GB2228650A - A data encryption device - Google Patents

A data encryption device Download PDF

Info

Publication number
GB2228650A
GB2228650A GB8901497A GB8901497A GB2228650A GB 2228650 A GB2228650 A GB 2228650A GB 8901497 A GB8901497 A GB 8901497A GB 8901497 A GB8901497 A GB 8901497A GB 2228650 A GB2228650 A GB 2228650A
Authority
GB
United Kingdom
Prior art keywords
data
memory
read
encryption
transmission
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB8901497A
Other versions
GB8901497D0 (en
Inventor
Joseph Robeson
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
P C HIRE Ltd
Original Assignee
P C HIRE Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by P C HIRE Ltd filed Critical P C HIRE Ltd
Priority to GB8901497A priority Critical patent/GB2228650A/en
Publication of GB8901497D0 publication Critical patent/GB8901497D0/en
Publication of GB2228650A publication Critical patent/GB2228650A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • H04L2209/125Parallelization or pipelining, e.g. for accelerating processing of cryptographic operations

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)

Abstract

A data encryption device for use in transferring data from one computer terminal to another comprises a first encryption unit to which input data for transmission is presented from the computer terminal and in which the input data is applied to the address lines (18) of a read-only memory (19) whereby to generate from the output of the read-only memory (19) data previously stored at the address location determined by the data, for transmission to the other computer terminal via a second encryption unit having a complementary read-only memory at the output of which the input data appears when the encrypted data is presented on its address lines. Each encryption unit has a second ROM, (26), with a memory map different to that of the first, so that encryption is different for each different direction of transmission. <IMAGE>

Description

A DATA ENCRYPTION DEVICE The present Invention relates generally to a data encryption device, and particularly to such a device adapted for use In providing security for the transmisslon of data from one computer terminal to another via a telephone I ine.
Split site enterprises are becoming Increasingly prevalent, and it is frequently necessary to transmit data captured at one site to another for Informatlon of personnel at the second site or for processing there.
This data, particularly in a highly competitive environment, Is often confidential and would be damaging if access to It could be gained by unauthorised personnel.
Computer enthusiasts have discovered that it Is possible to gain access to data on large scale databanks of computers having access via land lines (telephone lines) and publicity has been given to successful attempts by so-called "hackers" who have managed to defeat the security arrqngements Intended to limit the access of non-authorised personnel to the information held on the computer's memory. In the case of smaller spllt site enterprises determined and continuous attempts by hackers to break Into their computer databanks have a high probability of success because of the lack of adequate security provisions.Further, authorlsed transmisslon of data from one data terminal to another along a land line may lead to a breach In security if a hacker Is able to make a connection to the land line whilst transmission Is taking place.
The present invention seeks to provide a data encryptlon device which will economically encrypt data ready for transmission from one computer terminal to another in a manner which will be difficult to decipher. The present Invent ion also seeks to provide other barriers against unauthorlsed access to secure Information so as to deter hackers from repeated attempts to break into a computer's memory.
According to one aspect of the present Invention, therefore, a data encryption device for use In transferring data from one computer terminal to another comprises a first encryption unit to which Input data for transmission is presented from the computer terminal and In which the said input data Is applied to a read-only memory on the address lines thereof whereby to generate from the output of the read-only memory data prev!ously stored at the address location determined by the said data for transmission to the other computer terminal via a second encryption unit having a complementary read-only memory at the output of which the said Input data appears when the encrypted data Is presented to the address lines thereof.
A data encryption system for use betwen two communicating computer terminals thus comprises two encrypt ion units each Including a read-only memory having complementary memory maps such that a given data character, when applled as an address signal to the read-only memory of the first encryption unit generates an encrypted data signal which, when applied as an address signal to the read-only memory of the second encryption unit Is converted back Into the original data signal. Whilst travelling between the two encryption units, however, the original data is In a converted form related only in a random manner to the original data signal.
Of course, in this simple arrangement each data character will be converted uniquely into a given encrypted character and, given sufficient time, a hacker may be able to decipher the code. The present invent ion provides various different means by which such attempts can be thwarted. First, each encryption unit also includes a second read-only memory, the second read-only memory of each unit belng provided with a memory map different from that of the first, but complementary to that of a second read-only memory In the other encryption unit, with the circuit belng configured such that transmission of data from one terminal to the other makes use of one pair of read-only memories so that encryptlon Is different for each different direction of transmission.Any "Interrogate" signals directed at a computer terminal by an Intending hacker, therefore, will first be decoded by one of the read-only memorles to produce a meaningless output, and even if the hacker were correctly to ascertaln the code for supplying to the computer any computer response would pass through the other read-only memory and produce a meaningless output.
It is, of course, possible that the different codes used In transmission of data In each of the two different directions could, agaln given sufficient time and access to the two computers, be deciphered, and for added security it Is envisaged that each read-only memory will contain a plurality of sets of mappings, It being appreciated that the number of different characters likely to be transmitted (namely Individual letters of the alphabet and numerals from 0-9) even If expanded by a number of additional characters up to the maximum avaIlable In the ASC11 code, is still likely to be no more than 175, and only one address location will be required for each character.By contrast, modern readonly memorizes can be constructed wlth many tens of thousands of address locatlons and accordingly it will be appreclated that any one read-only memory may Include a very large number of sets of address locations at which different maps may be stored. Means may, therefore, be provided to change the memory map area of the corresponding read-only memorles in the two encryption devices In any one of a number of ways. For example, the converslon may take place on a timed basis after a predetermined number of clock pulses, may take place on a random or pseudo-random basis, or may be triggered by the arrival of a certain character or combination of characters.Providing the read-only memories track through their mappings In a predetermined sequence, and each Is sensitive to the same triggering event the data, after encryptlon, will be properly decoded to provide a meaningful output.
One embodiment of the present invention will now be more particularly descrlbed, by way of example, with reference to the accompanying drawing, the single Flgure of which Is a block schematic diagram illustrating some of the components of a single encryption unit to be interposed between one computer terminal, referred to as the local computer terminal, and a similar such encryption unit assoclated with another computer terminal, which will be referred to as the remote computer terminal.
Referrlng now to the drawing, the circuit is synchronised by a clock circult generally indicated 11 comprising a 4702 baud generator 12 fed from a 2.5476 MHz crystal 13.
The pulse repetition frequency of the clock signal is selectable by switches from 300 to 9.6 K, thereby generating a frequency of 16 times the baud rate. The clock signal Is fed out on a clock line 14 to the clock input of first and second universal asynchronous receiver transmitters 15, 16 respectively.
The universal asynchronous receiver transmitter 15, which will herelnafter be referred to as UART 15 recelves data from the local computer terminal on a serial data line 17. The serlal data presented on line 17 Is decoded by the UART 15 Into parallel form for presentation on parallel lines generally Indlcated 18 to the address Inputs of a first read-only memory 19. Prior to transmission onto the lines 18, however, the UART supplies a "high" output to a data control line 20 which is connected to the D input of a D-type fllpflop 21. The high signal on line 20 constitutes a "data ready" signal which will set the D-type flipflop 21 on the next leading edge of the clock signal applied to the C input thereof.
This takes the Q-NOT output low and clocks the data from the read-only memory 19 into the second universal asynchronous receiver transmitter 16 (hereinafter referred to as UART 16). Simultaneously the Q-NOT low signal is fed back on line 22 to the UART 15 and resets the data ready signal line 20. On the arrival of the next clock pulse the D-type circuit 21 will reset until the next occurrence of the data ready signal on line 20 indicating the Imminent arrival of the next character.
It Is considered that this delay Is necessary in order to allow time for the data to be presented to the UART and to be settled before it Is clocked In. The delay, In practice, is only one bit, that Is one sixteenth of the start bit and well within the Jitter rate allowed by the UART. The encoded data clocked into the UART 16 from the read-only memory 19 is then transmitted on a serlal data line 23 where it will arrive at the remote encryption device the form of which exactly matches that of the encryption device shown In Figure 1 with the exception that the read-only memory to which received data is transmitted will have a mapping which Is complementary to that of the read-only memory 19.
Data transmitted from the remote computer terminal arrives on a line 24 leading to an Input terminal of UART 16 which decodes this Into parallel form and transfers it on parallel lines 25 to the address inputs of a second read-only memory 26. The mapping In the read-only memory 26 is different from that In the read-only memory 19 and complementary to that of the corresponding read-only memory In the remote encryptlon unit so that the encryption is different in the two different directlons of transfer of data. Control of the transfer from UART 16 via a second read-only memory 26 to the UART 15 Is effected by a second D-type flipflop circuit 27 which operates in an entirely analogous manner to that of the D-type circuit 21 which controls the transmission of Information from UART 15 through read-only memory 19 to UART 16.
In order to permit direct transmission of data, that is In an unscrambled form, one set of address memory locations contaln data Identical to the address so that the apparent effect of straight through transmission without encryption Is achieved even though the circuit is operating in exactly the same way. This area of the ROM may be addressed at will using a switch Identified as switch 28 in the inset to Figure 1.

Claims (7)

1. A data encryption device for use in transferring data from one computer terminal to another which device comprises a first encryptlon unit to which Input data for transmission is presented from the computer terminal and in which the said Input data is applied to a read-only memory on the address lines thereof whereby to generate from the output of the read-only memory data previously stored at the address location determined by the sald data for transmission to the other computer terminal via a second encryption unit having a complementary read-only memory at the output of which the said Input data appears when the encrypted data Is presented to the address lines thereof.
2. A data encryption device as clalmed In Claim 1 and comprising two encryption units each Including a readonly memory having complementary memory maps such that a given data character, when applled as an address signal to the read-only memory of the first encryption unit, generates an encrypted data signal which, when applled as an address signal to the read-only memory of the second encryptlon unit, is converted back Into the original data signal.
3. A device as claimed In Claim 1 or Claim 2 wherein each encryption unit includes a second read-only memory, the second read-only memory of each unit being provided with a memory map different from that of the first, but complementary to that of a second read-only memory In the other encryption unit, wlth the circuit belng configured such that transmission of data from one terminal to the other makes use of one pair of read-only memorles so that encryptlon is different for each different direction of transmisslon.
4. A device as claimed In any one of Claims 1 to 3 wherein each read-only memory contains a pluraLity of sets of mappings.
5. A device as claimed In Clalm 4 whereln means Is provided to change the memory map area of the corresponding read-only memories In the two encryption devices In any one of a plurality of ways.
6. A device as clalmed In Clalm 5 wherein the converslon takes place on a timed basis after a predetermined number of clock pulses, on a random or pseudo-random basis or is triggered by the arrival of a predetermined character or combination of characters.
7. A data encryption device substantially as hereinbefore described with reference to the accompanying drawings.
GB8901497A 1989-01-24 1989-01-24 A data encryption device Withdrawn GB2228650A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB8901497A GB2228650A (en) 1989-01-24 1989-01-24 A data encryption device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB8901497A GB2228650A (en) 1989-01-24 1989-01-24 A data encryption device

Publications (2)

Publication Number Publication Date
GB8901497D0 GB8901497D0 (en) 1989-07-05
GB2228650A true GB2228650A (en) 1990-08-29

Family

ID=10650503

Family Applications (1)

Application Number Title Priority Date Filing Date
GB8901497A Withdrawn GB2228650A (en) 1989-01-24 1989-01-24 A data encryption device

Country Status (1)

Country Link
GB (1) GB2228650A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0553948A2 (en) * 1992-01-06 1993-08-04 Advanced Micro Devices, Inc. Digital speech encryption using encryption memory
WO1995016320A1 (en) * 1993-12-09 1995-06-15 John Timothy Hember Local area network encryption/decryption system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2105553A (en) * 1981-08-10 1983-03-23 Rediffusion Radio System Limit Communications system and method
EP0202989A1 (en) * 1985-05-15 1986-11-26 Thomson-Csf Enciphering apparatus using substitutions and permutations
GB2189970A (en) * 1986-05-01 1987-11-04 British Broadcasting Corp Data conversion
GB2194419A (en) * 1986-08-08 1988-03-02 British Broadcasting Corp Data encipherment
WO1988006388A1 (en) * 1987-02-18 1988-08-25 Security Two, Inc. Communication port encryption/decryption method and apparatus

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2105553A (en) * 1981-08-10 1983-03-23 Rediffusion Radio System Limit Communications system and method
EP0202989A1 (en) * 1985-05-15 1986-11-26 Thomson-Csf Enciphering apparatus using substitutions and permutations
GB2189970A (en) * 1986-05-01 1987-11-04 British Broadcasting Corp Data conversion
GB2194419A (en) * 1986-08-08 1988-03-02 British Broadcasting Corp Data encipherment
WO1988006388A1 (en) * 1987-02-18 1988-08-25 Security Two, Inc. Communication port encryption/decryption method and apparatus

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0553948A2 (en) * 1992-01-06 1993-08-04 Advanced Micro Devices, Inc. Digital speech encryption using encryption memory
EP0553948A3 (en) * 1992-01-06 1993-09-08 Advanced Micro Devices, Inc. Digital speech encryption using encryption memory
WO1995016320A1 (en) * 1993-12-09 1995-06-15 John Timothy Hember Local area network encryption/decryption system

Also Published As

Publication number Publication date
GB8901497D0 (en) 1989-07-05

Similar Documents

Publication Publication Date Title
US5241597A (en) Method for recovering from encryption key variable loss
US5384848A (en) Encrypted virtual terminal equipment having initialization device for preventing reply attack
US7092400B2 (en) Method of transmitting data through a data bus
US20040086121A1 (en) Secure automatic dependant surveillance
EP0735718A1 (en) Method and apparatus for high bandwidth encryption/decryption using a low bandwidth cryprographic module
US20100313028A1 (en) Electronic Signature Method and Electronic Signature Tool
WO1995006373A1 (en) Method and apparatus for decryption using cache storage
KR20000057584A (en) Process for securing the privacy of data transmission
CN102668445A (en) Embedded sfe: offloading server and network using hardware token
ES2285782T3 (en) DATA ENCRYPTION SYSTEM FOR INTERNET COMMUNICATIONS.
EP0309447B1 (en) Ciphering and deciphering device
EP0018129B1 (en) Method of providing security of data on a communication path
Azzaz et al. A new chaos-based text encryption to secure gps data
US4856063A (en) No-overhead synchronization for cryptographic systems
JPH1139082A (en) Keyboard device having security function and method therefor
Rijmenants One-time pad
GB2228650A (en) A data encryption device
JP2000305849A (en) Transmitter and its method, receiver and its method and communication system
Diffie et al. Privacy and Authentication: An Introduction to Cryptography
CN114040356A (en) Intelligent networking automobile data safety protection method integrating quantum safety
GB878645A (en) Enciphering and deciphering apparatus for secret telegraph systems
CN112506881A (en) Evaluation expert information processing method and device based on block chain
JPS5941939A (en) Communication system
CN101449544B (en) Especially the message reception facility in field, relevant aircraft and method is exchanged in data securityization
JP2007288230A (en) Computer communication apparatus, decrypted information generating apparatus and program

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)