GB1605250A - Cryptographic apparatus - Google Patents

Cryptographic apparatus Download PDF

Info

Publication number
GB1605250A
GB1605250A GB3867575A GB3867575A GB1605250A GB 1605250 A GB1605250 A GB 1605250A GB 3867575 A GB3867575 A GB 3867575A GB 3867575 A GB3867575 A GB 3867575A GB 1605250 A GB1605250 A GB 1605250A
Authority
GB
United Kingdom
Prior art keywords
word
state
channel
characters
text
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired
Application number
GB3867575A
Inventor
J M Taylor
J K Parks
J F Dallenger
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
UK Secretary of State for Defence
Original Assignee
UK Secretary of State for Defence
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by UK Secretary of State for Defence filed Critical UK Secretary of State for Defence
Priority to GB3867575A priority Critical patent/GB1605250A/en
Publication of GB1605250A publication Critical patent/GB1605250A/en
Expired legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/12Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • H04L9/16Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Description

(54) IMPROVEMENTS IN OR RELATING TO CRYPTOGRAPHIC APPARATUS (71) I, THE SECRETARY OFSTATE FOR DEFENCE, London, do hereby declare the invention, for which I pray that a patent may be granted to me, and the method by which it'is to he performed, to be particularly described in and by the following statement: This invention relates to cryptographic apparatus, and more particularly to cryptographic apparatus for application to secure digital telecommunication channels.
In a message switching network a number of terminals are interconnected by means of message switches. If it is desired to send a message from one terminal to another the message is first sent along a data link from the one terminal to the nearest message switch, There an address header, which forms part of the message and which identifies the other terminal which is the intended destination of the message, is examined and the message is forwarded to the other terminal, either directly, if there is a direct link between the message switch and the other terminal, or via one or more other message switches, at each of which the address header is examined. The examination of the address header and the appropriate forwarding is done automatically under control of a computer.In some networks messages are divided for convenience of handling.into packets, which are blocks of characters of predetermined length, each packet carrying an address header.
If the links in a network, or some of them, are secure links for carrying information which is to be kept secret, cryptographic apparatus is provided at each of the terminals and message switches which are connected to such secure links. Each message is encrypted at the originating terminal and is decrypted and revencrypted, that is, deciphered and re enciphered, at each message switch. In known arrangements each message switch has a separate cryptographic apparatus for each secure channel connected with it, so that each duplex link will have associated with it an encrypter at each end and a decrypter at each end, each of the decrypters, when in use, being synchronised with the encrypter at the end of the link.
A single cryptographic apparatus of a type suitable for use in message switches incltides a key register for holding a key word and a state register for holding a state word. It also includes a logic circuit for combining the various binary digits of the key words'and of the state word with a portion of the message text to produce a portion of encrypted message text, or with a portion of the encrypted message text to produce a portion of decrypted message text as the case may be, and thereupon changing the state word in a predetermined way. The state word is thus continually changing as the apparatus is used, whereas the key word, once it has been set up, stays the same until it is deliberately changed, which will be done at prearranged times, for example once a day.
In a particularly convenient form of apparatus the logic circuit derives from the key word and the state word for a single binary digit which is combined with a binary digit of the message by modulo-two addition, thereby giving the advantage that the same logic is used in the encrypter as in the decrypter.
If a decrypter is to be able to decrypt an encrypted message correctly it must not only be set to operate with the correct key word but it must also have the correct state word, and as the state word of the encrypter changes the state word of the decrypter must change in a corresponding way. The condition in which the state word of the decrypter is changing correctly in step with that of the encrypter is known in the art as "crypto-synch" to distinguish it from the condition in which a receiver is correctly recognising the beginnings of characters sent by a transmitter, which is known as "character-synch".
It is possible to distinguish two important modes of operation of cryptographic apparatus, though other modes are possible, on the basis of the way in which the new state word is derived when the state word is changed. In the mode employing what is known as "long cycle" operation the new state word is derived from the key word and'the old state word alone and is independent of the message text, whereas in the mode employing what is known as "cypher text auto*key" operation the state word is derived from the last M binary digits of the encrypted message text to be transmitted, where M is the number of digits in the state word. With cypher text auto-key operation no special procedure is necessary to achieve crypto-synch since it follows as soon as M digits of text have been correctly received and passed to the decrypter.
On the other hand a single wrongly received digit will cause M digits to be wrongly decrypted. With long cycle operation a special crypto-synch procedure is necessary, but then, provided character-synch is maintained, so that the correct number of digits are passed to the decrypter, crypto-synch will also be maintained. Also, with long cycle operation, the state word need never be transmitted over the channel since it may initially be taken from a code book or tape, whereas with cypher text auto-key the state word is continually being transmitted and secrecy resides in the key word alone.
It is an object of the present invention to provide cryptographic apparatus capable of operating on a plurality of channels concurrently, for example in a message switch.
According to the present invention there is provided cryptographic apparatus of the type having a key register for holding a key word, a state register for holding a state word, and a logical circuit for combining the various digits of the key word and the state word with a portion of an input message text to produce a portion of output message text and to change the state word in a predetermined way, including a key-word store for holding a plurality of key words, one for each of a plurality of channels, a state-word store for holding a plurality of state words, one for each of the channels and multiplexing means which, for each of the channels in turn, load the corresponding key word from the key-word store into the key register, load the corresponding state word from the state-word store into the state register, present a portion of message text from the channel as input message text to the logical circuit, present the corresponding portion of output message text to the channel, and store the state word, after it has been changed by the logic circuit, in the state-word store in place of the old state word.
The state-word store may be a fast-access read-write store such as a computer core store.
The key-word store may be similar to the state-word store or it may be a read-mostly memory, ie: a memory which can be erased and rewritten at a slower speed than at which it can be read.
In order to provide for continued functioning even in the event of a failure a dual system may be provided with two items of cryptographic apparatus according to the invention with means for applying input message text from the channels to both items simultaneously and change-over means for applying output message text to the channels from one or the other of the items from time to time under control of an automatic change-over unit connected to receive respective monitoring signals from the items indicating the presence or absence of failures. In the dual system means may be provided for changing key words in both items simultaneously and also for each of the items means may be provided for loading a state word into its state register from the state-word store of the other of the items instead of from its own state-word store.Thus if one of the items goes out of crypto-synch on one or more of the channels it can be brought back in by loading the state words, at the appropriate times, from the other item. Also.
when setting up a channel, for example after the key word has been changed, one of the items can be brought into crypto-synch by keying in an initial state word externally, or by reading it in from a code tape, and then the other of the items can be brought into cryptosynch later by loading the state word from the first one while it is working.
For each outgoing channel along which encrypted message text is to be transmitted means may be provided for transmitting characters of text at accurately predetermined regular intervals. Whenever there is not enough actual message text to provide enough characters, extra, non-informative, characters are inserted into the text before encryption.
There is thus a constant stream of encrypted text along all of the channels whether or not any actual messages are passing, so that it is impossible to gain information by analysing the traffic flow without decrypting the text. Also, since characters are transmitted regularly, a receiver will, in the event of a temporary interruption in the received text due to a fault in the channel or interference, be able to count the number of characters which have been missed and thus, if the decrypter uses long cycle operation, crypto-synch can be maintained. Accordingly for each incoming channel in a long cycle cryptographic apparatus there may be provided timing means for predicting the moments of arrival of characters of received text, drift-correcting means for correcting any slight discrepancies which may occur between the predicted moments of arrival and actual moments of arrival, and means for changing the state word corresponding to the channel when no characters arrive at or near the predicted moments in the same way as it would have changed if characters had arrived at the predicted moments. Conveniently, the means for changing the state word may simply comprise means for constructing a character from the signal on the channel starting at each indicated moment of arrival in the same way, regardless of whether the signal actually represents a character of text, or is a noise signal or its silence or whatever it may be.
There is a stream of constructed characters into the apparatus which coincide with the characters of the received text as long as there are any, but which continue at the correct rate, and pass through the apparatus in the normal way, even during an interruption in the received text.
An embodiment of the invention will now be described by way of example with reference to the drawings accompanying the provisional specification of which: Figure 1 shows in diagrammatic form a message switch of conventional type for use with secure channels, and Figure 2 shows in diagrammatic form a message switch including crytopgraphic apparatus according to the invention.
Figure 1 shows a message switch of a conventional type. The switching is done by a pair of computers 1 and 2 working in parallel.
Each of the computers I and 2 is of a conventional type, having a central processor unit 3 and 7, a main core store 4 and 8 and a disc backing store 5 and 9. Each of the computers 1 and 2 also has an interface unit or "front end" 6 and 10, which may be physically separate from the respective computer.
Input lines 11 for carrying incoming message text are connected via respective decrypters 12 to the front ends 6 and 10 of both of the computers 1 and 2 where the message texts on the various lines are read into buffer stores whence they are read and rerouted under the control of the central processor units 3 and 7.
Output lines 13 are connected via respective encrypters 14 to a change-over switch 15 which connects them to the front end 6 or 10 of one of the computers 1 or 2. The change-over switch 15 is controlled by an automatic cross-over unit 16 which is connected to receive monitoring signals from the central processor units 3 and 7 of the computers 1 and 2. When a fault develops in one of the computers 1 and 2 an indication is given by the respective monitoring signal to the automatic cross-over unit 16 which causes the cross-over switch 15 to switch over if necessary to ensure that the output lines 13 are connected to the computer which has not developed the indicated fault.
In Figure 1 there are shown, for the sake of clarity, only four input lines 11 and four output lines 13, but in practice it would be more typical to have about fifty input lines and about fifty output lines. This makes about one hundred lines in all, and since each line has either an encrypter 14 or a decrypter 12 associated with it there will be about one hundred items of cryptographic apparatus.
Figure 2 shows a message switch with two computers 1 and 2 with their constituent sections 3 to 10, input lines 11, output lines 13, cross-over switch 15 and automatic cross-over unit 16 as in Figure 1, but in place of the separate decrypters 12 and encrypters 14 there is an arrangement 17 comprising two items 18 and 19 of cryptographic apparatus.Each of the items 18 and 19 has a common control logic unit 26 and 27 which is a stored-program digital computer connected to receive incoming text from the input lines 11, outgoing text from one or other of the computers 1 and 2 via the cross-over switch 15 and red-output lines 20 ("red" being the term used in the cryptographic art to denote parts of apparatus which carry non-encrypted text), and control signals from a control console 23 and 24, and to apply decrypted incoming text to red-input lines 21 and 22 encrypted outgoing text to output lines 13 via a cross-over switch 25. The common control logic units 26 and 27 are also interconnected and connected to receive clocking signals from a common clock 28.
An automatic cross-over unit 29 is connected to receive monitoring signals from the common control logic units 26 and 27 and to control cross-over switches 25 and 30 so as to ensure that the output text applied to the output lines and the decrypted input text applied via the red-input lines 21 or 22 to the computers 1 and 2 are, in the event of a failure in one of the items 18 and 19, taken from that one of the items which is not exhibiting the failure.
The common control logic units 26 and 27, form composite command words from digits of text from each of the channels in turn, together with certain command and address digits to be described later, and apply them to respective command interface units 31 and 32 whence they receive words consisting of transformed text digits and status digits indicating what actions have been completed. The command interface units 31 and 32 are connected to respective transform units 33 and 34 which comprise key registers, state registers and logical circuits as in conventional cryptographic apparatus. The command interface units 31 and 32 apply text for transformation (encryption or decryption), one digit at a time, and control signals to the respective transform units 33 and 34 and receive transformed text back, together with any necessary failureindicating signals.The transform units work in long cycle mode on the principle of modulo-two addition of a derived binary digit as described in the introduction, so that the transformation is the same in fact whether it is encryption or decryption.
The transform units 33 and 34 are connected to receive key words and state words from respective key-word stores 35 and 36 and respective state-word stores 37 and 38 and to return the state words, after they have been changed by the operation of the transform units 33 and 34. The transform units 33 and 34 are also connected to receive state words from the opposite state-word stores 38 and 37 respectively, for purposes described earlier.
For initialising state words when setting up or re-establishing crypto-synch, fill stores 39 and 40 are provided. These are look-up stores containing random collections of digits and are used as one-time pads. When it is required to initialise a state word, corresponding to a channel, instead of the initial state word itself an address of a word in the fill stores 39 and 40 is sent over the channel and the initial state word is read out starting at the addressed word.
The address is passed from the command interface unit 31 or 32 to the fill store 39 or 40 which returns the initial state word which is then passed to the transform unit 33 and 34 with an appropriate control signal.
The contents of the fill stores 39 and 40 need to be changed periodically to maintain security as also do the key words. These needs are provided for by a common key and fill entry control unit 41 including a tape reader from which key words and fill digits can be read into the key-word stores 35 and 36 and the fill stores 39 and 40 via fill and key entry sections 42 and 43.
Access to the key-word stores 35 and 36 and the state-word stores 37 and 38 is controlled by address control logic units 44 and 45 which receive address and commands from their respective command interface units 31 and 32 and their fill and key entry sections 42 and 43.
There are also cross-connections, which for the sake of clarity are not shown in Figure 2, between the command interface units 31 and 32 and the opposite address control logic units 45 and 44 respectively to facilitate addressing when it is required to load a state word into one transform unit 33 or 34 from the opposite state-word 38 or 37 respectively.
The operation of the apparatus will now be described in more detail. Reference will generally be made only to item 18 of Figure. 2.
Unless it is stated otherwise item 19 will be performing the same actions at the same time as item 18.
During normal operation the cryptographic apparatus 17 is receiving encrypted text on the input lines 11, decrypting it, and passing it to the computers 1 and 2, and, at the same time, it is receiving un-encrypted text from one of the computers 1 or 2, encrypting it, and sending it to the output lines 11. When this is happening the text from all the channels is received in the common control logic unit 26 and stored in buffer stores, one buffer store for each channel. The common control logic unit 26 scans through each in turn of the buffer stores corresponding to the various channels and for each one forms a composite command word which consists of the digits of text from the buffer store together with some command digits, typically eight in number, which convey the following instructions. Two digits indicate how many digits of text there are in the word.
This is necessary because different lines may use different telegraphic codes with a different number of digits per character, typically from five to eight, and it is convenient to be able to process complete characters at one time. One digit indicates whether the text is message text or whether it is the address of a word in the fill store. In the normal course of events which we are considering it will indicate that it is message text. One digit indicates whether a state word is to be loaded from the state-word store 37, which in the case under consideration it is, and one digit indicates whether a state word is to be loaded from the opposite state-word store 38, which it is not. One digit indicates whether the state-word, after it is changed is to be saved, which it is.One digit indicates whether a key word is to be loaded, which it is, and one digit indicates whether a transformation is to be carried out, which it is. Address digits, typically about seven in number, are also included in the composite command word.
These contain address information for locating the state and key words appropriate to the channel in the state-word and key-word stores 37 and 35. There is clearly a degree of redundancy in the instruction digits which can be used as a failure check.
On receiving the composite command word the command interface unit 31 passes the text digits one by one to the transform unit 33 and sends address signals to the address control logic unit 44 which fetches the appropriate state and key words for loading into the transform unit 33. The command interface unit 31 also sends control signals to the transform unit 33 indicating that the digits are text for transformation as opposed to fill digits and causing the transform unit 33 to accept the state and key words from the key-word store 44 and state-word store 37. The transform unit 33 returns transformed text digits to the command interface unit 31, together with any failure signals, whence they are formed into words and transferred to the common control logic unit 26 where the transformed text is stored in buffer stores ready to be sent on along the channel.
When the state-word is to come from the opposite state-word store 38, as when the item 18 is being brought into crypto-synch after item 19, the control digits are appropriately different.
When it is required to initialise a state word, as when crypto-synch is to be set up or re-established, the text received is an address in the fill store 39. The composite command word identifies it as such and indicates that no state or key words are to be loaded from the stores 35 and 37 and that no transformation is required. The command interface unit sends the address to the fill store 39 which sends back the required initial state word. It is this which is then passed to the tranform unit 33, together with control signals identifying it as fill and indicating that no key or state words are to be loaded.
The common control logic unit 26 can also be switched to a plain language mode in any channel to enable communication between the control console 23 and a remote console on the channel when crypto-synch has been lost or before it has been set up.
The way in which the common control logic units 26 and 27 scan the various channels so as to maintain crypto-synch is as follows.
The units 26 and 27 receive simultaneous clock signals form the common clock 28 in response to which they scan simultaneously through the various channels. Each outgoing channel normally has a corresponding incoming channel and each time slot in the scan is dedicated to an incoming channel and the corresponding outgoing channel.
At the start of each time slot the units begin to output an encrypted character on the outpu channel, so that the output characters start at accurately predetermined moments.
The incoming characters will not generally arrive during the time slot dedicated to their respective channels, but the units 26 and 27 note the time slots during which the incoming characters are detected and computes, for each incoming channel, the time gap between the detection of a character and the beginning of the respective time slot. Since the character transmission rate and the scan rate are arranged to be accurately the same, the time gap for each channel should be nearly constant. Each time gap is compared with the previous k (about eight or sixteen) time gaps for the same channel and if it is the same, within predetermined limits, the corresponding character is accepted.If it is not the same however, this indicates that there is an interruption in the channel, so characters are supplied for decryption at the expected rate, but the decrypted characters are not passed on to the red-input lines 21 and 22. The time gaps of detected characters continue to be computed and compared with the k previous ones until agreement is once more obtained. The average of the k time gaps is then compared with the average of the last k before the interruption.
The new average will not generally be the same as the old because there will have been some drift between the clock rate 28 and the rate at which characters were actually being transmitted. Provided the drift was not more than half of the time between characters crypto-synch can be restored by omitting a character or inserting an extra one if necessary.
When that has been done normal operation is resumed.
When only one of the items 18 and 19 is in crypto-synch, it is necessary to pass information such as the time gap values to the other. For this purpose a link 46 is provided between the common control logic units 26 and 27.
A number of modifications to the described embodiment are possible, still lying within the scope of the invention. For example, instead of having separate lines for the various channels it may have one or more multiplex lines either on the input/output side, or on the computer (red) side or both. It is well known in the cryptographic art to use line isolators to prevent components of unencrypted text from becoming superimposed on the encrypted text.
With multiplex output lines these line isolators will be fewer in number.
WHAT WE CLAIM IS: 1. Cryptographic apparatus of the type having a key register for holding a key word, a state register for holding a state word, and a logic circuit for combining the various digits of the key word and the state word with a portion of an input message text to produce a portion of output message text and to change the state word in a predetermined way, further including:: a key-word store for holding a plurality of key words, one for each of a plurality of channels; a state-word store for holding a plurality of state words, one for each of the channels; and multiplexing means which, for each of the channels in turn, load the corresponding key word from the key-word store into the key register, load the corresponding state word from the state-word store into the state register, present a portion of message text from the channel as input message text to the logic circuit, present the corresponding portion of output message text to the channel, and store the state word, after it has been changed by the logic circuit, in the state-word store in place of the old state word.
2. Apparatus as claimed in Claim 1 wherein the multiplexing means includes a stored-program digital computer.
3. Apparatus as claimed in Claim 1 or Claim 2 including means for ensuring that each outgoing channel transmits characters of text at accurately predetermined regular intervals.
4. Apparatus as claimed in Claim 3, adapted for long-cycle operation, including timing means for predicting the moments of arrival of characters of received text at each incoming channel, drift-correcting means for correcting any discrepancies which may occur between the predicted moments of arrival and actual moments of arrival, and means for changing the respective state words of channels to which no characters arrive at or near predicted moments in the same way as the said state words would have been changed if characters had arrived at the predicted moments.
5. Apparatus comprising two substantially identical items of cryptographic apparatus as claimed in any of the preceding claims, means for applying input messages from the channels to both items simultaneously, change-over means for applying output message text to the channels from one or the other of the items, and an automatic change-over unit connected to receive respective monitoring signals from the items indicating the presence or absence of failures and arranged to control the cross-over means so that the output message text is
**WARNING** end of DESC field may overlap start of CLMS **.

Claims (8)

**WARNING** start of CLMS field may overlap end of DESC **. channel when crypto-synch has been lost or before it has been set up. The way in which the common control logic units 26 and 27 scan the various channels so as to maintain crypto-synch is as follows. The units 26 and 27 receive simultaneous clock signals form the common clock 28 in response to which they scan simultaneously through the various channels. Each outgoing channel normally has a corresponding incoming channel and each time slot in the scan is dedicated to an incoming channel and the corresponding outgoing channel. At the start of each time slot the units begin to output an encrypted character on the outpu channel, so that the output characters start at accurately predetermined moments. The incoming characters will not generally arrive during the time slot dedicated to their respective channels, but the units 26 and 27 note the time slots during which the incoming characters are detected and computes, for each incoming channel, the time gap between the detection of a character and the beginning of the respective time slot. Since the character transmission rate and the scan rate are arranged to be accurately the same, the time gap for each channel should be nearly constant. Each time gap is compared with the previous k (about eight or sixteen) time gaps for the same channel and if it is the same, within predetermined limits, the corresponding character is accepted.If it is not the same however, this indicates that there is an interruption in the channel, so characters are supplied for decryption at the expected rate, but the decrypted characters are not passed on to the red-input lines 21 and 22. The time gaps of detected characters continue to be computed and compared with the k previous ones until agreement is once more obtained. The average of the k time gaps is then compared with the average of the last k before the interruption. The new average will not generally be the same as the old because there will have been some drift between the clock rate 28 and the rate at which characters were actually being transmitted. Provided the drift was not more than half of the time between characters crypto-synch can be restored by omitting a character or inserting an extra one if necessary. When that has been done normal operation is resumed. When only one of the items 18 and 19 is in crypto-synch, it is necessary to pass information such as the time gap values to the other. For this purpose a link 46 is provided between the common control logic units 26 and 27. A number of modifications to the described embodiment are possible, still lying within the scope of the invention. For example, instead of having separate lines for the various channels it may have one or more multiplex lines either on the input/output side, or on the computer (red) side or both. It is well known in the cryptographic art to use line isolators to prevent components of unencrypted text from becoming superimposed on the encrypted text. With multiplex output lines these line isolators will be fewer in number. WHAT WE CLAIM IS:
1. Cryptographic apparatus of the type having a key register for holding a key word, a state register for holding a state word, and a logic circuit for combining the various digits of the key word and the state word with a portion of an input message text to produce a portion of output message text and to change the state word in a predetermined way, further including:: a key-word store for holding a plurality of key words, one for each of a plurality of channels; a state-word store for holding a plurality of state words, one for each of the channels; and multiplexing means which, for each of the channels in turn, load the corresponding key word from the key-word store into the key register, load the corresponding state word from the state-word store into the state register, present a portion of message text from the channel as input message text to the logic circuit, present the corresponding portion of output message text to the channel, and store the state word, after it has been changed by the logic circuit, in the state-word store in place of the old state word.
2. Apparatus as claimed in Claim 1 wherein the multiplexing means includes a stored-program digital computer.
3. Apparatus as claimed in Claim 1 or Claim 2 including means for ensuring that each outgoing channel transmits characters of text at accurately predetermined regular intervals.
4. Apparatus as claimed in Claim 3, adapted for long-cycle operation, including timing means for predicting the moments of arrival of characters of received text at each incoming channel, drift-correcting means for correcting any discrepancies which may occur between the predicted moments of arrival and actual moments of arrival, and means for changing the respective state words of channels to which no characters arrive at or near predicted moments in the same way as the said state words would have been changed if characters had arrived at the predicted moments.
5. Apparatus comprising two substantially identical items of cryptographic apparatus as claimed in any of the preceding claims, means for applying input messages from the channels to both items simultaneously, change-over means for applying output message text to the channels from one or the other of the items, and an automatic change-over unit connected to receive respective monitoring signals from the items indicating the presence or absence of failures and arranged to control the cross-over means so that the output message text is
applied to the channels from one of the items if any for which the monitoring signals are not indicating the presence of a failure.
6. Apparatus as claimed in Claim 5 including means for changing key words in both items simultaneously and, for each of the items, means for loading a state word into the state register of the respective item from the state-word store of the other of the items.
7. Cryptographic apparatus substantially as herein described with reference to Figure 2 of the drawings accompanying the provisional specification.
8. A message switch including cryptographic apparatus as claimed in any of the preceding claims.
GB3867575A 1975-09-19 1975-09-19 Cryptographic apparatus Expired GB1605250A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB3867575A GB1605250A (en) 1975-09-19 1975-09-19 Cryptographic apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB3867575A GB1605250A (en) 1975-09-19 1975-09-19 Cryptographic apparatus

Publications (1)

Publication Number Publication Date
GB1605250A true GB1605250A (en) 1986-04-23

Family

ID=10404978

Family Applications (1)

Application Number Title Priority Date Filing Date
GB3867575A Expired GB1605250A (en) 1975-09-19 1975-09-19 Cryptographic apparatus

Country Status (1)

Country Link
GB (1) GB1605250A (en)

Similar Documents

Publication Publication Date Title
US4322576A (en) Message format for secure communication over data links
US4172213A (en) Byte stream selective encryption/decryption device
KR100199076B1 (en) Synchronization of encryption/decryption keys in a data communication network
KR950010705B1 (en) Encryption/decription apparatus and its communication network
US4159468A (en) Communications line authentication device
US4160120A (en) Link encryption device
CA1100588A (en) Message verification and transmission error detection by block chaining
US3798360A (en) Step code ciphering system
US4386234A (en) Cryptographic communication and file security using terminals
AU721608B2 (en) Encryption device for ATM cells
US6347143B1 (en) Cryptographic device with encryption blocks connected parallel
EP0002389A1 (en) Multiple domain data communication
JPH0160975B2 (en)
JPH0451105B2 (en)
WO1996002992A1 (en) Signal transmitting method and communication system
US5199072A (en) Method and apparatus for restricting access within a wireless local area network
JPH07226734A (en) Method and apparatus for secrecy of traffic behavior on common-medium passive optical network
EP0366288A2 (en) Buffered cyphering
US4972481A (en) Ciphering and deciphering device
US4856063A (en) No-overhead synchronization for cryptographic systems
GB1605250A (en) Cryptographic apparatus
WO1993009627A1 (en) Cryptographic apparatus and method for a data communication network
KR920001575B1 (en) Ciphering and deciphering device
GB1581645A (en) Electronic digital telecommunications apparatus
KR100342526B1 (en) Apparatus for encrypting and decrypting data