Showing papers on "40-bit encryption published in 2002"

Cryptanalysis of a chaotic image encryption method

Abstract: The security of digital images attracts much attention recently, and many image encryption methods have been proposed. In IS-CAS2000, a new chaotic key-based algorithm (CKBA) for image encryption was proposed. This paper points out CKBA is very weak to the chosen/known-plaintext attack with only one plain-image, and its security to brute-force ciphertext-only attack is overestimated by the authors. That is to say, CKBA is not secure at all from cryptographic viewpoint. Some experiments are made to show the feasibility of the chosen/known-plaintext attack. We also discuss some remedies to the original scheme and their performance, and we find none of them can essentially improve the security of CKBA.

Critical packet partial encryption

Abstract: An encryption arrangement for multiple encryption of television programs. A system according to embodiments of the present invention multiple encrypts only a portion of the data required for full presentation of a television program to permit coexistence of multiple conditional access encryption systems associated with multiple manufacturer's set-top boxes within a single system. In one embodiment, only critical packets such as those carrying a payload incorporating packetized elementary stream header information is encrypted. By only encrypting a portion of the program, dramatically less bandwidth is consumed than the alternative of multiple encryption of all program data, thus permitting a larger number of programs to be carried over the same bandwidth while permitting coexistence of multiple conditional access systems in a single cable television system.

Fast encryption and authentication: XCBC encryption and XECB authentication modes

Abstract: We present the eXtended Ciphertext Block Chaining (XCBC) and the eXtended Electronic Codebook (XECB) encryption schemes or modes of encryption that can detect encrypted-message forgeries with high probability even when used with typical non-cryptographic Manipulation Detection Code (MDC) functions (eg, bitwise exclusive-or and cyclic redundancy code (CRC) functions) These modes detect encrypted-message forgeries at low cost in performance, power, and implementation, and preserve both message secrecy and integrity in a single pass over the message data Their performance and security scale directly with those of the underlying block cipher function We also present the XECB message authentication (XECB-MAC) modes that have all the operational properties of the XOR-MAC modes (eg, fully parallel and pipelined operation, incremental updates, and out-of-order verification), and have better performance They are intended for use either stand-alone or with encryption modes that have similar properties (eg, counter-based XOR encryption) However, the XECB-MAC modes have higher upper bounds on the probability of adversary's success in producing a forgery than the XOR-MAC modes

Multi-recipient Public-Key Encryption with Shortened Ciphertext

Abstract: In the trivial n-recipient public-key encryption scheme, a ciphertext is a concatenation of independently encrypted messages for n recipients. In this paper, we say that an n-recipient scheme has a "shortened ciphertext" property if the length of the ciphertext is almost a half (or less) of the trivial scheme and the security is still almost the same as the underlying single-recipient scheme. We first present (multi-plaintext, multi-recipient) schemes with the "shortened ciphertext" property for ElGamal scheme and Cramer-Shoup scheme. We next show (single-plaintext, multi-recipient) hybrid encryption schemes with the "shortened ciphertext" property.

Elementary stream partial encryption

Abstract: An encryption arrangement (108) for multiple encryption of television programs. A system according to the embodiments of the present invention multiple encrypts only a portion of the data required for full presentation of a television program to permit coexistence of multiple conditional access (118 and 124) encryption systems associated with multiple manufacturer's set-top boxes (36 and 136) within a single system. In one embodiment, only audio data are encrypted leaving video in the clear (104). By only encrypting a portion of the program, dramatically less bandwidth is consumed than the alternative of multiple encryption of all program data, thus permitting a larger number of programs to be carried over the same bandwidth while permitting coexistence of multiple conditional access systems (40 and 140) in a single cable television system (32).

Cryptographic infrastructure for encrypting a database

Abstract: The invention provides a transparent encryption infrastructure which allows the user to point-and-click on columns and tables to encrypt data. The creation of triggers and views are also easily implemented, to encrypt and decrypt data, to manage the encryption keys and to grant and revoke access to a column. Public and private key pairs are hashed and encrypted with a valid password. The process or encryption starts by creating a randomly generated symmetrical key, encrypting the symmetrical key with the private key for each user authorized to decrypt the data, and storing the encrypted symmetrical key, along with the user's name and the column name, in the database.

Secure content objects

Abstract: A secure content object protects electronic documents from unauthorized use. The secure content object includes an encrypted electronic document, a multi-key encryption table having at least one multi-key component, an encrypted header and a user interface device. The encrypted document is encrypted using a document encryption key associated with a multi-key encryption method. The encrypted header includes an encryption marker formed by a random number followed by a derivable variation of the same random number. The user interface device enables a user to input a user authorization. The user authorization is combined with each of the multi-key components in the multi-key encryption key table and used to try to decrypt the encrypted header. If the encryption marker is successfully decrypted, the electronic document may be decrypted. Multiple electronic documents or a document and annotations may be protected by the secure content object.

Selective encryption to enable multiple decryption keys

Abstract: A selective encryption method and apparatus consistent with the invention duplicates selected packets in a file or data stream and multiple encrypts the packets using multiple encryption keys. Each encryption key is valid for a specific segment of time so that changes in entitlement keys used for decryption can be made without negatively impacting a customer's ability to access content that has been paid for.

Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)

Abstract: This document proposes several new ciphersuites. At present, the symmetric ciphers supported by Transport Layer Security (TLS) are RC2, RC4, International Data Encryption Algorithm (IDEA), Data Encryption Standard (DES), and triple DES. The protocol would be enhanced by the addition of Advanced Encryption Standard (AES) ciphersuites.

Performance analysis of IPSec protocol: encryption and authentication

Abstract: IPSec provides two types of security algorithms, symmetric encryption algorithms (e.g. data encryption standard DES) for encryption, and one-way hash functions (e.g., message digest MD5 and secured hash algorithm SHA1) for authentication. This paper presents performance analysis and comparisons between these algorithms in terms of time complexity and space complexity. Parameters considered are processing power and input size. The analysis results revealed that HMAC-MD5 can be sufficient for the authentication purposes rather than using the more complicated HMAC-SHA1 algorithm. In encryption applications, authentication should be combined with DES.

On the security of an image encryption method

Abstract: The security of digital images has attracted much attention, and many different image encryption methods have been proposed. Yen and Guo (see Proc. IEEE Workshop Signal Processing Systems, p.430-37, 1999) proposed a novel image encryption algorithm called BRIE (bit recirculation image encryption). This paper points out that BRIE is not secure enough from strict cryptographic viewpoint. It has been found that some defects exist in BRIE, and a known/chosen-plaintext attack can break BRIE with only one known/chosen plain-image. Experiments are made to verify the defects of BRIE and the feasibility of the attack.

System and method for conditional access key encryption

Abstract: A system for processing multimedia channels is described comprising: transmitting decryption keys for decrypting the multimedia channels, the keys encrypted in both a first encryption format and a second encryption format; the keys encrypted in the first encryption format being decryptable by a first type of multimedia receiver; and the keys encrypted in the second encryption format being decryptable by a second type of multimedia receiver.

Perception-based partial encryption of compressed speech

Abstract: Mobile multimedia applications, the focus of many forthcoming wireless services, increasingly demand low-power techniques implementing content protection and customer privacy. In this paper low complexity perception-based partial encryption schemes for speech are presented. Speech compressed by a widely-used speech coding algorithm, the ITU-T G.729 standard at 8 kb/s, is partitioned in two classes, one, the most perceptually relevant, to be encrypted, the other, to be left unprotected. Two partial-encryption techniques are developed, a low-protection scheme, aimed at preventing most kinds of eavesdropping and a high-protection scheme, based on the encryption of a larger share of perceptually important bits and meant to perform as well as full encryption of the compressed bitstream. The high-protection scheme, based on the encryption of about 45% of the bitstream, achieves content protection comparable to that obtained by full encryption, as verified by both objective measures and formal listening tests. For the low-protection scheme, encryption of as little as 30% of the bitstream virtually eliminates intelligibility as well as most of the remaining perceptual information. Low-power, portable devices could therefore achieve very high levels of speech-content protection at only 30-45% of the computational load of current techniques, freeing resources for other tasks and enabling longer battery life.

Method and apparatus for encryption of data

Abstract: A method for encryption and decryption of data items is provided by defining a cipher key based on variables in a Chaotic Equation. The method includes selecting a Chaotic Equation ( 110 ) from a set of Chaotic Equations, defining starting conditions of the variables of the equation ( 140 ), and applying the equation to each data item ( 120 ). The real and imaginary parts of the result of the iteration of the Chaotic Equation are combined with the data item by an arithmetic operation, for example, an XOR operation ( 120 ). Data items in a continuous stream with a rate dependency can be encrypted and decrypted on an item by item basis. The input or cipher key changes for each byte of the data encryption. Blocks of data ( 700, 701, 702, 703, 704 ) can be encrypted using the method with an identifier of the order of the blocks in the data stream. If blocks are received out of sequence, the identifiers can be used to maintain the correct decryption order. The method of encryption and decryption can be used in devices ( 801 ) to avoid the need for a session key. The continuously updating input or cipher key enables fraudulent use of devices ( 801 ) to be identified.

Upgrading of encryption

Abstract: A method of upgrading an encryption process for encryption of video information from an old encryption process to a new encryption process, consistent with certain embodiments involves selecting a portion of video content for selective encryption. The selected portion is duplicated to produce first and second copies of the selected portion. The first copy is encrypted using the old encryption process and the second copy is encrypted using the new encryption process to produce a dual partially encrypted segment of video information that can either be broadcast over a cable or satellite system or stored in a package medium as two program chains.

Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption

Abstract: Vaudenay recently demonstrated side-channel attacks on a common encryption scheme, CBC Mode encryption, exploiting a “valid padding” oracle [Vau02]. Mirroring the side-channel attacks of Bleichenbacher [Ble98] and Manger [Man01] on asymmetric schemes, he showed that symmetric encryption methods are just as vulnerable to side-channel weaknesses when an adversary is able to distinguish between valid and invalid ciphertexts. Our paper demonstrates that such attacks are pervasive when the integrity of ciphertexts is not guaranteed. We first review Vaudenday’s attack and give a slightly more efficient version of it. We then generalize the attack in several directions, considering various padding schemes, other symmetric encryption schemes, and other side-channels, demonstrating attacks of various strengths against each. Finally we argue that the best way to prevent all of these attacks is to insist on integrity of ciphertexts [BN00] in addition to semantic security as the “proper” notion of privacy for symmetric encryption schemes.

Hyper-encryption and everlasting security

Abstract: We present substantial extensions of works [1], [2], and all previous works, on encryption in the bounded storage model introduced by Maurer in [25]. The major new result is that the shared secret key employed by the sender Alice and the receiver Bob can be re-used to send an exponential number of messages, against strong adaptive attacks. This essential step enhances the usability of the encryption method, and also allows strong authentication and non-malleability described below. We give an encryption scheme that is provably secure against adaptive attacks by a computationally unbounded adversary in the bounded storage model. In the model, a sender Alice and a receiver Bob have access to a public random string a, and share a secret key s. Alice and Bob observe a on the fly, and by use of s extract bits from which they create a one-time pad X used to encrypt M as C = X ○+ M. The size of the secret key s is s = k log 2 |α|, where k is a security parameter. An Adversary AD can compute and store any function A 1 (α) = η, subject to the bound on storage |η| < γ |α|, γ < 1, and captures C. Even if AD later gets the key s and is computationally unbounded, the encryption is provably secure. Assume that the key s is repeatedly used with successive strings α 1 , α 2 ,… to produce encryptions C 1 , C 2 ,… of messages M 1 , M 2 ,.....AD computes η 1 = A 1 (α 1 ), obtains C 1 , and gets to see the first message M 1 . Using these he computes and stores 772 = A 1 (α 2 , η 1 , C 1 , M 1 ), and so on. When he has stored η l and captured C l , he gets the key s (but not M l ). The main result is that the encryption C l is provably secure against this adaptive attack, where l, the number of time the secret key s is re-used, is exponentially large in the security parameter k. On this we base non-interactive protocols for authentication and non-malleability. Again, the shared secret key used in these protocols can be securely re-used an exponential number of times against adaptive attacks. The method of proof is is stronger than the one in [1], [2], and yields ergodic results of independent interest. We discuss in the Introduction the feasibility of the bounded storage model, and outline a solution. Furthermore, the existence of an encryption scheme with the provable strong security properties presented here, may prompt other implementations of the bounded storage model.

Method and system for the secure transmission of a portion of a web page over a computer network

Abstract: A method of transmitting data over a network in a secure manner while keeping overhead low is described. Various components for a web page are retrieved and a web page is formed. The web page has some components in which sensitive data is stored in XML data islands. It is then determined which of the XML data islands contains sensitive data, such as health or medical data or financial data that is specific to an individual. These XML data islands are encrypted using an appropriate encryption routine, not limited to SSL. Once the data islands containing the sensitive data are encrypted they are transmitted over a network. The encryption routine used to secure the sensitive data is chosen based on the level of security desired before sending the data over the network and the amount of overhead resulting from the encryption that the user is willing to accept. The overhead can be reduced by using a less rigorous encryption routine and thereby increasing performance and speed. If the data requires a high degree of security, a powerful encryption routine can be used while increasing the overhead of the data when sending the data over a network.

Compressed-domain scrambler/descrambler for digital video

Abstract: Multimedia data security is very important for multimedia commerce on the Internet and real-time video multicast. However, traditional encryption algorithms for data secrecy, such as DES, may not be suitable for multimedia applications because they are unable to meet the real-time constraints required by the multimedia applications. For multimedia applications, lightweight encryption algorithms are attractive. This paper examines the joint encryption and compression framework in which video data are scrambled in the frequency domain by employing selective bit scrambling, block shuffling and block rotation of the transformed coefficients and motion vectors. In addition a lightweight MPEG video encryption algorithm is proposed whose primary motivation is to save the encryption computation by taking the advantage of combining MPEG compression and data encryption, and at the same time avoids adverse effects on the video compression rate.

A parity code based fault detection for an implementation of the Advanced Encryption Standard

Abstract: Concurrent fault detection for a hardware implementation of the Advanced Encryption Standard (AES) is important not only to protect the encryption/decryption process from random faults. It will also protect the encryption/decryption circuitry from an attacker who may maliciously inject faults in order to find the encryption secret key. In this paper we present a novel fault detection scheme which is based on a multiple parity bit code and show that the proposed scheme leads to very efficient and high coverage fault detection. We then estimate the associated hardware costs and detection latencies.

Method for encryption in an un-trusted environment

Abstract: A method and apparatus for secure distribution of information over a network, comprising: encrypting payload information using a first encryption key in a first data processor; sending the payload information encrypted using the first encryption key to a second data processor; encrypting the payload information encrypted using the first encryption key using a second encryption key in the second data processor; and sending the payload information encrypted using the first encryption key and the second encryption key to a third data processor, and generating a decryption key based on the first encryption key and on the second encryption key, such that the decryption key is operable to compute the payload information by decrypting the payload information encrypted using the first encryption key and the second encryption key.

Method and Apparatus for Dynamic Generation of Symmetric Encryption Keys and Exchange of Dynamic Symmetric Key Infrastructure

Abstract: A method and apparatus for dynamically generating data encryption keys for encrypting data files and for decrypting encrypted data files via a key exchange method is provided. A dynamically generated an encryption key is generated for each encryption event, so that the key cannot be produced or reproduced. A key exchange component of the invention ensures that only an intended recipient has the means to decrypt a file encrypted with the dynamically generated symmetric encryption keys.

Computer security system and method

Abstract: A secure processing system provides for the encryption of files by compression of the content of files and encryption of the compressed content. Also, files can be obfuscated by changing their file name and location and keeping a record of the changes encrypted for them. The encryption and stealth features can be made accessible by a simple graphical user interface accessible by a password to provide for simple operation.

Microprocessor configuration with encryption

Abstract: A microcontroller for security applications includes an encryption unit between a bus and a functional unit. The encryption unit includes a gate and a key register. A memory is provided with a further encryption unit whose gate is connected between the register and the gate of the first encryption unit. As a result, the transferred information item is available in encrypted form at any point on the bus.

One-time-pad encryption with central key service and key management

Abstract: A one-time-pad encryption system where encrypted one-time-pad keys can be distributed to users on physical media or on a computer network from a central server. Each one-time-pad key has a key identification number that facilitates key management. Each encrypted data set includes a header specifying an offset within the one-time-pad key for commencement of decryption so that messages can be decrypted in any order. Before encryption begins, the length of remaining unused key is compared to the length of the data set to be encrypted. For ease of transcription or transmission by humans, the encrypted data can be represented as a subset of the 48 keys that are easy to use on a keyboard, preferably the 26 capital letters of the Western alphabet or these letters plus six numerals for a total of 32 characters. A one-time-pad key which is specialized to achieve such encryption can also be used for binary encryption. Encryption control buttons are added to a word processor and other programs as an addition to the user interface.

Electronic device for secure authentication of objects such as computers in a data network

Abstract: An object is authenticated by transmitting a random number to the object. The object has an integrated circuit chip including a memory and encryption circuitry. The memory stores information defining an encryption scheme preassigned to the object. The encryption circuitry reads the memory, and encrypts the random number according to the encryption scheme defined by the information read from the memory to produce encrypted data. The memory cannot be read from any output of the integrated chip, and the chip is constructed so that it is virtually impossible to recover the information contained in the memory by visual inspection, probing, or disassembly of the chip. The object is authenticated by checking whether the encrypted data is a correct result of encrypting the data using the encryption scheme pressigned to the object.

Automatic generation of a new encryption key

Abstract: A device (2701) that is connected to a network (2702) and which performs secure operation (2706) using existing encryption keypair (2707) maintained by the device (2701).

System for securing encryption renewal system and for registration and remote activation of encryption device

Abstract: An encryption renewal system for generating entitlement control messages, the system being secured by physical separation of components. The encryption renewal system has a first computing platform for performing non-secure tasks associated with one or more control messages that transmit one or more keys to a subscriber; and a second computing platform physically separate from the first computing platform containing one or more application specific integrated circuit chip for generating the one or more control messages. In addition, a method by the encryption renewal system is used to register an off-line encryption device in order to begin encrypting clear content. The method includes generating data for registering the off-line encryption device; encrypting the data with one or more cryptographic keys to form encrypted data; forwarding the encrypted data to the off-line encryption device; and retrieving the data from the encrypted data, wherein the off-line encryption device begins to encrypt clear content only after the data is retrieved.

Roaming hardware paired encryption key generation

Abstract: The roaming hardware paired encryption key generation coalesces a content variable with a network, or subnet, address to generate an encryption key. The source generates a content identification that is unique to the content being encryption and the network, or subnet, address is coalesced with the content indentification to generate a unique encryption key for the content being encrypted. The encrypted digital content is transmitted to the destination devices identified by the network, or subnet address, along with the content identification. At the destination, the destination devices regenerate the encryption by coalescing the content identification and the network, or subnet, address in the same manner as ciphertext is decrypted into plaintext.

Pre-authenticated communication within a secure computer network

Abstract: A method for securing communications within a computer network that includes wireless devices is presented. The method involves the use of a middleware server, which allows ill-performing and potentially insecure communications protocols to be off-loaded onto a more powerful machine running in a more secure environment, e.g., within a company's Intranet. The method can be practiced with any symmetric encryption algorithm, and can be combined with additional security methods, such as asymmetric encryption methods.