Showing papers on "Encryption published in 1981"

Password authentication with insecure communication

Abstract: A method of user password authentication is described which is secure even if an intruder can read the system's data, and can tamper with or eavesdrop on the communication between the user and the system. The method assumes a secure one-way encryption function and can be implemented with a microcomputer in the user's terminal.

End-to-End Arguments in System Design.

Abstract: This paper presents a design principle that helps guide placement of functions among the modules of a distributed computer system. The principle, called the end-to-end argument, suggests that functions placed at low levels of a system may be redundant or of little value when compared with the cost of providing them at that low level. Examples discussed in the paper include bit error recovery, security using encryption, duplicate message suppression, recovery from system crashes, and delivery acknowledgement. Low level mechanisms to support these functions are justified only as performance enhancements.

Timestamps in key distribution protocols

Abstract: The distribution of keys in a computer network using single key or public key encryption is discussed. We consider the possibility that communication keys may be compromised, and show that key distribution protocols with timestamps prevent replays of compromised keys. The timestamps have the additional benefit of replacing a two-step handshake.

Protection system for intelligent cards

Abstract: There is disclosed a protection system for intelligent cards. Each card has stored in it a code which is the encryption of a concatenation of a user secret password and a common reference text. The encryption is derived by an initialization terminal which uses the private key associated with the public key of a public-key cryptosystem key pair. Each transaction terminal with which a card is used decrypts the stored code in accordance with the public key. A transaction is effected only if the stored code decrypts into the user password which is inputted on a keyboard and the common reference text.

On the security of multiple encryption

Abstract: Double encryption has been suggested to strengthen the Federal Data Encryption Standard (DES). A recent proposal suggests that using two 56-bit keys but enciphering 3 times (encrypt with a first key, decrypt with a second key, then encrypt with the first key again) increases security over simple double encryption. This paper shows that although either technique significantly improves security over single encryption, the new technique does not significantly increase security over simple double encryption. Cryptanalysis of the 112-bit key requires about 256 operations and words of memory, using a chosen plaintext attack. While DES is used as an example, the technique is applicable to any similar cipher.

Crypto microprocessor that executes enciphered programs

Abstract: A microprocessor for executing computer programs which are stored in cipher to prevent software piracy. Such a crypto-microprocessor deciphers the enciphered program piecemeal as it executes it, so that a large enciphered program can be securely executed without disclosing the deciphered program or associated data to persons who have access to the wiring of the computer in which the crypto-microprocessor is a component. Such a device may process valuable proprietary programs and data files which are distributed in cipher on videodiscs, semiconductor memory, or other media without risk of software piracy. Various methods of encryption may be used including methods which result in the cipher of a byte being a complicated function of the byte's address in memory. Each crypto-microprocessor chip may use a unique cipher key or tables for deciphering the program, so that a program that can be executed in one chip cannot be run in any other microprocessor.

A database encryption system with subkeys

Abstract: A new cryptosystem that is suitable for database encryption is presented. The system has the important property of having subkeys that allow the encryption and decryption of fields within a record. The system is based on the Chinese Remainder Theorem.

Software protection method and apparatus

Abstract: In a method of and apparatus for limiting program execution to only an authorized data processing system, a proprietary program, together with first and second authorization codes, is stored on a magnetic disc or other storage medium. The first and second authorization codes are read. A hardware module containing a pseudorandom number generator unique to the authorized system receives the first authorization code as a key. The resultant number generated by the number generator, which is a function of the key and particular pseudorandom generator algorithm, is compared with the second authorization code in direct or encrypted form. An execution enable signal is generated in response to a positive comparison to enable the stored program to be executed.

Encryption using destination addresses in a TDMA satellite communications network

Abstract: An encryption system is disclosed which is based on channel destination addresses for a time division multiple access (TDMA) satellite communications network. A superframe initialization vector is transmitted from a master station to all other stations in the network. A plurality of frame initialization vectors is sequentially generated at each station in an encryption engine, from the superframe initialization vector, using a key which is common only to authorized users within the network. Each data channel is initialized with encryption bits produced by exclusive ORing the channel destination address and the frame initialization vector for the frame in which that channel is to be transmitted, and then passing the output of the exclusive OR through the encryption engine using either the same key or a second, different key. These encryption bits are combined with the channel data in an exclusive OR circuit for TDMA transmission via the satellite transponder to the receiving stations. The decryption process at the receiving stations parallels the encryption process at the transmitting stations, so that clear-text data is output only at the destination addressed where the intended recipient has the same key as the transmitter. The system enables the synchronization of encryption engines at separate, geographically remote stations and permits the decryption of encrypted channels at anytime within a TDMA frame.

Cartridge-controlled system whose use is limited to authorized cartridges

Abstract: A cartridge-controlled system whose use is limited to authorized cartridges. Blocks of instructions of a program designed to run on the machine are encrypted by the machine manufacturer using the private key of a public-key cryptosystem pair. The machine, during an initialization step following the insertion of a new cartridge, decrypts information strings stored in the cartridge through use of the associated public key, and stores the resulting decrypted instructions in random access memory. The machine microprocessor then accesses the instructions in the random access memory. Although the public key may be widely known, as long as the private key is kept secret, there is no way for an unauthorized software/cartridge supplier to encrypt a program such that following decryption in the machine there will result an intelligible sequence of instructions.

Cryptographic Authentication of Time-Invariant Quantities

Abstract: With any strong cryptographic algorithm, such as the data encryption standard (DES), it is possible to devise protocols for authentication. One technique, which allows arbitrary, time-invariant quantities (such as encrypted keys and passwords) to be authenticated, is based upon a secret cryptographic (master) key residing in a host processor. Each quantity to be authenticated has a corresponding precomputed test pattern. At any later time, the test pattern can be used together with the quantity to be authenticated to generate a nonsecret verification pattern. The verification pattern can in turn be used as the basis for accepting or rejecting the quantity to be authenticated.

A Password Extension for Improved Human Factors.

Abstract: To maximize both the difficulty of guessing passwords and also the ease of remembering passwords, we use a fairly large keyspace (64 bits) and a very long “passphrase” (up to 80 characters) The phrase is hashed into the key, which is then stored in encrypted form The hashing necessarily includes one-way encryption Since the phrase is long, one would expect a large keyspace for the actual phrase as well as for the hashed phrase Since the phrase is meaningful to the owner it should be easier to remember

Cryptographic application for interbank verification

Abstract: In a data communication network which includes terminals interconnected via a central switch, a process for verifying the identity of a terminal user who is provided with secret data associated with his identity. In carrying out the verification process, the secret data is first encrypted at the terminal under a transfer-in key for transmission to an associated data processing system. When it is determined that the terminal user maintains an account at the associated data processing system, a first translate operation is performed to translate the data from encryption under the transfer-in key to encryption under an authentication key, both of which keys are protected under other keys which are different from each other, thereby providing an authentication parameter which may be used to verify the identity of the terminal user. When it is determined that the terminal user does not maintain an account at the associated data processing system, a second translate operation is performed to translate the data from encryption under the transfer-in key to encryption under a transfer-out key for transmission to the next associated host system, the switch or a remote host system. At each such node, except the switch, a determination is made as to whether a verification process can be performed otherwise, the encrypted data is translated for transmission to the next or a remote node of the network for such verification.

Coded data transmission system

Abstract: A scrambler/encryption system for randomizing an information-containing data signal for transmission and for reproducing at the receiver the information-containing data signal. The information-containing data to be transmitted is applied to a modulo-two adder, the output of which is the encoded data for transmission and which is also an input of an n stage shift register. An arbitrary logic network, having a plurality of inputs each connected to a plurality of selected shift register stages, produces a particular key signal responsive to the condition of the contents of the selected shift register stages. At the receiver, the received randomized data is fed simultaneously to the input of an n stage shift register and to an input of a modulo-two adder. An identical arbitrary logic network is connected to the receiver shift register and produces the same particular key signal responsive to the same conditions in the shift register. The modulo-two adder in the receiver has as its second input the key signal. Embodiments also show the use of the scrambler/encryption circuitry in other applications, i.e., rendering tamperproof recorded information, e.g., audio recording, and checking the operation of high speed shift registers.

Two-tiered communication security employing asymmetric session keys

Abstract: Communications security between a host computer and another remote computer or terminal is ensured by a means of a two-tiered cryptographic communications security device and procedure. A master key is used to encrypt a first session key. The session key encrypted under the master key is transmitted from a remote facility to a host computer. At the host computer, the session key is decrypted and stored, a second and different session key is then generated, encrypted under the master key and transmitted to the remote facility where it is utilized as the facilities session decryptor key. Because the session key utilized for transmission of data between the remote facility and the host differs from the session key utilized for transmission of data between the host and the remote facility, communications security is increased.

Automatic selection of decryption key for multiple-key encryption systems

Abstract: A receiver of digitally encoded voice signals that may be encrypted according to a plurality of keep subjects a received signal to decryption according to each of the keys. Decrypted signals are tested for the presence of modulation, and the signal, if any, that is decrypted is recovered for use. If it is desired, a visual indication may tell a user which key is being used to decrypt the signal.

Security Requirements and Protocols for a Broadcast Scenario

Abstract: Previous work (e.g., [1], [2]) has characterized communication security requirements in connection-oriented (virtual circuit) environments supporting applications such as interactive communication and file transfer. This work has developed protocols to achieve these requirements using conventional ciphers (CC's) such as the NBS data encryption standard (DES) [3]. More recently, several authors [4]-[6] have analyzed key distribution protocols for such environments based on CC's and on public-key ciphers (PKC's) such as the RSA algorithm [7], noting similarities in form, function, and vulnerability. Advances in satellite and packet radio technology [8], [9] and the development of high-speed, local area networks [10] have stimulated interest in broadcast protocols for various applications. This article examines security requirements for a simple broadcast scenario characteristic of some of these applications and develops protocols for achieving these requirements. Two sets of protocols, one based on CC's and the other based on PKC's, are developed and analyzed in terms of functionality and performance.

Integrating the Data Encryption Standard into Computer Networks

Abstract: The NBS Data Encryption Standard may be integrated into computer networks to protect personal (nonshared) files, to communicate securely both on- and off-line with local and remote users, to protect against key substitution, to authenticate system users, to authenticate data, and to provide digital signatures using a nonpublic key encryption algorithm. Key notarization facilities give users the capability of exercising a set of commands for key management as well as for data encryption functions. The facilities perform notarization which, upon encryption, seals a key or password with the identities of the transmitter and intended receiver. Thus, in order to decrypt a message, the receiver must authenticate himself and supply the correct identity of the transmitter. This feature eliminates the threat of key substitution which must be protected against to attain a high level of security.

Error-Correcting Codes and Cryptography

Abstract: This paper is intended to serve as an introduction to the exciting developments in secret codes that have taken place in the last ten years. David Kahn’s interesting book The Codebreakers appeared in 1967 [29], which unfortunately was just before IBM described its Lucifer encryption scheme [11], [20], [51] and triggered the developments that I am going to describe.

Encryption and Authentication in On-Board Processing Satellite Communication Systems

Abstract: Encryption is an efficient method for information protection in communication links which are subject to wiretapping. In this paper we discuss the application of encryption to satellite communication systems in which the satellite has on-board processing capability. The on-board processor can be used in the key distribution process. Two examples of such processes are described. The first requires the storage in the satellite of one key for each user of the communication system. These are used together with a conventional encryption algorithm (DES, for example) to distribute communication keys to the users. The communication keys are then used to encrypt and decrypt information. The other key distribution process utilizes a trap-door one-way function, whose inverse is implemented in the satellite. The need for storage space in the satellite is smaller than that with the first method.

Security system for preventing unauthorized manipulations during electronic text transmission in data networks

Abstract: The security system for preventing unauthorised manipulations in the electronic encrypted text transmission in communication networks has a plurality of subscriber stations and a security centre. In this connection, the individual user should be burdened as little as possible with the techniques and procedures required for this. This is achieved by means of an automatic dialling device which in each case establishes a connection between the security centre and the individual subscriber stations, in which arrangement the security centre in each case encrypts a connection code with the aid of a random bit converter generator. This then ensures that a message really originates from the transmitter specified and has not been altered and that the message has actually arrived at the receiver.

Secure communication system having long-term keying variable

Abstract: A secure communication apparatus incorporates a longterm, non-extractable master key variable which is held in common by all terminals. A pseudorandom bit sequence generator within the transmitter provides a binary bit stream which is transmitted unencrypted to the intended receiver. Both terminals simultaneously mix the master variable with the transmitted pseudorandom bit stream in an identical manner to create a common separate working variable which is subsequently used for data encryption and decryption.

Digital signal processor: Private communications

Abstract: Where normal safeguards for message privacy are not adequate, some form of encryption is required. Voice messages, encoded using an adaptive differential pulse-code-modulation encoder such as that described in a companion paper, may be encrypted for privacy (protection against casual eavesdropping) through similar digital signal processor programs with little additional computation. Two methods of implementation are described: The use of U-permutations for temporal scrambling of the transmitted bit stream and the use of bit masking by stored random numbers. The relative merits of each system are discussed, illustrating both the flexibility and limitations of the digital signal processor for such applications.

Encryption with keyed random permutations

Abstract: A method is presented to generate a keyed random permutation (for example when enciphering a block of binary data) using the theoretical minimum number of key bits. The method is especially useful in an environment with limited key supply. An algorithm for implementing the method is given, with an estimate of its complexity.

Positioning control system with a digital incremental measuring device

Abstract: The position control system made possible by the encryption .wendung of a discriminator and a computer, the detection of long distances at high resolution without counter or with only very short counters. The system is automatically going to be able positions with preselected speed or acceleration and set for use for control variables as needed priorities.

Electronic signature verification method and system

Abstract: Electronic signature and message verification is obtained using a central vault which is a physically secured Authenticator designed as a hardware automaton not under control of any operating system. All secure electronic signature verification transactions between terminals (users at stations A and B) are transacted through the vault. The vault and all terminals include an identical key-controlled block-ciper cryptographic facility wherein each user at a terminal has access only to his own key and wherein the vault has access to all user keys. User A first sends to the vault a message comprising a clear first part and an encrypted second part. The vault obtains A's key from the clear first part and decrypts the second part. The vault transmits to user B all encrypted under B's key, the encrypted second part and the decrypted second part, and user B performs a decryption using his key, and stores said encrypted second part. User B then initiates an equivalent return message procedure to user A via the vault. At the end of a transaction, user A and user B each have uniquely encrypted messages which can be utilized in later arbitration proceedings wherein user A cannot later deny having sent a message or its content and similarly user B cannot deny having received the message or its specific content.

The Design of Secure CPU-Multiplexed Computer Systems: The Master/Slave Architecture

Abstract: Operating systems security is relatively new area. Most Operating Systems were designed without adequate attention to security since the primary concerns were economic. In this paper we present a new architecture that facilitates the design of secure time-shared Operating Systems. This approach differs from others that rely on verification to achieve security. In the proposed architecture, encryption is used to enforce the security policies.

Managing system for key for encryption communication

Abstract: PURPOSE:To avoid a wiretapper from obtaining a hold to decription by dividing a secret key into two, using one for normal encryption communication and the other for a check pattern to the propriety of the secret key. CONSTITUTION:Transmission and reception parties operate X and Y respectively and obtain the value of a common key through the exchange of the value of operation. As to the common key K, the A side divides the key K1 into a test pattern and an encryption part and applies the test pattern part to an encryptor part CDC via a switch SW1 for encryption. An encripted signal reaches the reception party B via a transmission line TL. The reception party B uses the encryption key part of the common key K2 at a decryptor CDC and decrypts the signal and transmits it to a comparator to confirm the keys K1 and K2 equal with each other. From the A side, a communication message from a decryption signal source CL is inputted to the encryptor CDC and the message is transmitted to the B side, where the message can correctly be decrypted. In this case, even if the wiretapper WTP listens in the communication, no hold can be given for the decryption.