[go: up one dir, main page]

GB2194419A - Data encipherment - Google Patents

Data encipherment Download PDF

Info

Publication number
GB2194419A
GB2194419A GB8718674A GB8718674A GB2194419A GB 2194419 A GB2194419 A GB 2194419A GB 8718674 A GB8718674 A GB 8718674A GB 8718674 A GB8718674 A GB 8718674A GB 2194419 A GB2194419 A GB 2194419A
Authority
GB
United Kingdom
Prior art keywords
data
algorithm
bit
bits
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB8718674A
Other versions
GB8718674D0 (en
Inventor
John Philip Chambers
Derek Thomas Wright
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
British Broadcasting Corp
Original Assignee
British Broadcasting Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by British Broadcasting Corp filed Critical British Broadcasting Corp
Publication of GB8718674D0 publication Critical patent/GB8718674D0/en
Publication of GB2194419A publication Critical patent/GB2194419A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

Data encipherment and decipherment is achieved by converting blocks of input bits into blocks of output bits. The input bits are subjected to the operation of an algorithm, such as in accordance with the DES standard, involving a plurality of bit-permutation and/or substitution operations selected under the control of a key of substantial length. In the invention the operations available for selection by the key are changed in response to operation-control data received from an external source such as one involving the use of teletext or videotext, or using card or bar code readers, or direct keyboard input.

Description

SPECIFICATION Data encipherment BACKGROUND OF THE INVENTION This invention relates to a data encipherment apparatus and method which converts a block of input bits into a block of output bits under the control of a key of substantial length.
Several data encryption algorithms have been defined where the input data is converted into output data by passing it through a succession of bit-permutation operations (re-arranging the order of the bits in the data word) and substitution tables (groups of bits are used to address tables which produce new bit patterns). Typical algorithms have input and output words of 64 bits and are controlled by a key of up to 64 bits in length. The exact process of the conversion depends in each case not only on a key variable which acts upon the data path, but also upon the definitions of the bit permutations and substitution tables around which the algorithm is constructed.
One example of such an encryption method is known as DES and published by U.S. National Bureau of Standards, "Data Encryption Standard", Federal Information Processing Standards Publication 46 (January 15, 1977). This specification assumes a knowledge of this standard.
The DES standard defines an algorithm based upon five bit-permutation operations and eight substitution tables. The bit permutation tables are themselves each defined by a table which lists, for each output bit, the bit number of the corresponding input bit. An output bit cannot be fed from more than one input bit but it is possible for two or more output bits to be fed from the same input bit (this is known as an expanded permutation) or for some input bits to not be used at all (a permuted choice).
In a software realisation of the algorithm the substitution tables and the tables defining the bit permutations would be stored as data constants in read only memory.
Other examples of encipherment algorithms using bit permutations and/or substitutions are to be found in our British Patent Applications Nos. 8607961 and 8610733 (International Patent Applications PCT/GB87/00216 and PCT/GB87/00266).
SUMMARY OF THE INVENTION According to this invention we provide a data cipherment method and apparatus for converting a block of input bits into a block of output bits, in which data is subjected to the operation of an algorithm defining a plurality of bit-permutation and/or substitution operations selected under the control of a key of substantial length, in which the operations available for selection by the key can be changed in response to operation-control data obtained from an external source.
In this specification the term cipherment is used to cover both encipherment and decipherment.
Thus for example with the DES algorithm instead of storing the substitution and bit-permutation tables in read-only memory they are stored in read/write memory so that they can be loaded with data obtained from an external source. The source may involve the use of transmission techniques such as teletext or videotex (Prestel (Registered Trade Mark)) or input techniques such as card readers, bar code readers, or direct keyboard input.
This enables the effect of the algorithm to be changed in a more drastic way than by changing the key variable alone. The changed algorithm is then no longer the defined DES algorithm but one of very many possible variants of it. The data loaded into the tables must conform to various restrictions imposed for the particular type of algorithm being modified.
BRIEF DESCRIPTION OF THE DRA WING The invention will be described in more detail with reference to the DES algorithm as iliustrated by the accompanying drawing in which the sole figure is a flow chart illustrating the logical structure of the DES algorithm.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT As the DES algorithm is itself known detailed description of the drawing is not deemed necessary, and reference should be made to the DES standard noted above. (This is reprinted with additional comment in "Cipher Systems" by H. Beker and F. Piper published by Northwood Publications 1982 ISBN 7198 2611 X). The figure in the drawing is taken from page 55 of "Security for Computer Networks" by D. W. Davies and W.L. Price published by John Wiley and Sons, ISBN 0 471 90063 X. Reference should be made to that book for a detailed description of the figure.The algorithm comprises a succession of five bit-permutation operations PC1, PC2, IP, IP ' and E, in which the order of the bits in the data word is re-arranged, and eight substitution tables in the S boxes in which groups of bits are applied as inputs to look-up tables which produce new bit patterns. PC1 and PC2 are permuted choice and E is an expanded permutation. The number of bits being processed at various points is indicated on the figure.
It is seen in the drawing that some of the operations are outlined by dashed boxes U to Z.
These boxes define areas capable of external re-definition. These areas provide changeable data as follows: Table of Changeable Data Dashed Box Operations Words x Bits Total U IP and Ip-1 64 x 6 384 V PC1 56 x 6 336 W PC2 48 x 6 288 X E 48 x 5 240 Y P 32 x 5 160 Z S boxes 8x64 x 4 2048 TOTAL: 3456 Thus for the DES algorithm the total data content of all the bit-permutation and substitution tables approaches 3500 bits. This gives greater freedom for change than the existing 56-bit key variable alone.
In the absence of an external source of data for loading the tables in read/write memory, a suitable set of default values could be transferred to the read/write memory from an area of read only memory. Another possibility is for partial modification of the table contents starting with initial values obtained from read only memory.
The data for modifying the table contents could be carried over the chosen transport channel enciphered by a further algorithm and key at a higher level of security. It could alternatively be carried by mechanical or physical methods (e.g. punched cards, magnetic cards, printed bar codes, typewritten numbers) and distributed by post or courier. Also a point-to-point electrical connection could be used (landline or telephone).
In a hardware realisation of the algorithm it would be considerably more difficult to change the bit permutations under the control of external data but there is still the possibility of modifying the contents of the substitution tables.
Similar principles to those described for use with the DES algorithm could be used to vary the algorithms the subject of our British Patent Applications Nos. 8607961 and 8610733 (International Patent Applications PCT/GB87/00216 and PCT/GB87/00266). In the first of these the algorithm consists of a series of bit permutations dependent upon a keyword, and in the second it consists of a repeated permutation and substitution sequence with the initial substitution pattern dependent upon a control word.

Claims (5)

1. A method of data cipherment in which blocks of input bits are converted into blocks of output bits, comprising subjecting the input bits to the operation of an algorithm defining a plurality of bit-permutation and/or substitution operations selected under the control of a key of substantial length, and changing the operations available for selection by the key in response to operation-control data received from an external source.
2. Data cipherment apparatus for converting blocks of input bits into blocks of output bits, comprising storage means for storing bit-permutation and/or substitution tables defined by an algorithm, data conversion means for subjecting input bits to a plurality of bit-permutation and/or substitution operations defined by the tables in the storage means as selected under the control of a key of substantial length to provide the output bits; and means for changing the stored tables in response to operation-control data received from an external source.
3. Apparatus according to claim 2, in which the algorithm is based on the DES algorithm.
4. A method of data cipherment substantially as herein described with reference to the drawing.
5. Data cipherment apparatus substantially as herein described with reference to the drawing.
GB8718674A 1986-08-08 1987-08-06 Data encipherment Withdrawn GB2194419A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB8619453A GB8619453D0 (en) 1986-08-08 1986-08-08 Data encipherment

Publications (2)

Publication Number Publication Date
GB8718674D0 GB8718674D0 (en) 1987-09-09
GB2194419A true GB2194419A (en) 1988-03-02

Family

ID=10602487

Family Applications (2)

Application Number Title Priority Date Filing Date
GB8619453A Pending GB8619453D0 (en) 1986-08-08 1986-08-08 Data encipherment
GB8718674A Withdrawn GB2194419A (en) 1986-08-08 1987-08-06 Data encipherment

Family Applications Before (1)

Application Number Title Priority Date Filing Date
GB8619453A Pending GB8619453D0 (en) 1986-08-08 1986-08-08 Data encipherment

Country Status (4)

Country Link
EP (1) EP0277186A1 (en)
JP (1) JPH01500794A (en)
GB (2) GB8619453D0 (en)
WO (1) WO1988001119A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2228650A (en) * 1989-01-24 1990-08-29 P C Hire Ltd A data encryption device
GB2415798A (en) * 2004-06-29 2006-01-04 Farhad Dalvi A non-deterministic secret key cipher using bit permutations

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
BE1003932A6 (en) * 1989-04-28 1992-07-22 Musyck Emile Cryptographic system by bit data block.
US5003597A (en) * 1989-12-21 1991-03-26 Xerox Corporation Method and apparatus for data encryption
RU2141729C1 (en) * 1998-01-19 1999-11-20 Государственное унитарное предприятие Специализированный центр программных систем "Спектр" Method for encrypting of binary data units

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0064779A2 (en) * 1981-04-08 1982-11-17 Philips Norden AB Method and system for the mutual encyphered identification between data communicating stations and stations for use with such method and system
GB2124856A (en) * 1982-07-23 1984-02-22 Oak Industries Inc Multi-layer encryption system for the broadcast of encrypted information
EP0111381A2 (en) * 1982-12-03 1984-06-20 Unisys Corporation Improvements in and relating to autoteller systems
GB2149944A (en) * 1983-11-14 1985-06-19 Softnet Inc Software distribution
EP0152251A2 (en) * 1984-02-07 1985-08-21 Communications Patents Limited Broadcasting system
GB2161680A (en) * 1984-07-09 1986-01-15 Toshiba Kk Transmitter/reciever for signal scrambling
EP0173647A2 (en) * 1984-08-10 1986-03-05 GRETAG Aktiengesellschaft Enciphering/deciphering method
EP0197392A2 (en) * 1985-04-11 1986-10-15 International Business Machines Corporation Improvements in cryptographic communication

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4275265A (en) * 1978-10-02 1981-06-23 Wisconsin Alumni Research Foundation Complete substitution permutation enciphering and deciphering circuit
FR2486680B1 (en) * 1980-07-11 1986-07-25 Trt Telecom Radio Electr METHOD AND DEVICE FOR SWITCHING ELEMENTS OF AN ASSEMBLY
FR2582174B1 (en) * 1985-05-15 1990-03-09 Thomson Csf SUBSTITUTION-PERMUTATION ENCRYPTION DEVICE

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0064779A2 (en) * 1981-04-08 1982-11-17 Philips Norden AB Method and system for the mutual encyphered identification between data communicating stations and stations for use with such method and system
GB2124856A (en) * 1982-07-23 1984-02-22 Oak Industries Inc Multi-layer encryption system for the broadcast of encrypted information
EP0111381A2 (en) * 1982-12-03 1984-06-20 Unisys Corporation Improvements in and relating to autoteller systems
GB2149944A (en) * 1983-11-14 1985-06-19 Softnet Inc Software distribution
EP0152251A2 (en) * 1984-02-07 1985-08-21 Communications Patents Limited Broadcasting system
GB2161680A (en) * 1984-07-09 1986-01-15 Toshiba Kk Transmitter/reciever for signal scrambling
EP0173647A2 (en) * 1984-08-10 1986-03-05 GRETAG Aktiengesellschaft Enciphering/deciphering method
EP0197392A2 (en) * 1985-04-11 1986-10-15 International Business Machines Corporation Improvements in cryptographic communication

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
WO 84/00457 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2228650A (en) * 1989-01-24 1990-08-29 P C Hire Ltd A data encryption device
GB2415798A (en) * 2004-06-29 2006-01-04 Farhad Dalvi A non-deterministic secret key cipher using bit permutations

Also Published As

Publication number Publication date
GB8718674D0 (en) 1987-09-09
EP0277186A1 (en) 1988-08-10
WO1988001119A1 (en) 1988-02-11
GB8619453D0 (en) 1986-09-17
JPH01500794A (en) 1989-03-16

Similar Documents

Publication Publication Date Title
US4751733A (en) Substitution permutation enciphering device
US5548648A (en) Encryption method and system
US5425103A (en) Variable-key cryptography system
EP1193665B1 (en) Block encryption device using auxiliary conversion
US4668103A (en) Polygraphic encryption-decryption communications system
US5261003A (en) Data communication system and method with data scrambling
US4520232A (en) Polygraphic encryption-decryption system
US5253294A (en) Secure transmission system
US5479512A (en) Method and apparatus for performing concryption
US4078152A (en) Block-cipher cryptographic system with chaining
EP0342832B1 (en) Dynamic feedback arrangement scrambling technique keystream generator
US5231662A (en) Method and device for enciphering data to be transferred and for deciphering the enciphered data, and a computer system comprising such a device
US4853962A (en) Encryption system
WO2000070819A1 (en) Cryptographic engine using base conversion, logic operations and prng in data arrays to increase dispersion in ciphertext
GB2194419A (en) Data encipherment
EP0647034B1 (en) A variable word length code decoding method, and a decoder for performing the same
SI20498A (en) Metdod for the block-encrypton of discrete data
US4177355A (en) Array device for data scrambling
US4488001A (en) Intellectual properties protection device
US7352860B2 (en) Method of encipherment by permutations of fixed-length sequences
US4724541A (en) Data-dependent binary encoder/decoder
KR970005596B1 (en) Method for encrypting and decryting digital information
EP0035048B1 (en) Cipher system using a variant key matrix
EP0411712B1 (en) Method and device for enciphering data to be transferred and for deciphering the enciphered data, and a computer system comprising such a device
Wayner A redundancy reducing cipher

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)