CN100514899C - Improved CFM mode system - Google Patents

Improved CFM mode system Download PDF

Info

Publication number
CN100514899C
CN100514899C CNB2004800055831A CN200480005583A CN100514899C CN 100514899 C CN100514899 C CN 100514899C CN B2004800055831 A CNB2004800055831 A CN B2004800055831A CN 200480005583 A CN200480005583 A CN 200480005583A CN 100514899 C CN100514899 C CN 100514899C
Authority
CN
China
Prior art keywords
packets
block
bit
packet
clear packets
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2004800055831A
Other languages
Chinese (zh)
Other versions
CN1757189A (en
Inventor
雅各布·贝伦基
钱恩·D·舍恩-奥尔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Synamedia Ltd
Original Assignee
NDS Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NDS Ltd filed Critical NDS Ltd
Publication of CN1757189A publication Critical patent/CN1757189A/en
Application granted granted Critical
Publication of CN100514899C publication Critical patent/CN100514899C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Compression Or Coding Systems Of Tv Signals (AREA)

Abstract

A method for producing at least one ciphertext block from at least one plaintext block using a block cipher E and a key K, the method including receiving n plaintext blocks, wherein n is an integer greater than 0, setting Q0 equal to an initial value, and for each plaintext block of the n plaintext blocks: computing Qi = EK(Qi-1) XOR Pi; and computing Ci = M(Pi, Qi), thereby producing n ciphertext blocks, wherein 0 < I <= N, ANDPi denotes an i-th plaintext block of the n plaintext blocks, and Ci denotes an i-th ciphertext block of the n ciphertext blocks, and M is a selector function which, for each bit Cij of block Ci, selects a first argument of M if bit Pij is not to be encrypted, and selects a second argument of M if bit Pij is to be encrypted. Related apparatus and methods are also provided.

Description

Improved CFM modular system
Invention field
The present invention relates generally to block cipher system, relate in particular to the block cipher system under the CFM pattern.
Technical background
In this area, block cipher is a known technology, and using block cipher down in cipher feedback pattern (CFM) also is known technology, and CFM is also referred to as cipher feedback (CFB) pattern.The CFM pattern is defined as a kind of operator scheme of known DES system at first, for example, and referring to following list of references:
1, NIST, FIPS Publication81:DES Modes of Operation, 1980, can obtain by csrc.nist.gov/publications/fips/fips8 1/fips8 1.htm network address.
2、ANSI,American?National?Standard?X3.106-1983(R1966):DataEncryption?Algorithm,Modes?of?Operations?for?the,1983。
Concise and to the point description about the CFM pattern can be found in following webpage:
www.rsasecurity.com/rsalabs/faq/2-1-4-4.html
The list of references of more than mentioning and running through this specification is incorporated into herein, as a reference.
Summary of the invention
The present invention attempts special encryption and decryption for digital content provides a kind of improved block cipher system, and it specifically is used for but is not limited to hardware based encryption and decryption.
Generally, the equipment that digital content is carried out encryption and decryption must both have been encrypted also data and be decrypted.Under the preferable case, in order to simplify the gate quantity of hardware designs and reduction hardware, inventor of the present invention thinks preferably satisfy following requirement:
1, in hardware, should preferably provide the crypto engine that only is used for a direction block cipher.
2, to be encrypted/decrypted data (being called " data " here) comprises a plurality of packets, and the encrypt/decrypt of a packet necessarily can not be relevant with arbitrary packet before or a plurality of packet.In other words, in deciphering, forbid existing any " link (chaining) " between a packet and another packet.The typical cause of forbidding " link " is that physical streams to be deciphered forms by a plurality of logic flows are multiplexing usually, so must store and manage any " link " information for each logic flow independently.One skilled in the art will appreciate that and avoid so " heavy " requirement.
3, compare with the packet that arrives, the rare change of keys for encryption/decryption, therefore, a lot of packets use identical key to encrypt.
4, the encryption and decryption of packet should be carried out in a passage (pass).
5, some bit in the packet necessarily can not be subjected to the influence of encryption and decryption.That is to say that some bit must keep " being in clean state (in the clear) "; Here, bit, byte or the data that must remain in clean state also are known as bit, byte or the data of " must remain on clean state " or " MSC ".The reason that requires some bit not influenced by encryption and decryption is, even in order also to obtain some information about data flow available under clean state before deciphering.For example but do not limit foregoing generality, in MPEG-2 transport stream, preceding 4 bytes of each packet remain in clean state; These 4 bytes provide following information: the information that Signal Separation is required; About packet is encrypted information; If packet is encrypted, then be to be to carry out information encrypted with odd number or even number key about packet; And other other information well known in the art.In some packets, packet header shows that the beginning of this packet partly is " an adaptation field ", and it provides some other necessary information for the recipient, and this type of information also must be in clean state all the time.Alternatively, the even number that broadcaster can select to be in the video information under the clean state partly sends, for example, so that the search in the personal video record system is easier.
The encryption system of prior art only partly satisfies above-mentioned requirements, particularly, does not satisfy article one requirement.
Figure 1A and 1B are the simplified block diagrams that is operated in the prior art block cipher system under the CFM pattern.Figure 1A shows encryption, and Figure 1B shows deciphering.One skilled in the art will appreciate that if there be not the 4th requirement, then can under the CFM pattern, use any suitable block cipher:
C 0=IV
C i=E k(C i-1)XOR?P i
Wherein, the quantity of 0<i≤handled grouping.
Wherein, P i, C iBe respectively i grouping of plaintext and ciphertext, E is any one suitable group mode password, and K is a key, and IV is an initial vector, and it comprises a known initial vector alternatively.
Corresponding decryption method is:
C 0=IV
P i=E k(C i-1)XOR?C i
Wherein, the quantity of 0<i<handled grouping.
Known in the artly be, under the CFM pattern, block cipher can be used as stream cipher and use, thus data processing can carry out based on byte-by-byte ground or bit-by-bit ground, rather than based on carrying out group by group one by one.
The present invention provides improved block cipher system in its preferred embodiment, can satisfy requirement above-mentioned better.
Therefore, according to a preferred embodiment of the present invention, provide a kind of method of using block cipher E and key K to generate at least one ciphertext block from least one clear packets.This method comprises: receive n clear packets, wherein n is the integer greater than 0; Q is set 0Equal an initial vector; For each clear packets in n the clear packets, calculate Q i=E k(Q I-1) XOR P iWith calculating C i=M (P i, Q i), thereby generate n ciphertext block; 0<i<=n wherein, P iRepresent i clear packets in n the clear packets, C iRepresent i ciphertext block in n the ciphertext block, M is a choice function, for grouping C iIn each bit C IjIf, not to bit P IjEncrypt, then select first independent variable of M, if to bit P IjEncrypt, then select second independent variable of M.
In addition, according to a preferred embodiment of the present invention, indicate the standard of which bit not being encrypted, selection M according to one.
Moreover according to a preferred embodiment of the present invention, this standard one of comprises in audio standard, video standard and the audio frequency-video standard.
In addition, according to a preferred embodiment of the present invention, this standard comprises MPEG-2.
According to a further advantageous embodiment of the invention, a kind of method of using block cipher E and key K to generate at least one ciphertext block from least one clear packets also is provided, this method comprises: receive n clear packets and an initial vector IV, wherein n is the integer greater than 0; Calculate IV '=M (P 1, IV); Calculate Q 0=H (IV '); For each clear packets in this n clear packets, calculate Q i=E k(Q I-1) XOR P iWith calculating C i=M (P i, Q iThereby) n ciphertext block of generation; Wherein, 0<i<=n, H are hash functions, P iRepresent i clear packets in this n clear packets, C iRepresent i ciphertext block in this n ciphertext block, M is a choice function, for grouping C iIn each bit C IjIf, not to bit P IjEncrypt, then select first independent variable of M, if to P IjEncrypt, then select second independent variable of M.
In addition, according to a preferred embodiment of the present invention, H comprises SHA1.
In addition, according to a preferred embodiment of the present invention, H (IV ') comprises E k(IV ') XOR IV '.
Moreover, according to a preferred embodiment of the present invention, indicate the standard of which bit not being encrypted, selection M according to one.
In addition, according to a preferred embodiment of the present invention, this standard one of comprises in audio standard, video standard and the audio frequency-video standard.
In addition, according to a preferred embodiment of the present invention, this standard comprises MPEG-2.
According to a further preferred embodiment of the invention, use block cipher E and key K under the stream mode to generate the method for at least one ciphertext block a kind of, wherein P from least one clear packets iRepresent i clear packets, C iRepresent i ciphertext block, a kind of improvement comprises: for grouping C iIn each bit C IjIf, not to bit P IjEncrypt, then select P IjAs output.
In addition, according to a preferred embodiment of the present invention, this stream mode comprises the CFM pattern.
According to a further preferred embodiment of the invention, a kind of device that uses block cipher E and key K to generate at least one ciphertext block from least one clear packets also is provided, described at least one clear packets comprises n clear packets, described at least one ciphertext block comprises n ciphertext block, and wherein n is the integer greater than 0.This device comprises: an initialization unit is used to be provided with Q 0Equal an initial vector; And a computing unit, for each clear packets in this n clear packets, calculate Q i=E k(Q I-1) XOR P iWith calculating C i=M (P i, Q i); Wherein, 0<i<=n, P iRepresent i clear packets in this n clear packets, C iRepresent i ciphertext block in this n ciphertext block, M is a choice function, for grouping C iIn each bit C IjIf, not to bit P IjEncrypt, then select first independent variable of M, if to P IjEncrypt, then select second independent variable of M.
According to a further preferred embodiment of the invention, a kind of use block cipher E, key K and initial vector IV are also provided
Generate the device of at least one ciphertext block from least one clear packets, described at least one clear packets comprises n clear packets, and described at least one ciphertext block comprises n ciphertext block, and wherein n is the integer greater than 0.This device comprises: first computing unit is used to calculate IV '=M (P 1, IV); Second computing unit is used to calculate Q 0=H (IV '); And the 3rd computing unit, for each clear packets in this n clear packets, calculate Q i=E k(Q I-1) XOR P iWith calculating C i=M (P i, Q i); Wherein, 0<i<=n, H are hash functions, P iRepresent i clear packets in this n clear packets, C iRepresent i ciphertext block in this n ciphertext block, M is a choice function, for grouping C iIn each bit C IjIf, not to bit P IjEncrypt, then select first independent variable of M, if to P IjEncrypt, then select second independent variable of M.
According to a further preferred embodiment of the invention, block cipher E and key K under using stream mode generate the device of at least one ciphertext block from least one clear packets, wherein P iRepresent i clear packets, C iRepresent i ciphertext block, a kind of improvement comprises: a selected cell, and for grouping C iIn each bit C IjIf, not to bit P IjEncrypt, then select P IjAs output.
According to a further preferred embodiment of the invention, also provide a kind of use block cipher E and key K from least one the encrypted ciphertext grouping generate the method for at least one clear packets.This method comprises: receive n ciphertext block, wherein n is the integer greater than 0; Q is set 0Equal an initial vector; For each ciphertext block in this n ciphertext block, calculate Q i &prime; = E k ( Q i - 1 ) XOR C i , Calculate P i = M ( C i , Q i &prime; ) , And calculate Q i = M ( Q i &prime; , C i ) , Thereby generate n clear packets; 0<i<=n wherein, P iRepresent i clear packets in this n clear packets, C iRepresent i ciphertext block in this n ciphertext block, M is a choice function, for grouping C iIn each bit C IjIf, bit P IjDo not have encryptedly, then select first independent variable of M, if P IjEncrypt, then select second independent variable of M.
In addition, according to a preferred embodiment of the present invention, indicating which bit according to one does not have encrypted standard, choice function M.
Moreover according to a preferred embodiment of the present invention, this standard one of comprises in audio standard, video standard and the audio frequency-video standard.
In addition, according to a preferred embodiment of the present invention, this standard comprises MPEG-2.
According to a further preferred embodiment of the invention, a kind of method of using block cipher E and key K to generate at least one clear packets from least one ciphertext block also is provided, this method comprises: receive n ciphertext block and an initial vector IV, wherein n is the integer greater than 0; Calculate IV '=M (P 1, IV); Calculate Q 0=H (IV '); For each ciphertext block in this n ciphertext block, calculate Q i &prime; = E k ( Q i - 1 ) XOR C i , Calculate P i = M ( C i , Q i &prime; ) , And calculate Q i = M ( Q i &prime; , C i ) , Thereby generate n clear packets; 0<i<=n wherein, H is a hash function, P iRepresent i clear packets in this n clear packets, C iRepresent i ciphertext block in this n ciphertext block, M is a choice function, for grouping C iIn each bit C IjIf, bit P IjDo not have encryptedly, then select first independent variable of M, if P IjEncrypt, then select second independent variable of M.
In addition, according to a preferred embodiment of the present invention, H comprises SHA1.
In addition, according to a preferred embodiment of the present invention, H (IV ') comprises E k(IV ') XOR IV.
In addition, according to a preferred embodiment of the present invention, indicating which bit according to one does not have encrypted standard, selects M.
Moreover according to a preferred embodiment of the present invention, this standard one of comprises in audio standard, video standard and the audio frequency-video standard.
In addition, according to a preferred embodiment of the present invention, this standard comprises MPEG-2.
According to a further preferred embodiment of the invention, use block cipher E and key K under the stream mode to generate the method for at least one clear packets a kind of, wherein P from least one ciphertext block iRepresent i clear packets in these a plurality of clear packets, C iRepresent i ciphertext block in these a plurality of ciphertext block, a kind of improvement comprises: for grouping P iIn each bit P IjIf, bit C IjDo not have encryptedly, select C so IjAs output.
In addition, according to a preferred embodiment of the present invention, this stream mode comprises the CFM pattern.
According to a further preferred embodiment of the invention, also provide a kind of use block cipher E and key K from least one the encrypted ciphertext grouping generate the device of at least one clear packets, described at least one ciphertext block comprises n ciphertext block, described at least one clear packets comprises n clear packets, wherein n is the integer greater than 0, this device comprises: apparatus for initializing is used to be provided with Q 0Equal an initial vector; And computing unit, for each ciphertext block in this n ciphertext block, calculate Q i &prime; = E k ( Q i - 1 ) XOR C i , Calculate P i = M ( C i , Q i &prime; ) , And calculate Q i = M ( Q i &prime; , C i ) ; Wherein, 0<i<=n, P iRepresent i clear packets in this n clear packets, C iRepresent i ciphertext block in this n ciphertext block, M is a choice function, for grouping C iIn each bit C IjIf, bit P IjDo not have encryptedly, then select first independent variable of M, if P IjEncrypt, then select second independent variable of M.
According to a further preferred embodiment of the invention, a kind of device that uses block cipher E and key K to generate at least one clear packets from least one ciphertext block also is provided, described at least one ciphertext block comprises n ciphertext block, described at least one clear packets comprises n clear packets, wherein n is the integer greater than 0, this device comprises: first computing unit is used to calculate IV '=M (P 1, IV); Second computing unit is used to calculate Q 0=H (IV '); And the 3rd computing unit, for each ciphertext block in this n ciphertext block, calculate Q i &prime; = E k ( Q i - 1 ) XOR C i , Calculate P i = M ( C i , Q i &prime; ) , And calculate Q i = M ( Q i &prime; , C i ) ; Wherein, 0<i<=n, H are hash functions, P iRepresent i clear packets in this n clear packets, Ci represents i ciphertext block in this n ciphertext block, and M is a choice function, for grouping C iIn each bit C IjIf, bit P IjDo not have encryptedly, then select first independent variable of M, if bit P IjEncrypt, then select second independent variable of M.
According to a further preferred embodiment of the invention, block cipher E and key K under using stream mode generate the device of at least one clear packets from least one ciphertext block, wherein P iRepresent i clear packets in a plurality of clear packets, C iRepresent i ciphertext block in a plurality of ciphertext block, a kind of improvement comprises a selected cell, for grouping P iIn each bit P IjIf, bit C IjDo not have encryptedly, then select C IjAs output.
The accompanying drawing summary
By detailed description below in conjunction with accompanying drawing, understanding and cognition the present invention more fully:
Figure 1A and 1B are the simplified block diagrams that is operated in the prior art block cipher system under the CFM pattern;
Fig. 2 A and 2B are the simplified block diagrams of the block cipher system of first preferred embodiment structure and work according to the present invention; And
Fig. 3 A and 3B are the simplified block diagrams of the block cipher system of second preferred embodiment structure and work according to the present invention.
Embodiment
According to first preferred embodiment of the present invention, provide a kind of, and it has been carried out improving to satisfy above-mentioned the 4th requirement mainly based on the block cipher system of CFM.This improvement is preferably as follows:
Q 0=IV
Q i=E k(Q i-1)XOR?P i
C i=M(P i,Q i)
Wherein, 0<i<=handled number of packet is for grouping C iIn each bit C Ij, whether function M (is P in this example according to encrypting the current bit in the plaintext at first independent variable Ij) and second independent variable (be Q in this example Ij) between make a choice.For bit C Ij, all groupings and the current group C of front during the possibility of result of function M (be referred to as " choice function " here, be also referred to as multiplexer in this area) depends on expressly iIn do not have the front bit of encrypted plaintext.
Should be understood that according to indicating the action need that encrypt or should not encrypt which bit which bit, choice function M also is described in more details this with reference to Fig. 2 A, 2B, 3A and 3B below.
Corresponding decryption method is:
Q 0=IV
Q i &prime; = E k ( Q i - 1 ) XOR C i
P i = M ( C i , Q i &prime; )
Q i = M ( Q i &prime; , C i )
Wherein, the quantity of 0<i<=handled grouping.
One skilled in the art will appreciate that with the routine use of block cipher and compare that there is a shortcoming as described below in first preferred embodiment.For useful same key K encrypted data packet, first P that divides into groups 1Will be with having identical filler (pad) E K(IV) XOR computing is encrypted, and this method is unsafe.More general is that if a plurality of packets are arranged, their preceding n grouping is identical, (n+1) individual grouping is inequality, so, and before (n+1) individual grouping, the XOR filler of these packets is identical, and is just inequality since (n+2) individual grouping.
But, not too important if the disabled user deciphers the sub-fraction content at an easy rate in some cases, and between packet, have a lot of the variation, just as in video flowing and audio stream, so, the shortcoming of pointing out above can be tolerated.
Do not limit foregoing generality, consider now this particular case of mpeg transport stream, for example MPEG-2 (just as described in the ISO/IEC13818-1 Information technology-Generic coding of moving pictures and associated audio information:Systems).One skilled in the art will appreciate that MPEG-2 is an example, and do not have restricted meaning.
Fig. 2 A and 2B are the simplified block diagrams of the block cipher system of first preferred embodiment structure and work according to the present invention, and they show the particular case of first preferred embodiment of the present invention that uses in MPEG-2 system.Fig. 2 A shows encryption, and Fig. 2 B shows deciphering.With reference to contextual explanation, Fig. 2 A and 2B are conspicuous.
In MPEG-2, each transmission package comprises 188 bytes, and preceding 4 bytes (byte 0-3) comprise packet header.These preceding 4 bytes are the MSC byte always, must remain in clean state; That is, these preceding 4 bytes must be not encrypted.Knownly in MPEG-2 technical field be, according to a bit in these bytes, additional adaptation field and then in the back, packet header, this adaptation field also must remain on clean state (MSC), in such example, byte 4 comprises the length of this adaptation field.The remainder of packet should be carried out encrypt/decrypt.
For example, if with known technology AES (FIPS Publication 197, November26,2001, Announcing the Advanced Encryption Standard (AES) is described it, and network address is atcsrc.nist.gov/publications/flps/fips197/fips-197.pdf) as block cipher (grouping), so with 16 bytes, each packet can be filled the IV (might be known) of one 4 byte before preceding 4 bytes, remove 16 byte IVC 0Outside, also have this IV.
After the encryption, abandon C 1Preceding 4 bytes, therefore, whether should encrypt unimportant to preceding four bytes.
Inventor of the present invention thinks, compares with first preferred embodiment of the present invention, and second preferred embodiment has stronger anti-attack ability.With P 1Clean partially mixed in initial vector.For example, do not limit foregoing generality, can make in the following method:
IV=M(P 1,IV)
Q 0=E k(IV′)XOR?IV′
Q i=E k(Q i-1)XOR?P i
C i=M(P i,Q i)
Wherein, 0<i<=handled number of packet.
Should be understood that, the invention is not restricted to use formula
Q 0=E k(IV′)XOR?IV′,
On the contrary, can use any suitable hash (hash) function of IV '.Generally speaking, for a suitable hash function H:
Q 0=H(IV′)
For example, do not limit foregoing generality, can use known SHA1 hash function.For example, in following two publications SHA1 hash function is described:
Publish April 17 nineteen ninety-five, exercise question is the FIPSPUB 180-1 of " Secure Hash Standard ", and its network address is www.itl.nist.gov/fipspubs/fip180-1.htm; And
Publish September calendar year 2001, exercise question is the RFC 3174 of " US Secure Hash Algorithm 1 (SHA1) ", is its network address www.ietf.org/rfc/rfc3174.txt? number=3174.
Corresponding decryption method is:
IV′=M(P 1,IV)
Q 0=H(IV′)
Q i &prime; = E k ( Q i - 1 ) XOR C i
P i = M ( C i , Q i &prime; )
Q i = M ( Q i &prime; , C i )
Wherein, 0<i<=handled number of packet.
One skilled in the art will appreciate that in second preferred embodiment of the present invention if the initial clean part of first grouping of two packets is different, they will have diverse XOR filler so.So even only for first grouping, the quantity of data packets that has identical XOR filler also will reduce, this makes that utilizing the described weakness of first preferred embodiment of the present invention to crack becomes difficult more.
Do not limit foregoing generality,, the particular case of above-mentioned MPEG-2 is discussed now in conjunction with second preferred embodiment of the present invention.One skilled in the art will appreciate that MPEG-2 just as an example, does not have restricted meaning.
The simplified block diagram of the block cipher system of Fig. 3 A and 3B second preferred embodiment structure and work according to the present invention.This two width of cloth illustrates the special example of first preferred embodiment of the present invention that uses in MPEG-2 system.Fig. 3 A shows encryption, and Fig. 3 B shows deciphering.With reference to context, Fig. 3 A and 3B are conspicuous.
Should be understood that, in Fig. 3 A and 3B, be an object lesson of F function with the XOR function representation.As previously mentioned, the invention is not restricted to use the XOR function.
Earlier in respect of figures 2A and Fig. 2 B are equally applicable to Fig. 3 A and Fig. 3 B to the explanation of MPEG-2 object lesson.
Should be understood that, for the sake of clarity and the of the present invention various features of describing in different embodiment also can be combined among the single embodiment.Conversely, for brevity and also can provide respectively or in any suitable sub-portfolio, be described in the of the present invention various features of the middle description of single embodiment.
One skilled in the art will appreciate that and the invention is not restricted to above-described particular content.On the contrary, protection scope of the present invention is defined by following claim.

Claims (4)

1, a kind of system that a plurality of packets is carried out encrypt/decrypt, comprise an encryption/decryption device, it carries out encrypt/decrypt according to initial vector and key to described a plurality of packets, each packet in described a plurality of packet all has a necessary clear area that keeps that must always remain under the clean state, and the initial vector of each packet in described a plurality of packets is the function that must keep at least a portion of clear area of a related data packets in described a plurality of packets of handling.
2, the system as claimed in claim 1, wherein, the described clear area that must keep comprises that adapts to a field, described initial vector is the function of at least a portion of the adaptation field of that packet of handling.
3, a kind of a plurality of packets are carried out the method for encrypt/decrypt, each packet all has one must always remain on and must keep clear area under the clean state in these a plurality of packets, and this method comprises:
The function that must keep at least a portion of clear area of a related data packets in described a plurality of packets that the initial vector of each packet in described a plurality of packets is defined as handling; And
According to described initial vector and key, described a plurality of packets are carried out encrypt/decrypt.
4, method as claimed in claim 3, wherein, the described clear area that must keep comprises that adapts to a field, the function of at least a portion of the described adaptation field of determining to comprise that packet that described initial vector is defined as handling.
CNB2004800055831A 2003-03-27 2004-02-16 Improved CFM mode system Expired - Fee Related CN100514899C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
IL15512103A IL155121A0 (en) 2003-03-27 2003-03-27 Method for encryption
IL155121 2003-03-27
IL156950 2003-07-15

Publications (2)

Publication Number Publication Date
CN1757189A CN1757189A (en) 2006-04-05
CN100514899C true CN100514899C (en) 2009-07-15

Family

ID=32697018

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2004800055831A Expired - Fee Related CN100514899C (en) 2003-03-27 2004-02-16 Improved CFM mode system

Country Status (2)

Country Link
CN (1) CN100514899C (en)
IL (1) IL155121A0 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113204771B (en) * 2021-04-21 2022-02-22 北京连山科技股份有限公司 Efficient method for improving defects of block cipher CBC mode by using SM3 cipher

Also Published As

Publication number Publication date
IL155121A0 (en) 2004-03-28
CN1757189A (en) 2006-04-05

Similar Documents

Publication Publication Date Title
AU2003296888B2 (en) Efficient encryption and authentication for data processing systems
JP3901909B2 (en) ENCRYPTION DEVICE AND RECORDING MEDIUM CONTAINING PROGRAM
AU2003296887B2 (en) Efficient encryption and authentication for data processing systems
US7305084B2 (en) Fast encryption and authentication for data processing systems
US6504930B2 (en) Encryption and decryption method and apparatus using a work key which is generated by executing a decryption algorithm
Yi et al. Fast encryption for multimedia
US20090080647A1 (en) Method and System for Usage of Block Cipher Encryption
US7110539B1 (en) Method and apparatus for encrypting and decrypting data
US7254233B2 (en) Fast encryption and authentication for data processing systems
KR100525389B1 (en) Scrambler/descrambler of real time input stream
Frankel et al. The AES-XCBC-MAC-96 algorithm and its use with IPsec
CN100514899C (en) Improved CFM mode system
US7092524B1 (en) Device for and method of cryptographically wrapping information
CN108616351B (en) Full-dynamic encryption and decryption method and encryption and decryption device
KR20060003328A (en) Improved cfm mode system
Frankel et al. RFC3566: The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec
CN110278206B (en) BWE encryption algorithm based on double private keys
JP2001285281A (en) Encryption system
McGrew et al. Arbitrary block length (ABL) mode: security without data expansion

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1087860

Country of ref document: HK

C14 Grant of patent or utility model
GR01 Patent grant
REG Reference to a national code

Ref country code: HK

Ref legal event code: GR

Ref document number: 1087860

Country of ref document: HK

C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20090715

Termination date: 20110216