WO1981001933A1 - Structure de message pour communication fiable par des liaisons de transmission de donnees - Google Patents

Structure de message pour communication fiable par des liaisons de transmission de donnees Download PDF

Info

Publication number
WO1981001933A1
WO1981001933A1 PCT/US1980/001722 US8001722W WO8101933A1 WO 1981001933 A1 WO1981001933 A1 WO 1981001933A1 US 8001722 W US8001722 W US 8001722W WO 8101933 A1 WO8101933 A1 WO 8101933A1
Authority
WO
WIPO (PCT)
Prior art keywords
characters
improvement
encryption
text
tributary
Prior art date
Application number
PCT/US1980/001722
Other languages
English (en)
Inventor
W Miller
Original Assignee
Racal Milgo Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Racal Milgo Inc filed Critical Racal Milgo Inc
Priority to JP81500592A priority Critical patent/JPS56501826A/ja
Priority to DE19803050153 priority patent/DE3050153A1/de
Priority to NL8020502A priority patent/NL8020502A/nl
Publication of WO1981001933A1 publication Critical patent/WO1981001933A1/fr
Priority to SE8105098A priority patent/SE427402B/sv

Links

Classifications

    • DTEXTILES; PAPER
    • D21PAPER-MAKING; PRODUCTION OF CELLULOSE
    • D21HPULP COMPOSITIONS; PREPARATION THEREOF NOT COVERED BY SUBCLASSES D21C OR D21D; IMPREGNATING OR COATING OF PAPER; TREATMENT OF FINISHED PAPER NOT COVERED BY CLASS B31 OR SUBCLASS D21G; PAPER NOT OTHERWISE PROVIDED FOR
    • D21H5/00Special paper or cardboard not otherwise provided for
    • D21H5/0002Flame-resistant papers; (complex) compositions rendering paper fire-resistant
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/0078Avoidance of errors by organising the transmitted data in a format specifically designed to deal with errors, e.g. location
    • H04L1/0083Formatting with frames or packets; Protocol or part of protocol for error control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0637Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/12Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution

Definitions

  • the present invention relates to communication over data links that utilize binary synchronous protocol and more particularly to a new and improved message format for encrypted messages in binary synchronous protocol type data link communication systems.
  • a data link comprises the communication lines, modems and other communication equipment which is used in the transmission of data information between two or more stations or term ⁇ inals.
  • the terminal equipment making up a station can vary from the basic send/receive reader and a printer to a control unit with several input/output devices attached.
  • the communication lines and other facilities are usually supplied by communication common carriers, or equivalent facilities may be provided by the individual establishing the data link.
  • the specific modem or data set equipment used at each station of the data link is determined by the type of communication channels used and the operational speed of the terminal equipment located at each station.
  • the binary synchronous communication protocol provides a set of rules of synchronous transmission of binary coded data. All data in BSC is transmitted as a serial stream of binary digits (0 and 1 bits) .
  • Syn ⁇ chronous communication means that the active receiving station on a communication channel operates in step with the. transmitting station through the recognition of a specific bit pattern (synch pattern) at the beginning of each transmission block.
  • the BSC protocol can accommodate three specific transmission code sets.
  • Each of these code sets consist of graphic characters (numeric, alphabetic, special) , functional characters, (horizontal, tab, delete) and data link characters (start of heading, start of text, etc.).
  • Each code provides different capacities for total graphic and functional assignments and these capacities reflect the flexibility of each of these codes.
  • EBCDIC extended binary coded decimal interchange code
  • USASCII United States of America Standa Code for Information Interchange
  • six-bit transcode six-bit transcode.
  • the data link can be designed to operate either point to point (two stations) , or multipoint (two or more stations) .
  • point to point operation a contention situation exists whereby both stations can attempt to use the communication lines simultaneously.
  • a station bids for the line using certai control characters such as the inquiry character (ENQ) .
  • certai control characters such as the inquiry character (ENQ) .
  • a series of characters such as synchronize (SYN) and inquiry (ENQ) provide the signalling scheme for reques ing control of the line and leaves a maximum amount of time for line monitoring. If simultaneous bidding for the line occurs, one station persists in its bidding attemp
  • one station in a network is designated as the central or master station.
  • the remain ⁇ ing stations are designated as tributary stations.
  • the central station controls all transmission within the multi ⁇ point data link by either polling or selecting the tributary stations.
  • Polling is an invitation from the central station to a specific tributary to send data from the tributary station to the central.
  • Selection is a request from the central station to one of the tributary stations instructing it to receive a data message from central.
  • polling and selection operation capabilities permit the central station to specify the transmitting station and to control the direction of transmission in the system.
  • Each station in a multi-point data link is assigned a unique station address which is used to acquire a station's attention during either polling or selection.
  • Each station address consists of from one to seven characters depending on the specific station requirements.
  • the message consists of one or more blocks of text data.
  • the message is transmitted in text blocks to provide more accurate and efficient error control.
  • the data in a text block is identified by a start of text character (STX) .
  • STX start of text character
  • ETB end of transmission block character
  • IB intermediate block character
  • the data in the last block of text in a message is immedi ⁇ ately followed by an end of text character (ETX) .
  • Cryptography systems provide methods for encrypt ing or transforming information so that it is unintelligib and therefore useless to those who are not meant to have access to it.
  • the National Bureau of Standards as a result of its responsibility for developing federal information processing standards, has suggested to the public a data encryption standard (DES) which utilizes a specific algo ⁇ rithm that performs a specific and unambiguous set of instructions.
  • the DES algorithm designated by the Nationala Bureau of Standards utilizes a unique parameter which is called a key.
  • the algorithm was developed by the Inter national Business Machines Corporation (IBM) .
  • IBM made the algorithm available to the National Bureau of Standards as a federal information processing standard. IBM has provided licensing procedures for building electronic devices that implement this algorithm.
  • the algorithm itself was published in the Federal Register in March, 1975 (40 FR 12007) .
  • the purpose of the DES is to provide a crypto ⁇ graphic method which would protect sensitive or valuable text data transmitted over computer systems and data link networks.
  • the use of a myriad of different encryption algorithms would result in a fundamental incompatibility of data communication equipment.
  • the DES By providing a single data encryption standard, the DES, the needed basic compati bility of the communication network is assured.
  • the DES algorithm is basically a recirculating block product cipher of block size 64 which is based on a key length of 64 bits., eight bits of parity being included.
  • the algorithm is completely specified in the National Bureau of Standards Federal Information Processing Standard publication. All details of the algorithm are publicly known.
  • the security of the text data in a system that utilizes the encryption-decryption algorithm is provided through the use of the key which is generated by each group of authorized users of a particular communication data link. This key is randomly generated and only distri ⁇ ubbed to each authorized user. The key must be protected and kept confidential. Any compromise of the key will compromise all data and resources that are encrypted by the use of that key.
  • the National Bureau of Standards data encryption standard algorithm specifies the encryption of 64 bits of data into a 64-bit cipher based on a 64- bit key, and the decryption of a 64-bit cipher into a 64-bit data block based on the same 64-bit key. Steps and the tables of the algorithm are completely specified and no options are left in the algorithm itself. Variations in implementing and using the algorithm provide flexibility as to its application in various places in a computer system or in a transmission network. Such variations include how the input is formulated, whether the data itself or some other source of input is used for the algo ⁇ rithm, how the key is generated and distributed, how often the key is changed, etc.
  • the cipher feedback mode is the one intended for the encryption and decryption of data for transmission over communication channels.
  • the cipher feed ⁇ back mode operation of the DES algorithm provides that the input to the algorithm is not the data itself but rather a string of output data that was previously generate by the cipher algorithm.
  • the cipher feedback mode of operation has a memory system inherent in its design. At any time (t) , the output depends on previous outputs of the algorithm.
  • the operation of the algorithm is con ⁇ sidered to be a link or chain mode operation.
  • the transmit ted cipher text is chained together in such- a way that each cipher at any time (t) depends on all previous ciphers transmitted since the operation was initialized.
  • Initialization means that a 64-bit input (input vector) is generated at t- j _ and put into the transmitter's (cipher algorithm) input register. From that time on, all the cipher text will depend on this initial input register fill.
  • the transmitter must transmit sufficient cipher text to fill the receiver's input register with the same cipher text as was in the transmitter's input register at initialization.
  • initialization vector which is a minimum of 48-bits long. This initialization vector is suppled to the transmitter and transmitted to the receiver, as plain text, immediately before each message cipher text.
  • a typical data message structure would be:
  • the initialization vector [IV] would be 8 bytes long (each ' byte being.8 bits) transmitted in the clear.
  • the text is encrypted.
  • the end of text character (ETX) is also encrypted.
  • the block check character (BCC) is optionally encrypted.
  • the end of text character is encrypted because the receiver, once it begins to decipher the cipher text received, cannot determine when to stop the deciphering process until it deciphers the end of text character. If the end of text character were transmitted in the clear, it is possible that the decipher processor could be trig- i gered by cipher characters which could imitate the end of text character sent in the clear. With the message format suggested by the NBS standard, should an error occur during transmission of the cipher text, the receiver would fail to decrypt proper because the transmitter and receiver would lose crypto ⁇ graphic synchronization. When that occurs, the receiver cannot detect the end of text character and will decrypt forever as long as characters are transmitted.
  • BCC block check character
  • the NBS proposed standard format introduces the initialization vector [IV] to the bit stream of the data message following the STX character.
  • the introductio of the initialization vector in the message format causes a delay equal to the length of the vector, 6 bytes. This delay causes a reduction in through-put for a two-way communication on the data link.
  • An object of this invention is to provide a message format for BSC protocol type encrypted data that is flexible, in that it can be used in both a point-to- point and multi-point environment without decreasing throu put.
  • Another object of this invention is to provide a message format for encrypted data that enhances the ability of a receiver to detect that an error occurred during the transmission of the encrypted text.
  • Yet a further object of this invention is to provide a message format for encrypted data that permits error checking of the encrypted message at intermediate nodes of a data link without deciphering the message.
  • the initialization vector as well as additional information words are placed at the end of the message. Beside the initialization vector which is at least 6 bytes long, information words (INF) and end of the text (ETX) and block cipher (BCC) characters may be attached at the trailing end of the standard BSC format after the message ETX and BCC.
  • the INF words may include signalling informa ⁇ tion for use between the encryption/decryption devices, abort (ABORT) characters and sequence characters (SEQ) .
  • Figure 1 is a generalized block diagram of a point to point data link using an encryption/decryption algorithm.
  • Figure 2 is a block diagram of multi-point data link utilizing an encryption/decryption algorithm.
  • Figure 3 is a block diagram of a multi-drop data link where only one leg of the data link utilizes an encryption/decryption algorithm.
  • Figure 4 is an abstracted illustration of the format for communication between a central and tributary terminal on a data link utilizing a binary synchronous communication format.
  • OMPI Figure 5 is an abstract illustration of the format for communication between a central and a tributary terminal utilizing a binary synchronous communication format.
  • Figure 6 is an abstract illustration of the format for communication between a central and two tributa terminals utilizing binary synchronous communication where in the central terminal is polling both tributaries to see if they wish to communicate with the central.
  • Figure 7 is an abstract illustration of the format for communication for a data link utilizing binary synchronous communication wherein the central terminal is communicating with several tributaries by selecting one of the tributary terminals to send messages to.
  • Figure 8 is an abstract illustration of the NBS suggested message format for an encrypted message, encrypted according to the National Bureau of Standards DES algorithm in the cipher feedback mode.
  • Figure 9 is an abstract illustration of a message format that can be used in a data link utilizing binary synchronous communications protocol wherein the message is encrypted according to the National Bureau of Standards DES algorithm in the cipher feedback mode according to the present invention.
  • Figure 10 is a block diagram illustration of the implementation at the transmitting end of the cipher process according to the present invention of the cipher feedback National Bureau of Standards DES algorithm.
  • Figure 11 is a block diagram illustration of the implementation at the receiving end of the decipher process according to the present invention of the National Bureau of Standards DES algorithm.
  • Figure 12 is a flow chart diagram illustration of the process of the National Bureau of Standards DES algorithm.
  • Figure 13 is a flow chart diagram illustration of the process of the combination function (F) utilized in the implementation of the execution of the DES algorithm in Figure 12.
  • Figure 14 is a block diagram illustration of an implementation at the transmitting end of the cipher process according to the present invention of the National Bureau of Standards DES algorithm.in a cipher feedback mode for a multi-point data link wherein each tributary terminal has its own key assignment.
  • Figure 15 is a flow chart illustrating the program used by a microprocessor of the encryptor device to handle the protocol of a text block at either the receiving or transmitting end of a data link.
  • Figure 16 is a portion of a flow chart which may be added to the flow chart of Figure 15 which illustrates the handling of additional signaling information besides the initialization vector at both the receiving, and trans ⁇ mitting end of the data link. DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • the terminal or data link consisting of a computer or terminal 21 at one end and a terminal which may be another computer, CRT display, etc., 29 at the other end is connected by a transmission medium 25.
  • an enciphering device 23 receives the digital data from computer 21. Enciphering device 23 encrypts the data it receives, as directed by the secret key 33 supplied to it and according to the encryption algorithm by which it is controlled. The result ⁇ ing cipher text is then transmitted over the transmitting medium 25 to the receiving end, terminal 29, where it is received initially by a decryption device 27. Decryp ⁇ tion device 27 is also supplied with the secret key 33. The decryption device 27 deciphers the cipher text accordi to the decipher algorithm and the key 33 supplied to it. The deciphered text (plain text) is then supplied to the terminal 29 for its use.
  • the key utilized at the transmitting site by the encryptor device 23 is the same key that must be uti ⁇ lized at the receiving site by the decryptor 27.
  • Trans ⁇ mission of the key from the transmitting end to the receivi end of the data link can take many forms.
  • the key may be hand carried or transmitted over the transmitting maxim If the key is transmitted, it may be changed dynamically for each message sent by the transmitter to the receiver, but it must, in turn, be encrypted by a master key that does not change.
  • a multi-point data link is illustrated wherein a central location comprising a computer 21 master DATACRYPTOR 39 and master modem 41 is communicating with a plurality of tributary receiver/tra mitter units.
  • the central location comprising of the computer 21, master DATACRYPTOR 39 and the master modem 41 directs the communication between the tributary terminal 29, 37 and 35 by polling or selection protocol.
  • the master DATACRYPTOR 39 which is capable, according to the present invention of enciphering and deciphering, has the ability to store and utilize a plurality of secret keys uniquely assigned to individual tributary terminals.
  • master DATACRYPTOR 39 would have three keys available to it, one for terminal 29, one for terminal 37 and one for termin 35. Utilization of modems in a data link indicates that the transmission medium 25 could be dedicated telephone line or lines issued to the user of the system or the general dial-up network.
  • the tributary DATACRYPTOR units 45, 47 and 53 differ from the master DATACRYPTOR 39 to the extent that the master DATACRYPTOR is capable of storage and usage of more than one cipher- decipher key whereas the tributary DATACRYPTORS are not.
  • the master data cryptor 39 is capable of generating new cipher keys that would be transmitted to the tributary data cryptors 45, 47, 53 over ' some convenient communication path.
  • Modems 41, 43, 49 and 51 may be any of a number of modems which are well known in the art. They would be selected on the basis of the channels 25, 55 and 57 utilized in the multi-point data link. The channel used determines, to a great extent, the transmission speed of the data, the terminal at the central and tributary location also being an important factor.
  • FIG. 3 a multi-point data link system is illustrated wherein only one drop in the system is set up for secure data transmission while the other drops can only transmit and receive clear text.
  • the system of Figure 3 does not differ basically from the system of Figure 2 except that the central DATACRYPTOR 40, located at the central site with a computer 21 and the master modem 41, will only have one cipher key stored therein for use to perform the enciphering and deciphering of messages transmitted between computer 21 and terminal 29 which make up that portion of the data link which is to be secure.
  • the other tributary units, terminal 61 and terminal 59 connected to the central site by way of transmission medium 55, 57 and modems 51, 49 respectively, transmit and receive data in the clear.
  • the master DATA ⁇ CRYPTOR 40 is essentially out of the circuit in that it
  • OMPI does not perform its enciphering or deciphering function. Only when the central site is communicating with the tribu- tary terminal 29 does the central DATACRYPTOR 40 perform its enciphering function when transmitting data and deciphe ing function when receiving data from tributary terminal 29.
  • the binary synchronous communication protocol provides for the orderly management of two-way commun cation between a central and tributary station in either a point to point multi-point data link system.
  • Figure 4 illustrates a sequence of message format between a central station 63 that wishes to transmit inform tion to a tributary station 65 that is to receive the information.
  • the central trans ⁇ mitter will send ; out a control block 67 that consists of synchronous characters and inquiry character. Synchrono is denoted (SYN) and inquiry is denoted (ENQ) .
  • SYN Synchrono
  • ENQ inquiry
  • the (ENQ) character is used to bid for the line in a point to point line connection.
  • a multi-point line connection it is used to indicate the end of a poll or selection sequence.
  • the tributary terminal responds to the (ENQ) character by transmitting to the central a control block and that consists of (SYN) characters and acknowledge characters (ACKO) .
  • the (ACKO) character is a positive response to a selection by the central in a multi-point system or a line bid by the central in a point to point system.
  • An acknowledge response indicates that the receiver is ready to accept a block of data.
  • the central unit will transmit a data text block 69 which comprises synchronous (SYN) characters, start of text characters (STX), text, end of text block characters (ETB) and block check characters (BCC).
  • the tributary receiving terminal 65 in response to the (ETB) characters, looks for the (BCC) characters
  • ⁇ foford WIP0 utilizes it to check for errors in the transmitted data of that text block. If no errors occurred, the tribu ⁇ tary receiver 65 responds by sending a control block 73 back to the central transmitter which consists of ⁇ SYN) characters and acknowledge characters (ACKl) .
  • the (ACKl) character indicates to the central transmitter that the previous block of text data was received without error and the next block of text data may be transmitted.
  • the central if it has additional data to transmit, would start again with another text block like text block 65 starting with synchronous characters (SYN) 75.
  • the central transmitting terminal would bid for the line in a point to point system by transmitting a control block 81 which consists of (SYN) characters and (ENQ) characters.
  • Response from the tributary would be a control block 83 consisting of (SYN) characters and (ACKO) characters.
  • the central Upon receiving the (ACKO) characters, the central would transmit its message block consisting of (SYN) characters, STX characters, text, and if that was all the central wished to transmit, end of text characters (ETX) , and (BCC) characters.
  • the tributary may, if it wishes to transmit data to the central, respond with a text block 87 rather than the (ACKl) control block shown in Figure 4.
  • the conversational response of tributary 79 to central 77 is by transmitting a text block 87 to the central.
  • the text block comprises the (SYN) characters, (STX) characters, text, data, (ETX) characters and (BCC) characters.
  • the central would respond to the reception of this text block by checking for errors in the received data. If no errors occurred, central would transmit a control block 89 to the tributary 79 which comprises (SYN) characters and (ACKl) characters.
  • FIG. 6 illustrates a central terminal 91 communicating with a Tributary A, terminal 93 and a Tribu ⁇ tary B, terminal 95.
  • the central terminal 91 sends out an initialization control block 97 which consists of pad characters (PAD) , (SYN) characters, end of transmission characters (EOT), another (PAD) character, a (SYN) character, several station identification character (A) for station A, and a specific equipment identification character (6) which could be a reader, (ENQ) characters and another (PAD) character.
  • the (EOT) character is utiliz to reset all the tributary stations on the line.
  • the (ENQ) character is used to indicate the end of a poll sequence.
  • the (PAD) characters which may consist of a series of all binary l's, ensures the full transmission and reception of the first or last significant bits of the previous character.
  • the (SYN) characters merely assure that the receiving stations are in step with the sending stations.
  • terminal A responds by a control block 99 which includes (PAD) characters, (SYN) characters, (EOT) characters and another (PAD) character.
  • PAD PAD
  • SYN SYN
  • EOT EOT
  • PAD PAG
  • This response indicates that terminal A has nothing to transmit.
  • the central terminal is required to wait for reception-of the tributary terminal's response.
  • no data will be transmitted.
  • the central terminal Upon receiving tributary A's response 99, the central terminal will then address tributary B in the very same manner except that it will not need to use the (PAD) and (SYN) and (EOT) character series as before since the entire system is already initialized. Therefore, in addressing tributary B, the central terminal will send the block 101 which consists of (PAD) characters, (SYN) characters, a couple of tributary B address characters (B) , a reader address character (6) , (ENQ) characters and another (PAD) character.
  • Tributary B, 95 responds by a text block 103 which includes (PAD) characters, (SYN) characters, a start of heading character (SOH) , which indicates that a heading character is to follow, a heading character (HEAD) .
  • a heading character contains auxiliary information such as routing or priority information, which will be used by the central to process the text being transmitted. Following the heading character or characters is a start of text character, the text, end of transmission block characters (ETB) , a (BCC) character and a (PAD) character.
  • control block 105 which includes (PAD) characters, (SYN) characters, and (ACKl) characters and another (PAD) character.
  • the (ACKl) character simply indicates that the text information was received without error.
  • Tributary B terminal 95 may wish to continue to send another block of data and it would do so by generating text block 107, which may include (PAD) characters, (SYN) characters, (STX) characters, the text, (ETX) characters, a (BCC) character and a (PAD) character.
  • the start of heading and heading characters are not used in the second block 107 because the central already knows what to do with the text being received.
  • Control block 109 would indicate reception of the text from tributary B without error.
  • Control block 109 would contain (PAD) characters, (SYN) characters, and (ACKO) character and another (PAD) character.
  • tributary B 95 would generate a control block 111 which would include (PAD) characters, (SYN) characters, an end of transmission character (EOT) and another (PAD) character.
  • the end of transmission (EOT) character in block 111 being sent by tributary B 95 to the central terminal 91 indicates that tributary B has nothing further to send.
  • the central terminal 91 starts its polling sequence over again by sending out block 113 which is an initialization block and is identical to block 97. If tributary A 93 still has nothing to send to centra terminal, it will again send a control block response 115 which includes (PAD) characters, (SYN) characters, an (EOT) character and another (PAD) character. Central terminal 91 will then again send a polling block 117 to tributary B 95 . which is identical to the polling block 101.
  • Figure 7 illustrates the formatting of message traffic between a central and two tributaries 123 and 125 in a selection sequence.
  • the selection sequence is a sequence by which the central terminal 121 inquires of tributary terminals like 123 and 125 in the data link whether they are able to receive data from the central.
  • the central terminal 121 sends an initialization block 127 which may contain (SYN) characters, (EOT) characters, a (PAD) character, another (SYN) character, a pair .of tributary identification characters (a) , a terminal equip ⁇ ment identification character (1) indicating a printer, for example, an (ENQ) character and another (PAD) character.
  • tributary A terminal 123 would respond by a control block 129 which may include (PAD) characters, (SYN) characters, a negative acknowledgement character (NAK) , and another (PAD) character.
  • the (NAK) character indicates to the central terminal that tributary A is not ready to receive text from the central terminal 121.
  • the central terminal may then inquire of tributary B by sending a control block 131 which would include (SYN) characters, (EOT) characters, a (PAD) character, another (SYN) character, several tributary address characters (b) , a terminal equipment identification character (1) , an (ENQ) character and another (PAD) character. Since tributary B 125 was addressed it responds by control block 133 which includes (PAD) characters, (SYN) characters, an (ACKO) character and another (PAD) character.
  • the (ACKO) character is an affirmative acknowledgement which indicates to the central terminal 121 that tributary B is ready to receive text from the central terminal.
  • central terminal 121 In response to control block 133, central terminal 121 would transmit its data in a text block 135 which would include (PAD) characters, (SYN) characters, an (STX) character, text, and (ETX) character, (BCC) character and a (PAD) character.
  • a text block 135 which would include (PAD) characters, (SYN) characters, an (STX) character, text, and (ETX) character, (BCC) character and a (PAD) character.
  • tributary B Upon receiving block 135, if no errors have occurred in the transmission, as checked by the receiving tributary B by the use of the block check characters, tributary B would respond by sending control block 137
  • Control block 137 would include (PAD) character, (SYN) characters, an (ACKl) character and anothe (PAD) character.
  • the (ACKl) character indicates that the previously transmitted text block was received-without error.
  • central terminal 121 would transmit a control block 139 which would consist of (PAD) characters, (SYN) characters, an (ETX) character and another (PAD) character that would signal to tributary B terminal 125 that central did not wish to send any more data.
  • Data block 141 comprises (SYN) characters 143, (STX) characters 145, and initialization vector (IV) 147, which will be anywhere from 6 to 8 bytes in size, each byte being 8 bits in the BSC format, a text block 149, which is encrypted and an (ETX) character 155 which is also encrypted, and a block check character BCC 153 which may be encrypted or sent in the clear.
  • the initialization vector 147 is utilized at the tributary receiver for initializing the deciphering process so that the text characters 149 that are transmitte in the text 141 can be correctly deciphered as will be more fully explained hereinafter.
  • the DES algorithm when implemented in the cipher feedback mode requires that the enciphering algorithm and the deciphering algorithms start from exactly the same initial state.
  • the initia ization vector characters 147 are used to start the cipher process that results in the cipher text 149 at the transmit ⁇ ting central terminal.
  • the very same initialization vector then is placed into the cipher text block 141 between the (STX) character 145 and the cipher text 149 so that it can be received by the receiving tributary terminal prior to the reception of the cipher text 149 for the purpose of initializing the DES decipher algorithm at the tributary in preparation for deciphering of the cipher text 149.
  • the inclusion of the initialization vector 147 between the (STX) character 145 and the cipher text 149 of the text block reduces the throughput of the data link by the length of the initialization vector 147.
  • a message format according to the present invention utilizing BSC criteria, would include (SYN) characters 157 followed by (STX) charac ⁇ ters 159, the text 161, (ETX) characters 163, (BCC) charac ⁇ ters 165, (INF) characters 167, initialization vector 169, a second end of text character (ETX 1 ) 171 and a second block check character (BCC) 173.
  • the text characters 161, the end of text character 163 and the block check characters 165 of the text block 155 would be encrypted according to the DES algorithm in a cipher feedback mode.
  • the trailing control characters such as (INF) character 167, the initialization vector 169 and the second (ETX') character 171 and (BCC) characte 173 would be transmitted in the clear as would the (SYN) characters 157 and (STX) characters 159 that starts the message block 155.
  • the cipher text block 155 places the initialization vector 169 as well as additional information, end of text and block check characters at the trailing end of the cipher text block.
  • the present invention contemplates the deciphering receiver acquiring the initialization vector at the start of a message transmission from a previous cipher text block and using that initialization vector to initialize its ciphering algorithm in preparation for reception of the next text block.
  • the " cipher text block 155 is assumed to be the second text block in a series. If that is the case, the initialization vector 169 at the trailing end of the text block 155 is utilized by the cipher algorithm at the receiver to initialize the algorithm for the cipher text block (not shown) which will follow the cipher text block 155.
  • the central terminal when transmitting the initialization control block could include the first initialization vector as well. All subsequent initialization vectors will then be transmitted during the time that a tributary terminal is responding to the central, thereby greatly increasing the throughput capabilities of the system as compared to the prior art cipher text message format shown in Figure 8.
  • intermediate nodes are utilized. Although such a system is not illus ⁇ trated in the drawings, such a system may be simply explained as a series of reception and transmission points along the transmission medium between the transmitter of the cipher text block an •the receiver of the cipher text block. In many such systems, these intermediate nodes are designed to check the transmitted text for transmission errors by the use of the block check characters (BCC) that follow the end of text or end of transmission block characters.
  • BCC block check characters
  • the cipher text block of Figure 8 would not permit the intermediate nodes to perform such a function because the (ETX) characters are encrypted, and the (BCC) characters are preferably encrypted for security reasons.
  • These intermediate nodes do not have access to the key nor are they capable of a deciphering process if they did have access to the key. Transmission error checking at these intermediate nodes is therefore quite difficult and cumbersome.
  • the present invention contemplates the transmis ⁇ sion of an additional end of text block check character following the intialization vector of 169 of the cipher text block 155.
  • the second end of text character (ETX 1 ) 171 and block check character (BCC) 173 are transmitted in the clear.
  • the block check character (BCC) 173 is tied to the. encrypted version of the text block 155 which includes the cipher text 161, enciphered (ETX) character 163, the enciphered (BCC) character 165 as well as the clear (PAD) character 167, if present and the clear initial zation vector 169. Therefore, the entire series of encryp ⁇ ted and clear characters can be checked for transmission error at the intermediate nodes of a multi-node network.
  • the intermediate nodes can check a received message block for transmission error without having to decipher the cipher text. This can also occur at the ultimate receiver which has the capability of deciphering the cipher text as well as the block check character 165 which is also enciphered.
  • the (INF) characters 167 of the cipher text block 155 can include any one of a series of characters illustrated as follows:
  • the (INF) character could therefore be sequence characters [SEQ] which is nothing more than an optional number, one or two characters long, which is encrypted.
  • the receiver deciphers the sequence character (SEQ) and ensures that the sequence of the multi-block message is in order. Thus for the first cipher text block in a series, the seque character would indicate that this is the first cipher text block.
  • Utilization of the sequence character as contemplated by the present invention facilitates the detection of playback interference. Playback interference is the use of ' a tape recorder device to repeat, in an unauthorized manner, the received encrypted-messages and feeding it to the cipher feedback decryptor.
  • the receiver will correctly decrypt it and use it for certain types of messages like funds, deposits, merchandise orders, etc. This would have disas- terous results in that two orders, for example, two deposit requests, instead of one, is received by the . deciphering receiver.
  • the abort (ABORT) character in the cipher text block 155 is very advantageous.
  • the (ABORT) character ' in the position of (INF) characters 167 of the cipher text block 165 can be transmitted in the clear. If a transmission error had occurred in the cipher text, the receiving decryption device would not be able to detect the end of text character 163 and normally would continue to decipher or attempt to decipher all subsequent characters.
  • * an (ABORT) character in the position of (INF) character 167 of the cipher text block 155 the receiver would detect the (ABORT) character which would signal the concurrence of a transmission error to the receiver and allow the receiver to stop the decipher process.
  • the (ABORT) character can also be used to identify the end of a message for those terminal units in the link that do not have the correct key.
  • the central transmitter/ receiver terminal is talking to a tributary A, utilizing A's key, then tributaries B and C for example, which are attempting to decipher a cipher text which was encrypted according to key A would not be able-to decipher the cipher text correctly by use of their keys B and C thereby failing to "detect the end of text character 163.
  • the signalling (SIG) characters of the (INF) could be any information that the transmitter may desire to communicate to the receiver, such as diagnostic informa tion or new keys.
  • a pair of encryptor-decryptor devices are required for transmitting cipher text from one end of a data link to another.
  • These encrypted-decryptor devices can be implemented either through dedicated specialized circuitry, ⁇ r * they may be a microprocessor based device which operates according to firmware instructions for the purpose of performing the encryption-decryption algorithm and software instruc ⁇ tions for formatting or responding to the text blocks, according to the protocol being used, such as the BSC protocol described in this application.
  • the preferred ' embodiment of the present inventio is a microprocessor programmed in firmware to execute the cipher/decipher DES algorithm and software programmed to format the cipher text blocks according to the format of the invention illustrated in Figure 9.
  • the cipher/decipher algorithm is actually executed as a subroutine of the control software which manages the transmission and reception of the cipher text blocks 155.
  • Figure 10 illustrates the transmission cipher routine for the DES algorithm in the cipher feedback mode.
  • Figure 11 illustrates the decipher routine which would be executed at the receiver.
  • the clear text would be received from the terminal (not shown) over an 8-bit parallel line 175 which is Ex OR'd by way of 16- bit input EX OR gate 177 with the output of output buffer 189.
  • the resulting 8 bits on line 179 is the cipher text which is supplied to a modem (not shown) for transmission.
  • This resulting output is additionally fed back to input buffer 181.
  • This feedback procedure is continued until the input buffer 181, which is a 64-bit buffer, is com ⁇ pletely full. At that time, the output of buffer 181 is fed to the encryptor input register 183.
  • the contents of the encryptor input register 183 is supplied as a 64- .
  • bit parallel word to the encrypt algorithm 185 which will be explained hereinafter.
  • the resulting cipher process having been performed, the resulting 64-bit word is supplied to the encrypt output register 187.
  • An output buffer 189 removes the contents of the encrypt output register 87 and supplies the contents thereof to Ex OR gate 177, sequentially in 8-bit bytes.
  • the encryption process performed by the encrypt function 185 is controlled by a 64-bit key that is transferred from the key register 193 to the encrypt algorithm process 185.
  • the decipher process is the exact duplicate of the cipher process as can be seen from Figure 11. The only difference is the process starts with the cipher text rather than clear text.
  • Cipher text is received from a modem (not shown) in an 8-bit format over line 195 and supplied as an input to Ex OR gate 197 and as an input to input buffer 201.
  • Input buffer 201 is a 64- bit buffer that is loaded by 8-bit bytes. When fully loaded, the contents of input buffer 201 is supplied to ' the encrypt register 203.
  • the contents of the encrypt input register 203 is supplied to the cipher algorithm 207 which operates on the received ' cipher text, as directed by the key supplied from key register 209 to provide a 64-bit word to encrypt output register 211.
  • the contents of output ⁇ register 211 is removed by output buffer 213 and supplied 8-bit bytes to Ex OR gate 197 where it is O'rd with the input cipher text to provide the clear text in 8-bit bytes on line 199.
  • the Ex OR gate 197 actually performs the deciphe function.
  • the present invention utilizes the DES encryption algorithm in the cipher feedback mode at both the transmitt and receiver end.
  • the very same key bits are used during the decipher procedure as was used during the encipher procedure.
  • the only difference between the encipher process and the decipher process is the encipher process starts with clear text, while the decipher process starts with the cipher text.
  • the decipher process at the receiver ( Figure 11) must start with the same 64-bit word that the cipher process at the transmitter end ( Figure 10) starts with. For this reason, prior to the cipher .process starting, an initialization vector is loaded into the encryptor input register 183 from initialization vector register 191.
  • the initiali ⁇ zation vector is a random number less than or equal to 64 bits generated in a well known manner. Once the initial zation vector is loaded into the encrypt input register 183, it is disgarded. Prior to being loaded into the encrypt input register 183 it was placed into the previous cipher text block which was transmitted to the receiver. At the receiver, it was supplied to the initialization vector register 205 to be loaded into the decrypt intput register 203 prior to the reception of the next cipher text.
  • the receiver initialization vector register 205 is loaded by the initialization vector form the trailing end of a previously received cipher text block.
  • the decrypt portion of the receiver/trans ⁇ mitter is prepared well in advance to decipher the next to be received cipher text block.
  • the encrypt procedure 185 as well as the decrypt procedure 207 is a firmware controlled subroutine of the major control program of the encryption-decryption devices of the data link. Both procedures are identical. Execution of the algorithm is generally illustrated in Figures 12 and 13.
  • the algorithm works on a 64-bit input in encrypt input register 183.
  • the 64 bits undergo an initial permuta ⁇ tion function 213 which is simply a prescribed sequence or reordering the 64 bits.
  • the reordered 64 bits are then split into 32 bits each and supplied to a left and right register 215, 217 respectively.
  • the output of the right register is then supplied to a second left register 223 in addition to being combined with the key stored in key register 193 in a certain defined combining function (F) 219 (illustrated in Figure 13).
  • F combining function
  • the result of this combining function of the 32-bit word is then Ex O'rd in Ex OR gate 221 with the contents of the left register 215 and supplied to the second right register 225.
  • This particular sequence is performed sixteen times, which is detected by logic function 227 for the second left register and logic function 229 for the second right register 225. If it has been accomplished sixteen times, the contents of the second left register 223 and the second right register 225 is supplied to a permutation
  • the combining function (F) 219 is illustrated in Figure 13.
  • the (F) function combines the 32 bits in the right register 217 with up to 64 bits of the key in key register 193 in a .certain manner.
  • the 32 bits of the right register 217 are expanded by an expansion function 233 to a 48-bit word which is stored in register 237.
  • Up to 64 bits of key 193 are compressed in compression function 235 to a 48-bit work which is stored in register 239.
  • the two 48-bit words from register 237 and 239 respe tively are Ex O'rd together by OR gate 241.
  • the resulting 48 bits are supplied to selection circuitry 243 in which there are 8 unique selection functions which take a 6- bit block input and yield a 4-bit block output according to a specified defined table.
  • the 32-bit output from the eight selection functions is permutated by a permutati function 245 according to a uniquely defined table to produce the 32 bits in register 247.
  • the bits in register 247 are Ex O'rd in Ex OR gate 221 with the 32 bits in the left register 215 ( Figure 12) .
  • FIG. 14 illustrates a three-key system wherein key A is stored in register 231, key B is stored in register 233 and key C is stored in register 235.
  • the output of the encrypt algorithm 229 is supplied to respective encrypt output register A 237, encrypt output register B 239 and encrypt output register C 241.
  • the encryptor/decryptor After start 247, if the encryptor/decryptor is in a receive mode, it goes into a hunt state 249 wherein it looks for the reception of (SYN) characters 263. In the receive mode, the sync state 251 would utilize the incoming synchronous information to set its internal clock ⁇ ing scheme. If the incoming information is not detected as (SYN) characters by the synch mode 251, an instruction 265 is given to go back to the hunt state 249.
  • synch state 251 would be instructed to generate the (SYN) characters for transmission. If The message block was to be transmitted, sync state 251 would cause initiation of the header state upon generation of the sync characters. In the receive mode, the sync state 251 passes all control characters following the (SYN) character alon to the header state 53. If a start of text character (STX) is received by the header state 53, the characters following this start of text character would be passed on to the text state 255 to be processed. The header state also looks for other control characters and respond to those characters accordingly.
  • STX start of text character
  • a (PAD) charac would signal the end of the control block causing the header state to initiate a signal 271 to start shut-down procedure 259 of the receiver. If the header state is active and no start of text or (PAD) characters are recei 269, then it continues to look for and process the charac being received as control characters.
  • the header state 253 woul generate the appropriate start of text or other control characters needed in the cipher text block which preceeds the text information.
  • All characters following the (STX) character is processed by the text state 255.
  • the text state calls the cipher subroutine into use.
  • the transmit state the ' cipher subroutine will be call into use.
  • the cipher process is. continued until the bloc check character (BCC) is either deciphered or received.
  • BCC bloc check character
  • Processing of the block check character causes the initia zation vector state 257 to be activated wherein the 4 to 8 bytes of the initialization vector are either genera (transmission mode) or are loaded into the DES algorithm buffer (reception mode) .
  • the process goes into the shut-down stat
  • shut-down state 259 causes a signal to be generated 279 that starts the routine over again with the hunt procedure 249.
  • the text state 255 Upon the (STX) character being detected during either reception or transmission, the text state 255 is . entered into and the data being transmitted caused to be enciphered or, if it's received, caused to be deciphered.
  • the text state moves into the (INF) state 281 wherein, in reception, the (INF) signals are processed according to their charac ⁇ ter whether they are (SEQ)-, (ABORT)- or general control signals (SIG) as explained above.
  • (INF) state 281 causes the generation of the signals as appropriate to be placed immediately before the initiali ⁇ zation vector of the cipher text block to be transmitted.
  • the initializa ⁇ tion vector.state is entered whereupon the vector bytes are processed either by being generated or by being received and entered into the DES algorithm register.
  • the (ETX 1 ) and (BCC) state 285 is entered into wherein in transmission these two characters are generated to immediately follow the initialization vector. In reception, these two characters are detected and used as appropriate. If they are received at the end of a multi-node data link, they may simply be disgarded, their main function being to permit the cipher text to be checked for transmission errors at inter- mediate nodes of the data link without resorting to deciphe ment of the message blocks.
  • the message format of the present invention permits such checking to occur without the intermediate nodes having to decipher the text message.
  • the error checking capability of the system is enhanced as a result of the structure of the message format.
  • the message format is structured in a manner that adds a consi ⁇ derable amount of information necessary to the cipher text block, such as the initialization vector, without decreasing the throughput of the BSC protocol system.

Abstract

La communication par des liaisons de transmission de donnees utilisant un protocole binaire synchrone qui doit etre rendu sur selon les normes standard federales de chiffrage de donnees (DES) est amelioree en utilisant une structure de message chiffre (155) ou le vecteur d'initialisation (169) pour l'algorythme DES se trouve a la fin du message (155). Des informations ou des mots de commande supplementaires peuvent egalement etre enchainees a la fin de la structure du message chiffre (155) sans diminuer la capacite de traitement tout en augmentant la securite et la flexibilite du message chiffre a la fois dans des systemes point-par-point et a multi-points.
PCT/US1980/001722 1979-12-28 1980-12-24 Structure de message pour communication fiable par des liaisons de transmission de donnees WO1981001933A1 (fr)

Priority Applications (4)

Application Number Priority Date Filing Date Title
JP81500592A JPS56501826A (fr) 1979-12-28 1980-12-24
DE19803050153 DE3050153A1 (de) 1979-12-28 1980-12-24 Message format for secure communication over data links
NL8020502A NL8020502A (fr) 1979-12-28 1980-12-24
SE8105098A SE427402B (sv) 1979-12-28 1981-08-28 Datalenkkommunikationssystem

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US06/108,039 US4322576A (en) 1979-12-28 1979-12-28 Message format for secure communication over data links
US108039 1993-08-17

Publications (1)

Publication Number Publication Date
WO1981001933A1 true WO1981001933A1 (fr) 1981-07-09

Family

ID=22319920

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1980/001722 WO1981001933A1 (fr) 1979-12-28 1980-12-24 Structure de message pour communication fiable par des liaisons de transmission de donnees

Country Status (9)

Country Link
US (1) US4322576A (fr)
JP (1) JPS56501826A (fr)
BE (1) BE886898A (fr)
CH (1) CH656761A5 (fr)
FR (1) FR2472890A1 (fr)
GB (1) GB2078063B (fr)
NL (1) NL8020502A (fr)
SE (1) SE427402B (fr)
WO (1) WO1981001933A1 (fr)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0093525A1 (fr) * 1982-04-30 1983-11-09 British Telecommunications Radiodiffusion de signaux chiffrés
EP0148015A2 (fr) * 1983-12-30 1985-07-10 S. P. Radio A/S Procédé pour la transmission cryptographique de signaux de parole et station de communication pour la réalisation de ce procédé
EP0198384A2 (fr) * 1985-04-09 1986-10-22 Siemens Aktiengesellschaft Procédé et dispositif pour chiffrer des données
EP0213682A2 (fr) * 1985-09-04 1987-03-11 Philips Electronics Uk Limited Procédé et dispositif de transmission de données numériques
US4700387A (en) * 1984-07-09 1987-10-13 Kabushiki Kaisha Toshiba Broadcast system for scrambled programming signals
EP0289086A2 (fr) * 1987-05-01 1988-11-02 Philips Electronics Uk Limited Procédé et dispositif de chiffrage d'un signal numérique
WO1998024078A1 (fr) * 1996-11-26 1998-06-04 British Telecommunications Public Limited Company Systeme de communication

Families Citing this family (50)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4418425A (en) * 1981-08-31 1983-11-29 Ibm Corporation Encryption using destination addresses in a TDMA satellite communications network
US4549308A (en) * 1982-07-12 1985-10-22 At&T Bell Laboratories Secure mobile radio telephony
JPS59117838A (ja) * 1982-12-24 1984-07-07 Sony Corp マ−カ−信号検出回路
US4603418A (en) * 1983-07-07 1986-07-29 Motorola, Inc. Multiple access data communications controller for a time-division multiplex bus
US4776011A (en) * 1983-10-24 1988-10-04 Sony Corporation Recursive key schedule cryptographic system
US4591660A (en) * 1983-10-25 1986-05-27 At&T Bell Laboratories Common control audio decryptor
US4817146A (en) * 1984-10-17 1989-03-28 General Electric Company Cryptographic digital signal transceiver method and apparatus
US4757536A (en) * 1984-10-17 1988-07-12 General Electric Company Method and apparatus for transceiving cryptographically encoded digital data
US4852127A (en) * 1985-03-22 1989-07-25 American Telephone And Telegraph Company, At&T Bell Laboratories Universal protocol data receiver
US4731840A (en) * 1985-05-06 1988-03-15 The United States Of America As Represented By The United States Department Of Energy Method for encryption and transmission of digital keying data
ATE85439T1 (de) 1985-06-07 1993-02-15 Siemens Ag Verfahren und anordnung zur sicherung des zugriffs zu einer rechenanlage.
US4802217A (en) * 1985-06-07 1989-01-31 Siemens Corporate Research & Support, Inc. Method and apparatus for securing access to a computer facility
US4645871A (en) * 1985-06-17 1987-02-24 Paradyne Corporation Non-interfering in-band protocol-independent diagnostic scanning in a digital multipoint communication system
JPH0685517B2 (ja) * 1985-06-28 1994-10-26 ソニー株式会社 情報サ−ビスシステム
US5274838A (en) * 1987-06-03 1993-12-28 Ericsson Ge Mobile Communications Inc. Fail-soft architecture for public trunking system
US5274837A (en) * 1987-06-03 1993-12-28 Ericsson Ge Mobile Communications Inc. Trunked radio repeater system with multigroup calling feature
US4905302A (en) * 1987-06-03 1990-02-27 General Electric Company Trunked radio repeater system
US4939746A (en) * 1987-06-03 1990-07-03 General Electric Company Trunked radio repeater system
US4903262A (en) * 1987-08-14 1990-02-20 General Electric Company Hardware interface and protocol for a mobile radio transceiver
US5125102A (en) * 1987-06-03 1992-06-23 Ericsson Ge Mobile Communications Inc. Trunked radio repeater system including synchronization of a control channel and working channels
US4926496A (en) * 1987-08-14 1990-05-15 General Electric Company Method and apparatus for infrequent radio users to simply obtain emergency assistance
US4835731A (en) * 1987-08-14 1989-05-30 General Electric Company Processor-to-processor communications protocol for a public service trunking system
US4821292A (en) * 1987-06-03 1989-04-11 General Electric Company Adaptive limiter/detector which changes time constant upon detection of dotting pattern
US4905234A (en) * 1987-06-03 1990-02-27 General Electric Company Apparatus and method for transmitting digital data over a radio communications channel
US5175866A (en) * 1987-06-03 1992-12-29 Ericcson Ge Mobile Communications Inc. Fail-soft architecture for public trunking system
US4817148A (en) * 1987-07-06 1989-03-28 Wegener Communications, Inc. Signal scrambling transmission system
US5128930A (en) * 1987-08-14 1992-07-07 General Electric Company Processor-to-processor communications protocol for a public service trunking system
US5206863A (en) * 1987-08-14 1993-04-27 General Electric Company Processor-to-processor communications protocol for a public service trunking system
US5086506A (en) * 1987-08-14 1992-02-04 General Electric Company Radio trunking fault detection system with power output monitoring and on-air monitoring
US5109543A (en) * 1987-08-14 1992-04-28 General Electric Company Hardware interface and protocol for a mobile radio transceiver
US5265093A (en) * 1987-08-14 1993-11-23 Ericsson Ge Mobile Communications Inc. Hardware interface and protocol for a mobile radio transceiver
US5117501A (en) * 1988-08-08 1992-05-26 General Electric Company Dynamic regrouping in a trunked radio communications system
US5070528A (en) * 1990-06-29 1991-12-03 Digital Equipment Corporation Generic encryption technique for communication networks
US5351299A (en) * 1992-06-05 1994-09-27 Matsushita Electric Industrial Co., Ltd. Apparatus and method for data encryption with block selection keys and data encryption keys
US5297208A (en) * 1992-08-05 1994-03-22 Roger Schlafly Secure file transfer system and method
US5408680A (en) * 1992-08-11 1995-04-18 Ericsson Ge Mobile Communications Inc. Single channel autonomous digitally trunked RF communications system
US5432848A (en) * 1994-04-15 1995-07-11 International Business Machines Corporation DES encryption and decryption unit with error checking
US5673319A (en) * 1995-02-06 1997-09-30 International Business Machines Corporation Block cipher mode of operation for secure, length-preserving encryption
US5664016A (en) * 1995-06-27 1997-09-02 Northern Telecom Limited Method of building fast MACS from hash functions
US6055316A (en) * 1997-12-26 2000-04-25 Sun Microsystems, Inc. System and method for deriving an appropriate initialization vector for secure communications
JP3097655B2 (ja) * 1998-05-11 2000-10-10 日本電気株式会社 データ伝送方式
US6336187B1 (en) 1998-06-12 2002-01-01 International Business Machines Corp. Storage system with data-dependent security
US6247986B1 (en) * 1998-12-23 2001-06-19 3M Innovative Properties Company Method for precise molding and alignment of structures on a substrate using a stretchable mold
JP4201430B2 (ja) * 1999-04-16 2008-12-24 富士通株式会社 光加入者線終端装置
JP2001194991A (ja) * 2000-01-12 2001-07-19 Murata Mach Ltd 暗号化方法及び暗号通信方法
US6751607B2 (en) * 2001-04-04 2004-06-15 Thomas A. Kraay System and method for the identification of latent relationships amongst data elements in large databases
FR2838894A1 (fr) * 2002-04-19 2003-10-24 St Microelectronics Sa Chiffrement du contenu d'une memoire externe a un processeur
US9009657B2 (en) * 2008-04-20 2015-04-14 Microsoft Technology Licensing, Llc Component-oriented architecture for web mashups
US8873456B2 (en) 2011-09-23 2014-10-28 The Boeing Company Multi-operator system for accessing satellite resources
US9001642B2 (en) * 2011-09-23 2015-04-07 The Boeing Company Selective downlink data encryption system for satellites

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4160120A (en) * 1977-11-17 1979-07-03 Burroughs Corporation Link encryption device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4203166A (en) * 1977-12-05 1980-05-13 International Business Machines Corporation Cryptographic file security for multiple domain networks

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4160120A (en) * 1977-11-17 1979-07-03 Burroughs Corporation Link encryption device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
IEEE Communications Society Magazine, Vol. 16, No. 6, Nov. 1978, Dennis K. Brandstad; Security of Computer Communication, P. 33-40 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0093525A1 (fr) * 1982-04-30 1983-11-09 British Telecommunications Radiodiffusion de signaux chiffrés
EP0148015A2 (fr) * 1983-12-30 1985-07-10 S. P. Radio A/S Procédé pour la transmission cryptographique de signaux de parole et station de communication pour la réalisation de ce procédé
EP0148015A3 (en) * 1983-12-30 1986-11-26 Sp Radio As A method for cryptographic transmission of speech signals and a communication station for performing the method
US4856061A (en) * 1983-12-30 1989-08-08 S.P. Radio A/S Method for cryptographic transmission of speech signals and a communication station for performing the method
US4700387A (en) * 1984-07-09 1987-10-13 Kabushiki Kaisha Toshiba Broadcast system for scrambled programming signals
EP0198384A2 (fr) * 1985-04-09 1986-10-22 Siemens Aktiengesellschaft Procédé et dispositif pour chiffrer des données
EP0198384A3 (en) * 1985-04-09 1988-03-23 Siemens Aktiengesellschaft Berlin Und Munchen Method and device for enciphering data
EP0213682A2 (fr) * 1985-09-04 1987-03-11 Philips Electronics Uk Limited Procédé et dispositif de transmission de données numériques
EP0213682A3 (en) * 1985-09-04 1989-02-15 Philips Electronic And Associated Industries Limited Method for digital data communication using formatted messages
EP0289086A2 (fr) * 1987-05-01 1988-11-02 Philips Electronics Uk Limited Procédé et dispositif de chiffrage d'un signal numérique
EP0289086A3 (en) * 1987-05-01 1990-01-17 Philips Electronic And Associated Industries Limited A method of and arrangement for digital signal encryption
WO1998024078A1 (fr) * 1996-11-26 1998-06-04 British Telecommunications Public Limited Company Systeme de communication

Also Published As

Publication number Publication date
GB2078063B (en) 1983-12-14
SE427402B (sv) 1983-03-28
JPS56501826A (fr) 1981-12-10
FR2472890B1 (fr) 1985-01-04
US4322576A (en) 1982-03-30
CH656761A5 (de) 1986-07-15
FR2472890A1 (fr) 1981-07-03
SE8105098L (sv) 1981-08-28
GB2078063A (en) 1981-12-23
BE886898A (fr) 1981-04-16
NL8020502A (fr) 1981-11-02

Similar Documents

Publication Publication Date Title
US4322576A (en) Message format for secure communication over data links
US4206315A (en) Digital signature system and apparatus
US4172213A (en) Byte stream selective encryption/decryption device
US5081678A (en) Method for utilizing an encrypted key as a key identifier in a data packet in a computer network
EP0002389B1 (fr) Communication de données à domaine multiple
US4160120A (en) Link encryption device
US5301247A (en) Method for ensuring secure communications
US4159468A (en) Communications line authentication device
US4503287A (en) Two-tiered communication security employing asymmetric session keys
EP0002580B1 (fr) Procédé pour la vérification de clés cryptographiques opérationnelles utilisées dans des réseaux de communication de données
JPS6127751B2 (fr)
EP0292790B1 (fr) Commande de l'utilisation de clés cryptographiques par des valeurs de commande établies dans une station de génération
US5438622A (en) Method and apparatus for improving the security of an electronic codebook encryption scheme utilizing an offset in the pseudorandom sequence
EP0002388B1 (fr) Terminal pour le traitement de données
US4797672A (en) Voice network security system
US20060067533A1 (en) Secure communication system and method using shared random source for key changing
JPS5925411B2 (ja) 暗号処理装置
JPH0160975B2 (fr)
JPH09502845A (ja) 暗号化システムにおけるキー分配装置
US4760600A (en) Cipher system
JPH1022994A (ja) 暗号化装置および復号化装置、暗号化方法および復号化方法、ならびにそれらを用いた通信システム
US5016275A (en) Buffered encryption/decryption
CA2226831C (fr) Decryptage de donnees retransmises dans un systeme de communications cryptees
EP0309447B1 (fr) Dispositif de chiffrage et de dechiffrage
US6088449A (en) Tri-signature security architecture systems and methods

Legal Events

Date Code Title Description
AK Designated states

Designated state(s): CH DE GB JP NL SE

RET De translation (de og part 6b)

Ref document number: 3050153

Country of ref document: DE

Date of ref document: 19820318

WWE Wipo information: entry into national phase

Ref document number: 3050153

Country of ref document: DE