CH618803A5 - Method and device for encryption and decryption of binary data blocks - Google Patents

Description

The invention relates to a method for encrypting or decrypting data blocks in binary representation, in which a buffer block of data comprising a plurality of characters is subjected to non-linear transformations and linear transformations inserted between them using stored key data, and to a device for Performing this procedure.

With the increasing use of databases in electronic data processing, especially in multi-user systems, there has been a discussion about how one can or must protect the often personal data stored there against unauthorized access. Such as B. in the Proceedings of the IEEE Volume 63, Nov. 1975, pages 1545 ff., In addition to the fact of protecting such data from theft, it is also absolutely necessary to avoid unauthorized access. In data processing in particular, experienced data processing specialists have special methods at their disposal, especially if access in basic languages is permitted in the system. With detailed knowledge of the data processing system, it is then quite possible to access data that is protected in the usual way, even to change or destroy it. It is not without reason that the legislature has also been asked to pay attention to data protection and to create legal requirements for this.

The above-mentioned article deals with the possibilities for this and describes, among other things, data encryption methods that have long been practiced in telex technology. However, the methods known there are generally not suitable for use in data processing. This is because they either offer insufficient protection against unauthorized access or require a data stream that is only available during the transmission, but not during the storage of data.

In addition, this article also describes a facility that also corresponds to the German disclosure

5

10th

15

20th

25th

30th

35

40

45

50

55

60

65

2 231 849 is based and is specifically intended to protect data when operating an electronic data processing system. This device for encrypting or decrypting a block of binary data has an input device for receiving at least one data block, which is divided into a plurality of bit groups. The device also has a first switching device which holds at least one six-byte long keyword in binary form for processing the binary data mentioned and a second switching device with which a non-linear transformation of the binary data controlled by this keyword can be carried out. For this purpose, this switching device has a number of substitution devices which perform a permutation on a subset of the binary data signals. Furthermore, a third switching device is provided with which the binary data can subsequently be linearly transformed. It includes internal line connections that make the signals entered appear in reversed order at the output.

The essential properties of this known device are determined by the fact that nonlinear transformations and linear transformations of a data block are carried out several times in succession, that a relatively short key is used and the data block is ultimately processed bit by bit in order to achieve a corresponding secure encryption. The encryption method can also be both programmed and carried out using a hard-wired circuit arrangement. In both cases, however, the encryption process is very complex, which can be attributed to the bitwise processing of the data block.

The present invention is therefore based on the object of providing a method of the type mentioned at the outset which is suitable for encrypting data transmitted and stored on lines and which offers reliable protection against unauthorized decryption without knowledge of the special key used. The method is to be based on means that exploit the specific possibilities that data processing offers and require little technical effort from this side so that it can also be used in the area of remote data processing with an economically sensible effort.

In a method of the type mentioned at the outset, this object is achieved according to the invention in that bit groups with two characters of k each, in which n = 1,2,3 ..., n = 1,2,3 .. ., Element-divided data block in a nonlinear transformation with each of the n bit groups sequentially addresses a key character comprising 2k elements from a key in a loadable key memory with 22k key groups and is used instead of the selected bit group in the data block that in a subsequent linear transformation the The order of the bit groups in the data block is cyclically interchanged by appending the first character of the first bit group of the data block to the nth bit group and thereby rearranging the bit groups such that the second character of an i-th bit group is assigned the first character of the (i + l) -th bit group forms a transformed i-th bit group, and that subsequently in the manner mentioned alternating nonlinear and linear transformation with the transformed values of the bit groups are carried out until 2n nonlinear and linear transformation have been completed.

The main characteristics of this method are that the nonlinear transformations are based on relatively simple translation processes, in which an extensive key is used. With multiple transformations, it also allows certain accumulations

618803

to completely blur configurations in the bit groups and thus to reliably preclude decoding of the key on the basis of an analysis of the encrypted data. On the other hand, the linear transformations are based on a simple cyclic exchange of the characters of a data block, so that the bit groups with which the key memory is addressed during the next nonlinear transformation are rearranged.

The method thus offers very secure protection against unauthorized access to stored data and is nevertheless not technically complex. In this respect, it can also be used particularly well in remote data processing, since remote data stations can be equipped with an inexpensive additional device for encrypting or decrypting transmitted data. It can be assumed that the current state of the art allows a large key with a capacity of a few 100 key groups to be stored in a simple manner on a magnetic identification card, for example, which can be read in a remote data station. In the data center, however, incoming and processed data could be decrypted or encrypted using a program. It can be assumed that the machine command sets of today's data processing systems consistently contain the two commands “Translate” and “Move with Offset” required for this.

A particularly advantageous development of the invention results from the fact that for the nonlinear transformations a symmetrically structured key with pairs of inverse key characters is used, the elements of which each represent the address of the other associated key group in the key memory and thus the key used for encryption can also be used during decryption is, the decryption process analogous to the encryption process with the difference that here the non-linear transformations are interchanged with the linear transformations in the order.

This symmetrical structure of the key memory with pairs of key groups that are inverse to one another thus makes it possible to carry out both an encryption and a decryption process without changing the key memory, the other circuit units also being used analogously. This means that the encryption add-on can be made even more cost-effectively in a remote data station. Other advantageous developments of the invention are described in the dependent claims.

An embodiment of the invention is explained below with reference to the drawing. It shows:

1 is a block diagram of a device designed according to the invention for encrypting or decrypting a data block,

Fig. 2 shows an example of a key with 256 key characters in hexadecimal representation of the binary key characters and

3 shows the sequence of an encryption and a decryption process for a shortened data block with the aid of the key shown in FIG. 2.

The device for encrypting a data block shown in FIG. 1 contains a data shift register DSR for storing n groups of bits. Each of these bit groups consists of two characters with k elements each. In order to store a data block in the data shift register DSR, its nth stage is designed as an input stage, via which a first multiplexor MUX1 is connected with k input lines, the input side of which is fed multiple times k wide data lines, in particular also data input lines DE.

3rd

5

10th

15

20th

25th

30th

35

40

45

50

55

60

65

618803

4th

0

1

2nd

The first stage of the data shift register DSR is the output stage for the bit group contained therein of a buffered data block and has two k outputs, which are connected both to data output lines DA and to the input side of a second multiplexor MUX2. 5 This is upstream of a key memory SP and is used, optionally from the outside, for. B. from an ID reader no longer shown or from the data shift register DSR supplied address data with 2k elements on selection devices in the key memory SP, by means of which 10 the storage space of a key group can be selected. To read the key into the key memory SP, external key addresses EXA are switched through to the address lines of the key memory SP by the second multiplexor MUX2 and this writing process is triggered by a control signal “write key data” on a control line SDS. The key data SP are supplied with the key data in groups via data lines SD.

A data output register DAR is connected to the key memory SP via a 2k wide data path. Its 20 output lines are connected via two k-wide data paths DL to inputs of the first multiplexor MUX1,

which each transmit the first or second character of a bit group, which is indicated in the drawing by the indication kl or k2. 25th

The data traffic via these described devices is controlled by a central clock generator TG, whose output line, the clock line TL to the first multiplexor MUX1 and via a clock reducer TU, which reduces the clock frequency in a ratio of 1: 2, to the second multiple 30xor MUX2 or . is connected to the data output register DAR. The clock line TL is also connected to a sliding input SE of the data shift register DSR,

so with the help of the clocks of the clock generator TG, the data of a data block character by character, d. H. per k element pushed in parallel 35 clock-controlled by this register.

Two counters are also provided to form the further switching signals for the first multiplexor MUX1. One of these two counters represents a character counter ZZ and is directly connected to the clock line TL with its counting input ZE. It counts the character-by-character displacements of the data block in the data shift register DSR. Each of its stages is connected in parallel to a first AND gate UG1 in such a way that it is activated as soon as its counter reading is 2n. The output signal of this AND gate UG1 fed to the first multiplexor MUX1 thus forms the criterion for a character being pushed completely through the data shift register DSR. The first multiplexor MUX1 then switches a k-wide shift line SL through from the first stage to the nth stage of the data shift register DSR. The data width of this shift line SL, denoted by kl, indicates that the first character of the bit group in the first stage of the data shift register is being transmitted.

Furthermore, a second counter, the so-called pass 55. Counter DZ is provided, the counting input ZE of which is connected via a further AND gate UG2 to the clock line TL or to the output line of the first AND gate UG1, so that the output signal of the character counter ZZ generates a counting pulse for the pass counter DZ forms. As indicated schematically, a further AND gate UG3 is also connected to the outputs of the individual stages of this flow counter 3 3, so that its counter reading can be selected. As indicated schematically in FIG. 1, the third AND gate UG3 sends a control signal to the first multiplexor MUX1 at the counter reading 2n-1 and 65 thus indicates the end of the encryption process for a data block. The encrypted data block is then stored out of the data shift register DSR and a new data block is stored via the data input lines DE.

The mode of operation of this device explained with reference to FIG. 1 is explained in more detail below with reference to FIGS. 2 and 3. Adapted to the general application, it makes sense to specify the number of bit groups in a data block to be encrypted with n = 16. However, this is only one example of an optimal block length, which can also be due, among other things, to the fact that, for example, a certain maximum block length is specified with a machine command «Transfer with offset». Adapted to practical conditions, a bit group comprises a number of 2k = 8 elements with two characters of four elements each.

As is known, four-digit binary numbers can be used to represent the decimal numbers 0 to 15, which corresponds to the designations v to F in a known hexadecimal representation. Similarly, an eight-digit binary number can be used to represent the decimal numbers 0 to 255 or the hexadecimal numbers / ^ to FF. To explain the education law of these character codes, these numbers are shown in the following table in part in the various representations.

Decimal s decimal binary

00

01

02

0000 0000

0000 0001 0000 0010

9

10th

11

12

13

14

15

16

17th

09 0A 0B 0C 0D 0E 0F

10th

11

0000 1001 0000 1010 0000 1011 0000 1100 0000 1101 0000 1110

0000 1111

0001 0000 0001 0001

1F

20th

21st

0001 1111 0010 0000 0010 0001

Decimal s decimal binary

63

3F

0011

1111

64

40

0100

0000

65

41

0100

0001

•

«

•

255 FF 1111 1111

As can be seen, the hexadecimal representation of a character shortens the binary representation and can be translated digit by digit in a number directly into a group of four elements of a binary number. It follows the education law of decimal numbers and is therefore very clear.

For this reason, the hexadecimal representation of binary numbers was used to explain the mode of operation of the device described above. In this illustration, a key is schematically shown in FIG. 2 as it can be used to encrypt a data block with a length of 16 bit groups of 8 elements each. Each of the 256 key characters can be uniquely selected in a matrix memory using an eight-digit binary number. If, for example, the first bit group in the data shift register DSR has the value 6B, then a key character E7 can be selected.

As will be explained later, the key consists of pairs of inverse key characters. This means that bit group E7 is used as the address for this key, itself leads back to the original bit group 6B, so that a double translation results in the original bit group. Apart from this limitation, which allows the key to be used for both the encryption and the decryption process, the assignment of two bit groups to one another via this key is completely random.

In FIG. 3, a table shows how an encryption process or decryption process with the key shown in FIG. 2 takes place in the device described above. The data block on which FIG. 3 is based consists of only three bit groups for the sake of clarity. It is deliberately chosen so that only a single character is different from / 5. This shows how even with such a short data block, after several transformations, this characteristic blurs very quickly.

618803

The encryption process of the original data block ORIG shown in the left column in the successive lines begins with a sequential translation TR of the three bit groups in accordance with the memory key described above. The foremost bit group is read from the data shift register DSR shown in FIG. 1 and fed to the key memory SP via the second multiplexor MUX2, so that a key character is selected and transferred to the data output register DAR. From there it is passed on to the first multiplexor MUX1 character by character, triggered by the clock of the clock reducer TU. The data block is shifted in the course of this translation, triggered by the clock signals on the clock line TL, character by character in the data shift register DS, and the translated bit groups are successively entered character by character in the input stage of the data shift register DSR that has become free. At the end of these nonlinear transformations of the three bit groups, the character counter ZZ has the counter reading 6, so that the AND gate UG1 switches through and the shift line SL is released with its output signal by the first multiplexor MUX1.

This initiates a linear transformation, which is referred to in the third row of the left column of FIG. 3 as a shift process SH. This is followed by nonlinear transformations again, which are carried out in the manner just described with the bit groups thus rearranged in the data shift register DSR. In this way, non-linear and linear transformations alternate until the counter reading of the pass counter DZ indicates the end of the encryption process via the output signal of the third AND gate UG3. The encrypted data block is labeled CHIF in FIG. 3.

The right-hand column of FIG. 3 now shows the decryption process running in the opposite direction from bottom to top in order to show how inverse translations result in the original bit groups. The decryption process begins with a linear transformation SH and ends after a total of 2n iterations with the last nonlinear transformation, from which the original character ORIG emerges again.

The described exemplary embodiment is limited to a simplified representation in order to emphasize the essential features, but clearly shows a high degree of encryption with this method in the case of very simple transformation processes. It has become clear that it depends on the application, how the data blocks to be encrypted are divided. However, it is advisable not to select the bit groups that are created too small in order to have a corresponding address set for a sufficiently large key, since the scope of the key characters also gives the particular strength of this method.

5

5

10th

15

20th

25th

30th

35

40

45

50

G

2 sheets of drawings

Claims (7)

618803 1. A method for encrypting or decrypting data blocks in binary representation, in which a buffered data block comprising a plurality of characters is subjected to nonlinear transformations with the aid of stored key data and linear transformations interposed therebetween, characterized in that from the in n, wherein n = 1,2,3 ..., bit groups with two characters of k each, where k = 1,2,3 ..., data block divided into elements in a nonlinear transformation with each of the n bit groups sequentially from a loadable key memory (SP) the standing key with 22k key groups addresses a key character comprising 2k elements and is used in the data block instead of the selected bit group so that in a subsequent linear transformation the sequence of the bit groups in the data block is cyclically exchanged by the first character of the respective first bit group of the data block to the nt e bit group is appended and the bit groups are rearranged in such a way that the second character of an i-th bit group forms a transformed i-th bit group with the first character of the (if-l) -th bit group, and then in the manner mentioned alternating nonlinear and linear transformations are carried out with the transformed values of the bit groups until 2n nonlinear and linear transformations have been completed. 2. The method according to claim 1, characterized in that a symmetrically structured key with pairs of inverse key characters is used for the non-linear transformations, the elements of which each represent the address of the other associated key group in the key memory (SP) and thus also the key used for encryption can be used for decryption, the decryption process taking place analogously to the encryption process with the difference that here the non-linear transformations are interchanged with the linear transformations. 2nd PATENT CLAIMS 3. Device for performing the method according to claim 1, characterized in that the first stage of a data shift register (DSR), in which a data block or its transformed intermediate results are temporarily stored, via a first multiplexor (MUX2) assigned to the input side of the key memory (SP) ) is connected to this memory, the output side of which is connected to a data output register (DAR) for temporarily storing a transformed bit group, that this register is connected to a further multiplexor (MUX1) via 2k output lines (DL) combined in groups of k elements, data input lines (DE) for the data blocks are also fed to the input side and is connected to the sliding input of the data shift register. 4. Device according to claim 3, characterized in that the first character in the first stage of the data shift register (DSR) associated shift lines (SL) via the further multiplexor (MUX1) are connected to the nth stage of the data shift register forming the input stage. 5. Device according to claim 3 or 4, characterized by a central clock generator (TG), whose clock line (TL) is connected to a clock shift input (SE) of the data shift register (DSR), the further multiplexor (MUX1) and a clock reducer (TU), which reduces the clock rate in a 1: 2 ratio and has its output connected to the multiplexor (MUX2) connected to the input of the key memory (SP) and to the data output register (DAR) of the key memory. 6. Device according to claim 5, characterized in that for forming further switching signals of the multiplexor assigned to the data shift register (MUX1), two counters are provided via the clock line (TL) of the clock generator (TG), one of which is a character counter (ZZ) at a counter reading from 2n outputs a control signal to the multiplexor for switching through the push line (SL) and to the second counter, a pass counter (DZ), a count pulse for counting the transformations, and that the pass counter is switched such that it has a counter reading 2n-1 indicates the end of the coding or decoding process via a control signal to the multiplexor and switches it through in parallel with the storage of the data block for storage of a next data block to be processed in the data shift register (DSR). 7. Device according to claim 6, characterized in that a counting input (ZE) of the character counter (ZZ) directly to the clock line (TL) of the clock generator (TG) and its outputs are connected in parallel to a first AND gate (UG1) which in turn connected to a reset input (RS) of the character counter, the multiplexor (MUX1) connected to the data shift register (DSR) and via a second AND gate (UG2), to which the clock line is fed, to the counter input of the pass counter (DZ), and that the outputs of the flow counter are linked analogously via a third AND gate (UG3), the output of which is connected to a reset input (RS) of the flow counter and a control signal input of the multiplexor.