GB2228650A - A data encryption device - Google Patents
A data encryption device Download PDFInfo
- Publication number
- GB2228650A GB2228650A GB8901497A GB8901497A GB2228650A GB 2228650 A GB2228650 A GB 2228650A GB 8901497 A GB8901497 A GB 8901497A GB 8901497 A GB8901497 A GB 8901497A GB 2228650 A GB2228650 A GB 2228650A
- Authority
- GB
- United Kingdom
- Prior art keywords
- data
- memory
- read
- encryption
- transmission
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/125—Parallelization or pipelining, e.g. for accelerating processing of cryptographic operations
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
A data encryption device for use in transferring data from one computer terminal to another comprises a first encryption unit to which input data for transmission is presented from the computer terminal and in which the input data is applied to the address lines (18) of a read-only memory (19) whereby to generate from the output of the read-only memory (19) data previously stored at the address location determined by the data, for transmission to the other computer terminal via a second encryption unit having a complementary read-only memory at the output of which the input data appears when the encrypted data is presented on its address lines. Each encryption unit has a second ROM, (26), with a memory map different to that of the first, so that encryption is different for each different direction of transmission. <IMAGE>
Description
A DATA ENCRYPTION DEVICE
The present Invention relates generally to a data encryption device, and particularly to such a device adapted for use In providing security for the transmisslon of data from one computer terminal to another via a telephone I ine.
Split site enterprises are becoming Increasingly prevalent, and it is frequently necessary to transmit data captured at one site to another for Informatlon of personnel at the second site or for processing there.
This data, particularly in a highly competitive environment, Is often confidential and would be damaging if access to It could be gained by unauthorised personnel.
Computer enthusiasts have discovered that it Is possible to gain access to data on large scale databanks of computers having access via land lines (telephone lines) and publicity has been given to successful attempts by so-called "hackers" who have managed to defeat the security arrqngements Intended to limit the access of non-authorised personnel to the information held on the computer's memory. In the case of smaller spllt site enterprises determined and continuous attempts by hackers to break Into their computer databanks have a high probability of success because of the lack of adequate security provisions.Further, authorlsed transmisslon of data from one data terminal to another along a land line may lead to a breach In security if a hacker Is able to make a connection to the land line whilst transmission Is taking place.
The present invention seeks to provide a data encryptlon device which will economically encrypt data ready for transmission from one computer terminal to another in a manner which will be difficult to decipher. The present
Invent ion also seeks to provide other barriers against unauthorlsed access to secure Information so as to deter hackers from repeated attempts to break into a computer's memory.
According to one aspect of the present Invention, therefore, a data encryption device for use In transferring data from one computer terminal to another comprises a first encryption unit to which Input data for transmission is presented from the computer terminal and
In which the said input data Is applied to a read-only memory on the address lines thereof whereby to generate from the output of the read-only memory data prev!ously stored at the address location determined by the said data for transmission to the other computer terminal via a second encryption unit having a complementary read-only memory at the output of which the said Input data appears when the encrypted data Is presented to the address lines thereof.
A data encryption system for use betwen two communicating computer terminals thus comprises two encrypt ion units each Including a read-only memory having complementary memory maps such that a given data character, when applled as an address signal to the read-only memory of the first encryption unit generates an encrypted data signal which, when applied as an address signal to the read-only memory of the second encryption unit Is converted back Into the original data signal. Whilst travelling between the two encryption units, however, the original data is In a converted form related only in a random manner to the original data signal.
Of course, in this simple arrangement each data character will be converted uniquely into a given encrypted character and, given sufficient time, a hacker may be able to decipher the code. The present invent ion provides various different means by which such attempts can be thwarted. First, each encryption unit also includes a second read-only memory, the second read-only memory of each unit belng provided with a memory map different from that of the first, but complementary to that of a second read-only memory In the other encryption unit, with the circuit belng configured such that transmission of data from one terminal to the other makes use of one pair of read-only memories so that encryptlon Is different for each different direction of transmission.Any "Interrogate" signals directed at a computer terminal by an Intending hacker, therefore, will first be decoded by one of the read-only memorles to produce a meaningless output, and even if the hacker were correctly to ascertaln the code for supplying to the computer any computer response would pass through the other read-only memory and produce a meaningless output.
It is, of course, possible that the different codes used
In transmission of data In each of the two different directions could, agaln given sufficient time and access to the two computers, be deciphered, and for added security it Is envisaged that each read-only memory will contain a plurality of sets of mappings, It being appreciated that the number of different characters
likely to be transmitted (namely Individual letters of the alphabet and numerals from 0-9) even If expanded by a number of additional characters up to the maximum avaIlable In the ASC11 code, is still likely to be no more than 175, and only one address location will be required for each character.By contrast, modern readonly memorizes can be constructed wlth many tens of thousands of address locatlons and accordingly it will be appreclated that any one read-only memory may Include a very large number of sets of address locations at which different maps may be stored. Means may, therefore, be provided to change the memory map area of the corresponding read-only memorles in the two encryption devices In any one of a number of ways. For example, the converslon may take place on a timed basis after a predetermined number of clock pulses, may take place on a random or pseudo-random basis, or may be triggered by the arrival of a certain character or combination of characters.Providing the read-only memories track through their mappings In a predetermined sequence, and each Is sensitive to the same triggering event the data, after encryptlon, will be properly decoded to provide a meaningful output.
One embodiment of the present invention will now be more particularly descrlbed, by way of example, with reference to the accompanying drawing, the single Flgure of which
Is a block schematic diagram illustrating some of the components of a single encryption unit to be interposed between one computer terminal, referred to as the local computer terminal, and a similar such encryption unit assoclated with another computer terminal, which will be referred to as the remote computer terminal.
Referrlng now to the drawing, the circuit is synchronised by a clock circult generally indicated 11 comprising a 4702 baud generator 12 fed from a 2.5476 MHz crystal 13.
The pulse repetition frequency of the clock signal is selectable by switches from 300 to 9.6 K, thereby generating a frequency of 16 times the baud rate. The clock signal Is fed out on a clock line 14 to the clock input of first and second universal asynchronous receiver transmitters 15, 16 respectively.
The universal asynchronous receiver transmitter 15, which will herelnafter be referred to as UART 15 recelves data from the local computer terminal on a serial data line 17. The serlal data presented on line 17 Is decoded by the UART 15 Into parallel form for presentation on parallel lines generally Indlcated 18 to the address
Inputs of a first read-only memory 19. Prior to transmission onto the lines 18, however, the UART supplies a "high" output to a data control line 20 which
is connected to the D input of a D-type fllpflop 21. The high signal on line 20 constitutes a "data ready" signal which will set the D-type flipflop 21 on the next leading edge of the clock signal applied to the C input thereof.
This takes the Q-NOT output low and clocks the data from the read-only memory 19 into the second universal asynchronous receiver transmitter 16 (hereinafter referred to as UART 16). Simultaneously the Q-NOT low signal is fed back on line 22 to the UART 15 and resets the data ready signal line 20. On the arrival of the next clock pulse the D-type circuit 21 will reset until the next occurrence of the data ready signal on line 20
indicating the Imminent arrival of the next character.
It Is considered that this delay Is necessary in order to allow time for the data to be presented to the UART and to be settled before it Is clocked In. The delay, In practice, is only one bit, that Is one sixteenth of the start bit and well within the Jitter rate allowed by the
UART. The encoded data clocked into the UART 16 from the read-only memory 19 is then transmitted on a serlal data line 23 where it will arrive at the remote encryption device the form of which exactly matches that of the encryption device shown In Figure 1 with the exception that the read-only memory to which received data is transmitted will have a mapping which Is complementary to that of the read-only memory 19.
Data transmitted from the remote computer terminal arrives on a line 24 leading to an Input terminal of UART 16 which decodes this Into parallel form and transfers it on parallel lines 25 to the address inputs of a second read-only memory 26. The mapping In the read-only memory 26 is different from that In the read-only memory 19 and complementary to that of the corresponding read-only memory In the remote encryptlon unit so that the encryption is different in the two different directlons of transfer of data. Control of the transfer from UART
16 via a second read-only memory 26 to the UART 15 Is effected by a second D-type flipflop circuit 27 which operates in an entirely analogous manner to that of the
D-type circuit 21 which controls the transmission of
Information from UART 15 through read-only memory 19 to
UART 16.
In order to permit direct transmission of data, that is
In an unscrambled form, one set of address memory
locations contaln data Identical to the address so that the apparent effect of straight through transmission without encryption Is achieved even though the circuit is operating in exactly the same way. This area of the ROM may be addressed at will using a switch Identified as switch 28 in the inset to Figure 1.
Claims (7)
1. A data encryption device for use in transferring data from one computer terminal to another which device comprises a first encryptlon unit to which Input data for transmission is presented from the computer terminal and
in which the said Input data is applied to a read-only memory on the address lines thereof whereby to generate from the output of the read-only memory data previously stored at the address location determined by the sald data for transmission to the other computer terminal via a second encryption unit having a complementary read-only memory at the output of which the said Input data appears when the encrypted data Is presented to the address lines thereof.
2. A data encryption device as clalmed In Claim 1 and comprising two encryption units each Including a readonly memory having complementary memory maps such that a given data character, when applled as an address signal to the read-only memory of the first encryption unit, generates an encrypted data signal which, when applled as an address signal to the read-only memory of the second encryptlon unit, is converted back Into the original data signal.
3. A device as claimed In Claim 1 or Claim 2 wherein each encryption unit includes a second read-only memory, the second read-only memory of each unit being provided with a memory map different from that of the first, but complementary to that of a second read-only memory In the other encryption unit, wlth the circuit belng configured such that transmission of data from one terminal to the other makes use of one pair of read-only memorles so that encryptlon is different for each different direction of transmisslon.
4. A device as claimed In any one of Claims 1 to 3 wherein each read-only memory contains a pluraLity of sets of mappings.
5. A device as claimed In Clalm 4 whereln means Is provided to change the memory map area of the corresponding read-only memories In the two encryption devices In any one of a plurality of ways.
6. A device as clalmed In Clalm 5 wherein the converslon takes place on a timed basis after a predetermined number of clock pulses, on a random or pseudo-random basis or is triggered by the arrival of a predetermined character or combination of characters.
7. A data encryption device substantially as hereinbefore described with reference to the accompanying drawings.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB8901497A GB2228650A (en) | 1989-01-24 | 1989-01-24 | A data encryption device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB8901497A GB2228650A (en) | 1989-01-24 | 1989-01-24 | A data encryption device |
Publications (2)
Publication Number | Publication Date |
---|---|
GB8901497D0 GB8901497D0 (en) | 1989-07-05 |
GB2228650A true GB2228650A (en) | 1990-08-29 |
Family
ID=10650503
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
GB8901497A Withdrawn GB2228650A (en) | 1989-01-24 | 1989-01-24 | A data encryption device |
Country Status (1)
Country | Link |
---|---|
GB (1) | GB2228650A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0553948A2 (en) * | 1992-01-06 | 1993-08-04 | Advanced Micro Devices, Inc. | Digital speech encryption using encryption memory |
WO1995016320A1 (en) * | 1993-12-09 | 1995-06-15 | John Timothy Hember | Local area network encryption/decryption system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2105553A (en) * | 1981-08-10 | 1983-03-23 | Rediffusion Radio System Limit | Communications system and method |
EP0202989A1 (en) * | 1985-05-15 | 1986-11-26 | Thomson-Csf | Enciphering apparatus using substitutions and permutations |
GB2189970A (en) * | 1986-05-01 | 1987-11-04 | British Broadcasting Corp | Data conversion |
GB2194419A (en) * | 1986-08-08 | 1988-03-02 | British Broadcasting Corp | Data encipherment |
WO1988006388A1 (en) * | 1987-02-18 | 1988-08-25 | Security Two, Inc. | Communication port encryption/decryption method and apparatus |
-
1989
- 1989-01-24 GB GB8901497A patent/GB2228650A/en not_active Withdrawn
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2105553A (en) * | 1981-08-10 | 1983-03-23 | Rediffusion Radio System Limit | Communications system and method |
EP0202989A1 (en) * | 1985-05-15 | 1986-11-26 | Thomson-Csf | Enciphering apparatus using substitutions and permutations |
GB2189970A (en) * | 1986-05-01 | 1987-11-04 | British Broadcasting Corp | Data conversion |
GB2194419A (en) * | 1986-08-08 | 1988-03-02 | British Broadcasting Corp | Data encipherment |
WO1988006388A1 (en) * | 1987-02-18 | 1988-08-25 | Security Two, Inc. | Communication port encryption/decryption method and apparatus |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0553948A2 (en) * | 1992-01-06 | 1993-08-04 | Advanced Micro Devices, Inc. | Digital speech encryption using encryption memory |
EP0553948A3 (en) * | 1992-01-06 | 1993-09-08 | Advanced Micro Devices, Inc. | Digital speech encryption using encryption memory |
WO1995016320A1 (en) * | 1993-12-09 | 1995-06-15 | John Timothy Hember | Local area network encryption/decryption system |
Also Published As
Publication number | Publication date |
---|---|
GB8901497D0 (en) | 1989-07-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5241597A (en) | Method for recovering from encryption key variable loss | |
US5384848A (en) | Encrypted virtual terminal equipment having initialization device for preventing reply attack | |
US7092400B2 (en) | Method of transmitting data through a data bus | |
US20040086121A1 (en) | Secure automatic dependant surveillance | |
EP0735718A1 (en) | Method and apparatus for high bandwidth encryption/decryption using a low bandwidth cryprographic module | |
US20100313028A1 (en) | Electronic Signature Method and Electronic Signature Tool | |
WO1995006373A1 (en) | Method and apparatus for decryption using cache storage | |
KR20000057584A (en) | Process for securing the privacy of data transmission | |
CN102668445A (en) | Embedded sfe: offloading server and network using hardware token | |
ES2285782T3 (en) | DATA ENCRYPTION SYSTEM FOR INTERNET COMMUNICATIONS. | |
EP0309447B1 (en) | Ciphering and deciphering device | |
EP0018129B1 (en) | Method of providing security of data on a communication path | |
Azzaz et al. | A new chaos-based text encryption to secure gps data | |
US4856063A (en) | No-overhead synchronization for cryptographic systems | |
JPH1139082A (en) | Keyboard device having security function and method therefor | |
Rijmenants | One-time pad | |
GB2228650A (en) | A data encryption device | |
JP2000305849A (en) | Transmitter and its method, receiver and its method and communication system | |
Diffie et al. | Privacy and Authentication: An Introduction to Cryptography | |
CN114040356A (en) | Intelligent networking automobile data safety protection method integrating quantum safety | |
GB878645A (en) | Enciphering and deciphering apparatus for secret telegraph systems | |
CN112506881A (en) | Evaluation expert information processing method and device based on block chain | |
JPS5941939A (en) | Communication system | |
CN101449544B (en) | Especially the message reception facility in field, relevant aircraft and method is exchanged in data securityization | |
JP2007288230A (en) | Computer communication apparatus, decrypted information generating apparatus and program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |