SE1751566A1 - Encryption methods and devices - Google Patents

Encryption methods and devices

Info

Publication number
SE1751566A1
SE1751566A1 SE1751566A SE1751566A SE1751566A1 SE 1751566 A1 SE1751566 A1 SE 1751566A1 SE 1751566 A SE1751566 A SE 1751566A SE 1751566 A SE1751566 A SE 1751566A SE 1751566 A1 SE1751566 A1 SE 1751566A1
Authority
SE
Sweden
Prior art keywords
payload data
header
encrypted
authentication tag
encryption block
Prior art date
Application number
SE1751566A
Inventor
Christian Klemetsson
Original Assignee
DeviceRadio AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by DeviceRadio AB filed Critical DeviceRadio AB
Priority to SE1751566A priority Critical patent/SE1751566A1/en
Priority to PCT/SE2018/051318 priority patent/WO2019125290A1/en
Publication of SE1751566A1 publication Critical patent/SE1751566A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0637Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • H04L9/0662Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • H04L9/16Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/72Signcrypting, i.e. digital signing and encrypting simultaneously

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method is disclosed for a transmitter node configured to transmit packets (100) of encrypted payload data. The method comprises encrypting a header (101) associated with the payload data by applying a block cipher to a counter value to provide a corresponding encryption block and providing the header as input of a stream cipher based on the encryption block, wherein the encryption block (150) comprises a first part (151) and a second part (152) and wherein only the first part is used by the stream cipher to encrypt the header.The method also comprises encrypting the payload data (102), determining an authentication tag (103) for the payload data based on the encrypted header and the encrypted payload data, encrypting the authentication tag by providing the authentication tag as the input of the stream cipher based on at least the second part (152) of the particular encryption block, and concatenating the header (101), the encrypted payload data (112) and the encrypted authentication tag (113) to provide a packet for transmission.A method for a receiver node is also disclosed, together with corresponding arrangements, wireless communication nodes and computer program product.
SE1751566A 2017-12-18 2017-12-18 Encryption methods and devices SE1751566A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
SE1751566A SE1751566A1 (en) 2017-12-18 2017-12-18 Encryption methods and devices
PCT/SE2018/051318 WO2019125290A1 (en) 2017-12-18 2018-12-14 Encryption methods and devices

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
SE1751566A SE1751566A1 (en) 2017-12-18 2017-12-18 Encryption methods and devices

Publications (1)

Publication Number Publication Date
SE1751566A1 true SE1751566A1 (en) 2019-06-19

Family

ID=66998027

Family Applications (1)

Application Number Title Priority Date Filing Date
SE1751566A SE1751566A1 (en) 2017-12-18 2017-12-18 Encryption methods and devices

Country Status (2)

Country Link
SE (1) SE1751566A1 (en)
WO (1) WO2019125290A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110381067B (en) * 2019-07-24 2022-02-08 北京视界云天科技有限公司 IP packet encryption method, decryption method and device thereof

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020044651A1 (en) * 2000-05-16 2002-04-18 Tuvell Walter E. Method and apparatus for improving the security of cryptographic ciphers
US20020051537A1 (en) * 2000-09-13 2002-05-02 Rogaway Phillip W. Method and apparatus for realizing a parallelizable variable-input-length pseudorandom function
US20060285684A1 (en) * 2001-07-30 2006-12-21 Rogaway Phillip W Method and apparatus for facilitating efficient authenticated encryption

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020044651A1 (en) * 2000-05-16 2002-04-18 Tuvell Walter E. Method and apparatus for improving the security of cryptographic ciphers
US20020051537A1 (en) * 2000-09-13 2002-05-02 Rogaway Phillip W. Method and apparatus for realizing a parallelizable variable-input-length pseudorandom function
US20060285684A1 (en) * 2001-07-30 2006-12-21 Rogaway Phillip W Method and apparatus for facilitating efficient authenticated encryption

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
International Standard, ISO/IEC 19772, Information technology - Security techniques - Authenticated encryption. Published 2009-02-15 *
Oszywa W., Gliwa R. Combining message encryption and authentication, Annales UMCS, Informatica, Volume 11, Number 2, June 2011. Doi 10.2478/v10065-011-0010-y *

Also Published As

Publication number Publication date
WO2019125290A1 (en) 2019-06-27

Similar Documents

Publication Publication Date Title
US11575660B2 (en) End-to-end encryption for personal communication nodes
GB2528226A (en) Method performed by at least one server for processing a data packet from a first computing device to a second computing device to permit end-to-end
CA3011085A1 (en) System and method for implementing secure communications for internet of things (iot) devices
MX2019003356A (en) Secure communication of network traffic.
Boakye-Boateng et al. Encryption protocol for resource-constrained devices in fog-based IoT using one-time pads
WO2017109584A3 (en) Computer-implemented cryptographic method for improving a computer network, and terminal, system and computer-readable medium for the same
EP2034778A3 (en) Method and apparatus for providing security in wireless communication networks
CN105262772A (en) Data transmission method, data transmission system and related apparatus for data transmission method and system
WO2009042104A3 (en) Method and apparatus for authenticating nodes in a wireless network
US10623180B2 (en) Communication device, communication method, and communication system
JP2015505220A5 (en)
IN2013DE02939A (en)
TW200503497A (en) Wireless network and methods for communicating in a wireless network
CN105337954A (en) Method and device for encryption and decryption of IP message in satellite communication
CN104219252A (en) Coding error correction based secret key forward direction consistency calibration method
CN105407109A (en) Data secure transmission method between Bluetooth devices
KR20180096189A (en) LPWA Module performing Encrypted Communication and method thereof
CN105847001A (en) Device, system and method for digital microwave communication based on quantum encryption
US10237251B2 (en) Communication device and system, data processing method and method for securely exchanging data
SE1751566A1 (en) Encryption methods and devices
US11463870B2 (en) Wireless mesh network
CN104158788A (en) Method of end-to-end data transmission
Abolade et al. Overhead effects of data encryption on TCP throughput across IPSEC secured network
IL254758B2 (en) Method, equipment and computer program product for code encryption
PH12016501945A1 (en) Residential local break out in a communication system

Legal Events

Date Code Title Description
NAV Patent application has lapsed