data encrypted by the present invention would have to resort to an extensive brute force approach to such decryption efforts.

Method and apparatus for autokey rotor encryption

Abstract: A method an apparatus for block or stream encrypting text uses an autokeyed rotational state vector to encrypt plain text to yield cipher text The text is stored as a block in a buffer of an arbitrary number of bytes Each byte of plain text in the buffer encrypted to yield a byte of cipher text by using a rotational state vector, and the rotational state vector is updated or changed as a function of one or more of: the cipher text, the plain text and a key The encryption operation is advantageously a series of alternating non-linear and linear transformations The method of encryption is advantageously involutory in that the encryption method and apparatus for a given key is identical to the decryption method and apparatus with the same key

Encryption communication process and terminal for encryption communication

Abstract: An encryption communication terminal includes an encryption key table 9a for registering secret encryption keys and an encryption box 9b for storing received encrypted data. When encrypted data is received, the decryption of the received encrypted data is tried by using a secret encryption key Ki registered in the encryption key table 9a. If the encrypted data can successfully be decrypted by using the registered secret encryption key Ki, the decrypted data is printed out. On the other hand, if the encrypted data cannot be decrypted, the received encrypted data is stored in the encryption box 9b, and then a reception report is output to notify that encrypted data is stored in the encryption box 9b. This reception report lets a recipient user know that encrypted data has been received but cannot be decrypted. The recipient user may ask the transmitter about the secret encryption key Ki to decrypt the received encrypted data.

Pseudo-random number generator and communication system employing the same

Abstract: A communication apparatus through which encryption/decryption processing can be executed at high speed includes a CPU for performing overall control of the apparatus, an encryption unit for encrypting communication data that has been stored in a RAM and outputting encrypted data, and a decryption unit for decrypting encrypted data transmitted from an external communication apparatus and storing the decrypted data in the RAM. The decryption unit issues a request to generate a series of random numbers serving as an encryption key necessary in decryption processing of the encrypted data applied thereto. A pseudo-random number generating circuit generates random numbers and delivers them to the decryption unit. The encryption unit issues a request to generate a series of random numbers serving as an encryption key necessary in encryption. The pseudo-random number generating circuit generates random numbers and delivers them to the encryption unit. The latter generates a cryptogram sentence based upon these random numbers.

Implementation of a hybrid encryption scheme for Ethernet

Abstract: A software-based implementation of a hybrid encryption scheme for Ethernet LAN is given. It uses a DES-type symmetric key for information exchange between communicating users. In addition, a Diffie-Hellman method is adopted for key distribution which incorporates an RSA-type public key scheme for securing the exchange of the symmetric key components. To facilitate distribution of public keys and to guarantee authenticity, a separate network entity called security management facility (SMF) is deployed. A brief description of the software components for the proposed hybrid encryption scheme is given, and a Petri net representation of the software operation is provided. In addition, evaluation of the proposed scheme is carried out on a prototype network, and the numerical values for the encryption time and the message transfer time are obtained to illustrate the feasibility of the new scheme.

Encryption system for mixed-trust environments

Abstract: Encryption frequently needs to be used in communication networks which span different geographical regions which can be considered to be trusted to different extents. According to one embodiment, the invention uses both a strong encryption algorithm and a weak encryption algorithm. A device in the high-trusted region can encrypt using the strong algorithm and can decrypt using either the strong or weak algorithm. A device in the low-trusted region can decrypt with either the strong or the weak algorithm but can encrypt only with the weak algorithm.

Method and apparatus for data-driven encryption system

Abstract: The pseudorandom process iteratively applies a selected CRC encryption process on the information to be encrypted. The encryption process is selected by testing one of the digits comprising the number to be encrypted. A first encryption process is used if the tested digit is a 1; a second encryption process is used if the tested digit is a 0. The process is repeated a plurality of times, e.g. once for each digit in the number to be encrypted, resulting in a highly encrypted value that is not easily reverse engineered by chosen or known plaintext attack.

Multiple Encryption with Minimum Key

Abstract: In this paper we consider multiple encryption schemes built from conventional cryptosystems such as DES. The existing schemes are either vulnerable to variants of meet in the middle attacks, i.e. they do not provide security of the full key or there is no proof that the schemes are as secure as the underlying cipher. We propose a new variant of two-key triple encryption which is not vulnerable to the meet in the middle attack and which uses a minimum amount of key. We can prove a connection between the security of our system and the security of the underlying block cipher.

Communication data security device and communication data security method

Abstract: PROBLEM TO BE SOLVED: To prevent encryption data from being decoded or forged with high security SOLUTION: An encryption function is selected as a time from a time table, a random number tale and a function table in cross reference by communication data security devices 1, 11, 1n used for a computer network 2(12) having a communication line network 5(15) to which lots of communication terminal equipments are connected and communication terminals 3(131 -13n ), and communication data are converted into encryption data and sent to the communication line networks 5, 15 Since encryption data differ from time depending on time even when the communication data are the same, the encryption data are neither decoded nor forged

Method and apparatus for public-key cryptography using a secure semiconductor device

Abstract: A semiconductor device for storing encryption/decryption keys at manufacture in combination with digital certificates to ensure secured communications between the semiconductor device and another device. The semiconductor device comprising a non-volatile memory for storing the encryption/decryption keys and at least one digital certificate, internal memory for temporarily storing information input into the semiconductor device from the other device and possibly encryption and decryption algorithms, a processor for processing the information and a random number generator for generating the encryption/decryption keys completely internal to the hardware agent.

Security and Encryption

Abstract: This chapter focuses on the concept of security and encryption. The solution to security problems can be found in a collection of encryption algorithms developed using a variety of mathematical tricks. These algorithms make it possible for someone to scramble a computer file or mail message into a form that is only readable by someone possessing the correct computer key. Other algorithms can create digital signatures that are practically unforgeable by anyone who does not hold the secret key. The combination of these two tricks would solve the basic security problems of creating an agent space. The most straightforward use of encryption is known as either single-key or private-key encryption. These algorithms use one key that is kept secret and shared by all the parties who are going to need access to the information. As long as the key is secret, the data is generally safe. Data Encryption Standard (DES), Internation Data Encryption Algorithm, and triple-DES which uses three passes of DES, are some of the most common single-key encryption algorithms.

Pseudo-random number generator, and communication method and apparatus using encrypted text based upon pseudo-random numbers generated by said generator

Abstract: A communication apparatus through which encryption/decryption processing can be executed at high speed includes a CPU for performing overall control of the apparatus, an encryption unit for encrypting communication data that has been stored in a RAM and outputting encrypted data, and a decryption unit for decrypting encrypted data transmitted from an external communication apparatus and storing the decrypted data in the RAM. The decryption unit issues a request to generate a series of random numbers serving as an encryption key necessary in decryption processing of the encrypted data applied thereto. A pseudo-random number generating circuit generates random numbers and delivers them to the decryption unit. The encryption unit issues a request to generate a series of random numbers serving as an encryption key necessary in encryption. The pseudo-random number generating circuit generates random numbers and delivers them to the encryption unit. The latter generates a cryptogram sentence based upon these random numbers.