WO2001072075A1 - Chiffrement et dechiffrement - Google Patents
Chiffrement et dechiffrement Download PDFInfo
- Publication number
- WO2001072075A1 WO2001072075A1 PCT/EP2001/002646 EP0102646W WO0172075A1 WO 2001072075 A1 WO2001072075 A1 WO 2001072075A1 EP 0102646 W EP0102646 W EP 0102646W WO 0172075 A1 WO0172075 A1 WO 0172075A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- crypto
- data blocks
- data
- masks
- processor
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/04—Masking or blinding
- H04L2209/046—Masking or blinding of operations, operands or results of the operations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Definitions
- the present invention relates to the encrypting and decrypting of data and in particular, though not necessarily, to the encrypting and decrypting of data in a telecommunications system.
- the encryption and subsequent decryption of data streams can place high demands on the responsible processors.
- this is particularly so as the processors, both in the networks and in the user terminals, may be required to handle multiple parallel data streams. Whilst increases in processor power, involving inter alia the use of hardware assistance, help to mitigate the problem, this is generally being outstripped by the increase in data processing requirements.
- Modern microprocessors generally use external memories that have an access time up to 30 times slower than the speed of the processor.
- the relative slowness of the external memory is dealt with through the use of a fast intermediate memory called "cache".
- cache memory As long as the code or data required by the processor is in the cache memory (having previously been transferred there from the external memory), accesses run essentially at the processor speed without the need for any slow wait states.
- the processor When data or program code is not found in the cache, the processor has to break the flow of computations to update the cache from the external memory.
- the cache update may require hundreds of clock cycles (corresponding to hundreds of lost machine instructions).
- a context switch When many simultaneous data streams are handled, the responsible processor has to do a large number of context switches to switch between different data streams, operating system handling etc. In most cases a context switch also means a cache re-load and thus the loss of a large number of processor instruction cycles. In the case of encryption and decryption using a crypto mask, it is also necessary to generate a new crypto mask for each successive block of data in a data stream.
- the inventor of the present invention has recognised that, as the generation of a crypto mask is independent of the actual data to be encrypted/decrypted, a number of crypto masks can be generated and buffered, upon or prior to receipt of a first block of a sequence of data blocks. Thus, for the sequence, only a single initialisation of the crypto engine is required vis- ⁇ -vis mask generation.
- a method of encrypting/decrypting a sequence of data blocks by performing an XOR operation between the data blocks and respective crypto masks comprising, prior to or upon receipt of a first of said data blocks: initialising a crypto engine; using the initialised crypto engine to generate a sequence of crypto masks corresponding to respective data blocks; storing the crypto masks in a buffer; and subsequently following receipt of each data block, performing an XOR operation between the data block and the corresponding crypto mask to encrypt/decrypt the data block.
- said step of initialising the crypto engine typically involves the loading of instructions relating to the crypto engine from an external memory into a memory cache of the responsible processor.
- the present invention is applicable in particular to telecommunication systems and more particularly to mobile telecommunications systems such as the Universal Mobile Telecommunications System (UMTS).
- UMTS Universal Mobile Telecommunications System
- the invention may be employed to encrypt/decrypt data sent over the air interface of a mobile telecommunications network, where encryption and decryption is performed both on the network side and on the subscriber side.
- the invention is also applicable to other communication systems as well as to systems arranged to encrypt/decrypt data for the purpose of secure storage.
- apparatus for encrypting/decrypting a sequence of data blocks by performing an XOR operation between the data blocks and respective crypto masks
- the apparatus comprising: a processor: an external memory storing instructions for causing the processor to operate as a crypto engine; a cache arranged to receive said instructions from the external memory during initialisation of the crypto engine by the processor; and a buffer, the processor being arranged in use to initialise the crypto engine prior to or upon receipt of a first of said data blocks, to generate a sequence of crypto masks corresponding to respective data blocks, and to store the masks in said buffer, whereupon, following receipt of each data block, the processor can perform an XOR operation between the data block and the corresponding crypto mask to encrypt/decrypt the data block.
- a mobile telecommunications terminal comprising the apparatus of the above second aspect of the present invention.
- a node of a telecommunications network comprising the apparatus of the above second aspect of the present invention.
- FIG 1 illustrates schematically an encryption/decryption system embodying the present invention and which is implemented in software
- FIG. 2 illustrates schematically a crypto engine embodying the present invention and which is implemented in hardware
- FIG 3 illustrates an encryption/decryption system comprising the hardware crypto engine of Figure 2;
- Figure 4 is a flow diagram illustrating the operation of the systems of Figures 1 and 3
- Figure 5 is a flow diagram illustrating the freeing of buffer space in the systems of Figures 1 and 3;
- Figure 6 is a flow diagram illustrating the handling of missing data blocks in a sequence ofblocks
- Figure 7 illustrates schematically the operation of the systems of Figures 1 and 3 where data blocks are received in sequence
- Figure 8 illustrates schematically the operation of the systems of Figures 1 and 3 where data blocks are received out of sequence.
- a microprocessor 1 has an internal cache memory 2 and is connected to a data bus 3.
- ROM memory 4 Also connected to the data bus 3 are a ROM memory 4 and a RAM buffer 5. Assuming that the system is operating in an encryption mode, a data stream comprising a sequence of data blocks is placed on the data bus 3 via an input port (not shown). The encrypted blocks are similarly placed on the bus 3 and are passed to an output port (not shown).
- encrypted blocks are placed on the data bus 3 via the input port and the decrypted blocks, also placed on the bus 3, are output via the output port.
- the received data blocks may correspond to the payloads of IP datagrams.
- the memory 4 is a relatively slow memory and stores instruction code and data for operating the microprocessor 1.
- the memory 4 stores code for providing a crypto engine (see the 3GPP paper TS 25.301 N3.2.0 (1999-10)), the code being passed to the microprocessor 1 for temporary storage in the cache 2 during an initialisation phase of the engine.
- the initialisation phase continues with the generation of crypto masks which are passed by the microprocessor 1 to the buffer 5 for temporary storage therein.
- FIG 2 illustrates a hardware implementation of a crypto engine which may be used in place of the software engine of the system of Figure 1.
- the engine may be implemented using an Application Specific Integrated Circuit (ASIC) or a Field Programmable Gate Array (FPGA) and comprises a number of registers (start block, end block, ... , crypto key) which are required in order to generate a crypto mask.
- ASIC Application Specific Integrated Circuit
- FPGA Field Programmable Gate Array
- the registers are set by the processor during initialisation of the crypto engine.
- the register information is then used by the engine to generate the required sequence of crypto masks which are stored directly into the buffer without intervention from the microprocessor.
- Figure 3 illustrates the interworking between the hardware crypto engine of Figure 2 and a processor in an encryption/decryption system, where it is assumed that the incoming data stream is received over an ATM transport network.
- Figure 4 is a flow diagram illustrating the method of operation of the systems of Figures 1 and 3.
- the processor obtains the appropriate cryptographic key, the count (which represents an index to the crypto mask buffer), the identity of the stream (or bearer), the direction (i.e. encrypt or decrypt), and determines the number of blocks N for which crypto masks are to be created and the length of these blocks.
- These parameters represent the inputs to the crypto engine required in order to generate the first crypto mask.
- Generated crypto masks are fed back to provide an input to the crypto engine to generate subsequent masks. As crypto masks are independent of the data to be encrypted decrypted, a number of crypto masks can be pre-calculated.
- the processor creates a temporary small buffer for storing the incoming data blocks, and a second crypto buffer for storing the generated crypto masks as well as the encrypted/decrypted blocks.
- the processor sets up an array containing pointers to the start of each successive mask in the crypto buffer, and flags to indicate if respective blocks have been encrypted/decrypted.
- the first block is then handled by XORing it with the first block mask stored in the buffer.
- the resulting block is written into the crypto buffer on top of the corresponding mask and the corresponding flag set to indicate that the first block has been processed.
- the processor determines whether or not a mask exists in the crypto buffer for that block.
- FIG. 5 is a flow diagram illustrating the process which is carried out following the handling of the final (Nth) block in a sequence in order to forward the encrypted/decrypted sequence and free the crypto buffer space.
- a received block has a block number which is higher than the highest number for which a mask exists in the buffer, then if the block number falls within the next expected set of N blocks a new buffer is created for those next N blocks and the received block stored in that buffer. The crypto engine is reinitialised and the next set of N crypto masks generated. The received block is then XORed with the appropriate mask. In the event that the block number of a received block is higher than the next buffer space (due for example to data blocks being sent via different paths or to a network error), an error state is generated and, for example, the block discarded.
- a Timeout counter is used to ensure that the system does not wait indefinitely for a missing block and to flush and free the data buffer in case of errors.
- the Timeout counter is reset to zero when a block is correctly received, and subsequently counts up with every operating system "tick". If the counter reaches some predefined (large) value, this indicates that an error has occurred and that the buffer should be flushed (all processed blocks are forwarded and the buffer marked as free).
- Figure 7 illustrates schematically the process of encrypting/decrypting a sequence of data blocks forming a data stream, where crypto masks are pre-calculated for a set of N blocks.
- Figure 7 assumes that the blocks are received in the correct sequence.
- Figure 8 illustrates an alternative scenario, where a series of data blocks are received in the incorrect order. It will be noted that the use of the block pointer array flag ⁇ Blk#l, Blk#2, Blk#3, ... ⁇ allows blocks to be marked as handled or not handled. There is thus no need for the blocks to be received (and handled) in order.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Facsimile Transmission Control (AREA)
Abstract
L'invention concerne un procédé qui permet de chiffrer/déchiffrer une séquence de blocs de données en effectuant une opération OU exclusif entre les blocs de données et des masques cryptographiques. Le procédé consiste, avant ou après réception d'un premier bloc de données, à démarrer un moteur de chiffrement (1,2); à utiliser le moteur de chiffrement (1,2) pour générer une séquence de masques cryptographiques correspondant à des blocs de données respectifs; à stocker les masques cryptographiques dans une mémoire tampon (5); et à recevoir ensuite chaque bloc de données pour effectuer une opération OU exclusif entre le bloc de données et le masque cryptographique correspondant afin de chiffrer/déchiffrer le bloc de données.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2001250373A AU2001250373A1 (en) | 2000-03-21 | 2001-03-09 | Encrypting and decrypting |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0006668A GB0006668D0 (en) | 2000-03-21 | 2000-03-21 | Encrypting and decrypting |
GB0006668.8 | 2000-03-21 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2001072075A1 true WO2001072075A1 (fr) | 2001-09-27 |
Family
ID=9887983
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2001/002646 WO2001072075A1 (fr) | 2000-03-21 | 2001-03-09 | Chiffrement et dechiffrement |
Country Status (3)
Country | Link |
---|---|
AU (1) | AU2001250373A1 (fr) |
GB (1) | GB0006668D0 (fr) |
WO (1) | WO2001072075A1 (fr) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2836735A1 (fr) * | 2002-03-01 | 2003-09-05 | Canal Plus Technologies | Circuit integre et procede de gestion de la memoire programme d'un tel circuit integre |
EP1646976A2 (fr) * | 2003-06-04 | 2006-04-19 | Mastercard International, Inc. | Authentification de la clientele dans des transactions commerciales electroniques |
EP1865471A2 (fr) * | 2002-02-28 | 2007-12-12 | Mastercard Europe SPRL | Agencement d'authentification et procédé pour son utilisation avec des transactions financières |
WO2011121298A2 (fr) | 2010-03-31 | 2011-10-06 | British Telecommunications Public Limited Company | Dispositif d'enregistrement de données sécurisées |
US8909557B2 (en) | 2002-02-28 | 2014-12-09 | Mastercard International Incorporated | Authentication arrangement and method for use with financial transaction |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0366288A2 (fr) * | 1988-10-28 | 1990-05-02 | International Business Machines Corporation | Chiffrage utilisant une mémoire tampon |
US5444781A (en) * | 1993-08-23 | 1995-08-22 | Apple Computer Inc. | Method and apparatus for decryption using cache storage |
-
2000
- 2000-03-21 GB GB0006668A patent/GB0006668D0/en not_active Ceased
-
2001
- 2001-03-09 AU AU2001250373A patent/AU2001250373A1/en not_active Abandoned
- 2001-03-09 WO PCT/EP2001/002646 patent/WO2001072075A1/fr active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0366288A2 (fr) * | 1988-10-28 | 1990-05-02 | International Business Machines Corporation | Chiffrage utilisant une mémoire tampon |
US5444781A (en) * | 1993-08-23 | 1995-08-22 | Apple Computer Inc. | Method and apparatus for decryption using cache storage |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8909557B2 (en) | 2002-02-28 | 2014-12-09 | Mastercard International Incorporated | Authentication arrangement and method for use with financial transaction |
US10395462B2 (en) | 2002-02-28 | 2019-08-27 | Mastercard International Incorporated | Authentication arrangement and method for use with financial transactions |
EP1865471A2 (fr) * | 2002-02-28 | 2007-12-12 | Mastercard Europe SPRL | Agencement d'authentification et procédé pour son utilisation avec des transactions financières |
EP1850297A3 (fr) * | 2002-02-28 | 2008-03-05 | Mastercard Europe SPRL | Agencement d'authentification et procédé pour son utilisation avec des transactions financières |
EP1865471A3 (fr) * | 2002-02-28 | 2008-03-05 | Mastercard Europe SPRL | Agencement d'authentification et procédé pour son utilisation avec des transactions financières |
EP2309465A1 (fr) * | 2002-02-28 | 2011-04-13 | Mastercard Europe SPRL | Agencement d'authentification et procédé pour son utilisation avec des transactions financières |
FR2836735A1 (fr) * | 2002-03-01 | 2003-09-05 | Canal Plus Technologies | Circuit integre et procede de gestion de la memoire programme d'un tel circuit integre |
EP1646976A4 (fr) * | 2003-06-04 | 2008-02-27 | Mastercard International Inc | Authentification de la clientele dans des transactions commerciales electroniques |
US9514458B2 (en) | 2003-06-04 | 2016-12-06 | Mastercard International Incorporated | Customer authentication in E-commerce transactions |
EP1646976A2 (fr) * | 2003-06-04 | 2006-04-19 | Mastercard International, Inc. | Authentification de la clientele dans des transactions commerciales electroniques |
WO2011121298A3 (fr) * | 2010-03-31 | 2013-01-17 | British Telecommunications Public Limited Company | Dispositif d'enregistrement de données sécurisées |
US20130019111A1 (en) * | 2010-03-31 | 2013-01-17 | British Telecommunications Public Limited Company | Secure data recorder |
WO2011121298A2 (fr) | 2010-03-31 | 2011-10-06 | British Telecommunications Public Limited Company | Dispositif d'enregistrement de données sécurisées |
US9208333B2 (en) * | 2010-03-31 | 2015-12-08 | British Telecommunications Public Limited Company | Secure data recorder |
Also Published As
Publication number | Publication date |
---|---|
GB0006668D0 (en) | 2000-05-10 |
AU2001250373A1 (en) | 2001-10-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7631116B2 (en) | Method and system for packet encryption | |
US6434699B1 (en) | Encryption processor with shared memory interconnect | |
US7362859B1 (en) | Enhancement of utilization of encryption engine | |
EP1192781B1 (fr) | Traitement distribue au niveau d'un microcircuit d'acceleration cryptographique | |
EP0876026B1 (fr) | Procédé et dispositif de traitement pour le chiffrage programmable | |
US7953221B2 (en) | Method for processing multiple operations | |
US20060039555A1 (en) | Method and system for performing permutations using permutation instructions based on butterfly networks | |
US20140189367A1 (en) | Digital-encryption hardware accelerator | |
WO2001076129A2 (fr) | Moteur cryptographique echelonnable | |
WO1998029982A1 (fr) | Systeme et procede de securite de donnees | |
EP2715544B1 (fr) | Procédé et système pour chiffre micrologiciel reconfigurable haute performance incorporé | |
US10419207B2 (en) | Cryptographic apparatuses and methods for encrypting and decrypting data using automata | |
JPH1074044A (ja) | デジタルデータを符号化する方法および装置 | |
Gilbert et al. | Decorrelated Fast Cipher: an AES Candidate | |
WO2001072075A1 (fr) | Chiffrement et dechiffrement | |
Pornin et al. | Software-hardware trade-offs: Application to A5/1 cryptanalysis | |
US7603549B1 (en) | Network security protocol processor and method thereof | |
US8560832B2 (en) | Information processing apparatus | |
JP2004180234A (ja) | 暗号パケット処理装置 | |
CN115801321B (zh) | 一种数据组合加密方法及装置 | |
KR20040045517A (ko) | Rijndael암호를 이용한 블록 데이터 실시간암호복호화 장치 및 방법 | |
CN117997514A (zh) | 网络设备中的灵活的密码架构 | |
CN117914624A (zh) | 一种数据加密方法、系统、电子设备及介质 | |
GB2381913A (en) | Multiplier circuit comprising a plurality of multiplier segments | |
GB1581645A (en) | Electronic digital telecommunications apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: JP |