Showing papers on "On-the-fly encryption published in 1992"

Method and system for multimedia access control enablement

Abstract: A method and system are disclosed for securely distributing a plurality of software files from a software distribution processor to a user processor, while selectively enabling the user processor to only use a subset of a lesser plurality of the software files. This is achieved by employing a customer key which includes a clear customer number and a derived portion derived from the customer number. The customer key is transformed into a second customer key which serves as a key expression for encrypting a file encryption key specifically intended for a respective one of the plurality of files. A plurality of software files can be stored together, for example on a CD-ROM, with each file encrypted under a corresponding file encryption key. The CD-ROM can be distributed to many user processors. When a specific user processor needs to run one of the software files, a request will be transmitted from the user processor to the software distribution processor. In response to that request, an encrypted file encryption key specific for the requested file, will be transmitted to the user processor. This will enable the user processor to decrypt only the requested file from the CD-ROM. All other files on the CD-ROM remain in their encrypted form and cannot be decrypted and used by the file encryption key received from the software distribution processor.

Encryption/decryption apparatus with non-accessible table of keys

Abstract: An encryption/decryption unit (EDU) that handles management of encryption keys used in the secure exchange of data over non-secure communication links. Each EDU includes a central processing unit (CPU) that controls its operation, random access memory (RAM) in which tables of key exchange keys (KEKs) are stored, and a data encryption standard (DES) coprocessor that implements a data encryption algorithm developed by the U.S. National Bureau of Standards--all comprising a module that is embedded in a potting material. Attempts to remove the potting material either by mechanical or solvent means are likely to result in loss of the data and program code stored in the module. The CPU includes special circuitry enabling it to operate in an encrypted mode so that it can not be interrogated to discover the program or data stored therein. This program enables the EDU to establish secure communications with another similar EDU over a non-secure link. Each EDU establishing a secure communications session randomly generates a portion of a session data encryption key (DEK) that is encoded by using a KEK from either a public or private table of keys stored in the embedded RAM. The two EDUs exchange the encrypted portions of the DEK, decrypt the portions, and then logically combine them to determine the current session DEK. Use of a stored EDU ID in each EDU comprising the link prevents a third EDU from bridging the link to tap into the communications between two stations.

Method and apparatus for encryption, decryption and authentication using dynamical systems

Abstract: A method and apparatus provide encryption, decryption and authentication of messages using dynamical systems. The method and apparatus preferably operate on an information stream which may comprise message information, authentication information, and random or pseudo-random information. The initial secret keys of the system are a collection of dynamical systems, at least one of which is irreversible. These keys operate on states of the dynamical systems into which the message has been encoded. To initialize the encryption, a subset of the secret keys are selected to be current keys, and the desired message is encoded into the initial states. Encryption continues over a plurality of cycles. During each cycle the current keys are applied either backward or forward in time to their current states, over a plurality of sub-cycles. If during an encryption cycle an irreversible dynamical system is iterated in the backward direction, the choice of antecedent states may either be made randomly or according to information from the input information stream. After all encryption cycles have been performed, the current states of the dynamical system constitute the ciphertext. The ciphertext may then be decrypted by a method similar to the encryption method. In the preferred embodiment, random noise is diffused into the plaintext during encryption, and eliminated during decryption. The apparatus of encryption and decryption in the preferred embodiment operates with parallel hardware using only bit operations and table lookup; it may thus be made to operate in an exceedingly fast manner.

Dynamic encryption key selection for encrypted radio transmissions

Abstract: A radio (100) transmits and receives encrypted signals having unencrypted key identifiers, allowing other radios having the corresponding key identifiers and encryption keys to communicate with radio (100). Prior to transmitting an encrypted message, radio (100) selects a unique key identifier automatically and uses the corresponding encryption key to encrypt the message that will be transmitted. Radio (100) transmits the key identifier in an unencrypted format with the encrypted message in order to allow other radios to determine the encryption key used in encrypting the message. When receiving an encrypted message, radio (100) uses the predetermined process stored in the radio (100) to properly select the proper encryption key for use in decrypting the incoming message.

Means for identification and exchange of encryption keys

Abstract: The invention relates to a means for identification and exchange of encryption keys between communicating apparatuses for encrypted transmissions. The means comprises a card reader for smart cards connected to the communication apparatus which may be a telecommunication apparatus, e.g. of telephone or facsimile type. The reader can communicate with another reader at a called telecommunication apparatus. For identification and exchange of encryption keys the required calculations are performed by the reader or the smart card using data stored on the smart card in a protected field with limited access. The means enable intercommunication between products of different makes owing to a standard identification procedure and exchange of encryption keys.

Data processing system having an encryption device

Abstract: A data-processing system includes an address bus and a data bus operatively coupled to a central processing unit, main memories, and control circuits for peripheral equipment, information carried on the data bus being encrypted. An encryption and decryption device is operatively coupled between the data bus and the central processing unit, for encrypting and decrypting the information.

Cryptographic apparatus and method for a data communication network

Abstract: A data transmission network (12) has a plurality of computers (14) interconnected by a transmission channel (12). The computer communicates with the channel through a security device (16) which encrypts and decrypts data. The device uses a key packet distributed over the network from which a new key is derived by using the encryption process within the device. The encryption process makes use of a data sequence or 'secret' peculiar to each domain so that the key generated in the domain is also peculiar to that domain. The key is changed as the encryption proceeds and upon completion of the data transmission. Each device periodically generates a new key for distribution over the network.

Data processing system with access protection

Abstract: In conventional data processing systems such as, for example, personal computers, there is a possibility of unauthorised access to the CPU. It is proposed to redesign the data processing system in such a manner that only encrypted information is transmitted on the data or address bus or on both. An encryption/decryption device is inserted into the socket provided for the CPU for this purpose. The CPU itself is inserted into the encryption device. … …

Yet another machine to break DES

Abstract: The Data Encryption Standard (DES) has been the subject of multiple attempts at breaking. As of this date no one has announced a method that will break DES with certainty. In this paper we do not consider a method but develop another machine. Many such machines have been proposed over the years (see [14]). Our machine makes use of current high-speed encryption chips in combination with hardware fuzzy comparers to automate the breaking process.

Toggle cipher transmitted between interconnected networks, encryption unit and encrypted data communication device using a óoeuvre such a process.

Abstract: This is a message encryption method transmitted between networks interconnected via highways using a specified network protocol, including for example the Internet Protocol (IP), a data communication device between the Figures least two devices belonging to two different networks interconnected via highways using a specified network protocol, and an encryption apparatus implementing said method. The method is characterized in that it encrypts messages keeping clear the "header" of the message allowing its delivery via gateways.