SI9400439A - Process and device for secure an information data packet - Google Patents

Process and device for secure an information data packet Download PDF

Info

Publication number
SI9400439A
SI9400439A SI9400439A SI9400439A SI9400439A SI 9400439 A SI9400439 A SI 9400439A SI 9400439 A SI9400439 A SI 9400439A SI 9400439 A SI9400439 A SI 9400439A SI 9400439 A SI9400439 A SI 9400439A
Authority
SI
Slovenia
Prior art keywords
data
data packet
data word
encoded
word
Prior art date
Application number
SI9400439A
Other languages
Slovenian (sl)
Inventor
Thomas Schaub
Original Assignee
Landis & Gyr Tech Innovat
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Landis & Gyr Tech Innovat filed Critical Landis & Gyr Tech Innovat
Publication of SI9400439A publication Critical patent/SI9400439A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0637Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/08Randomization, e.g. dummy operations or using noise

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Communication Control (AREA)

Abstract

In a method for saving the information of a data packet comprising a number of data words (W1 ... We) during the transmission between a transmitting device (2S) and a receiving device (2E), the uncoded data packet is supplemented in a first transformation block (17) by means of a data word (CC) which exhibits a bit pattern which is used uniquely for saving within a predetermined time interval. A supplemented data packet (W1 ...f) is sequentially coded in units of identical length in a device (19) using the cipher-feedback method, the first data word (W1) to be coded being transformed into a unique data word (W1<*>) in a second transformation block (18) before being coded and a coded data word (Yk) being generated by a nonlinear combination of coded data words in the device (19). <IMAGE>

Description

Postopek in priprava za varovanje informacije podatkovnega paketaProcedure and preparation for securing data packet information

Izum se nanaša na postopek za varovanje informacije podatkovnega paketa kot tudi na pripravo za izvajanje postopka po uvodnih delih patentnih zahtevkov 1 in 6.The invention relates to a method for protecting information of a data packet as well as to preparing for carrying out the process according to the introductory parts of claims 1 and 6.

Takšne postopke se s prednostjo uporablja pri prenosu podatkovnih paketov v podatkovnem omrežju, v katerem se elektroenergetsko omrežje uporabi kot prenosen medij, kar se označuje tudi kot Power Line Carrier Datanetwork.Such procedures are used with priority in the transmission of data packets in a data network in which the power network is used as a transmission medium, which is also referred to as Power Line Carrier Datanetwork.

Z varovanjem informacije pri prenašanju podatkovnih paketov po prenosnem sredstvu, ki ga zlahka uporabljajo tretje osebe, se informacijo ščiti pred nezaželjenim branjem in razlaganjem s strani tretjih oseb. Nadalje je z varovanjem pri sprejemniku omogočeno preizkušanje pristnosti informacije, tako da sprejemnik lahko razpozna podatkovni paket, kije bil dupliciran s strani tretjih oseb.By protecting information when transferring data packets over a portable medium that is easily used by third parties, the information is protected against unwanted reading and interpretation by third parties. Furthermore, security with the receiver enables authentication of information so that the receiver can recognize a data packet that has been duplicated by third parties.

Poznana je priprava za kodiranje oz. dekodiranje podatkovnih tokov (US 4 543 646), ki uporablja Data Encryption Standard (DES; Federal Information Processing Standards Publication, št. 46), kar predpostavlja strukturiranje podatkovnih tokov v 64bitne enote in je tehnično zelo zahtevno.The preparation for coding and / or preparation is known. decoding data streams (US 4 543 646) using the Data Encryption Standard (DES; Federal Information Processing Standards Publication, No. 46), which presupposes structuring data streams into 64 bit units and is technically very demanding.

Za kodiranje podatkovnih tokov, ki so strukturirani v majhne bitne enote oz. podatkovne besede, je poznan Cipher-Feedback-System (D.W. Davies and W.L. Priče, Security for Computer Networks, John Wiley and Sons Ltd, New York 1984).For encoding data streams that are structured into small bit units or. data words, the Cipher-Feedback-System is known (D.W. Davies and W.L. Witnesses, Security for Computer Networks, John Wiley and Sons Ltd, New York 1984).

Naloga izuma je, da se stvori postopek, ki se ga lahko izvede s poceni sredstvi, za varovanje informacije podatkovnega paketa in da se poda pripravo, ki deluje po tem postopku.It is an object of the invention to provide a process which can be carried out by inexpensive means, to protect the information of a data packet, and to provide a device that operates by this process.

Navedena naloga se po izumu reši z značilnostmi patentnega zahtevka 1 in patentnega zahtevka 6. Prednostni izvedbeni primeri izhajajo iz odvisnih patentnih zahtevkov.The present invention is solved by the features of claim 1 and claim 6. Preferred embodiments arise from dependent claims.

V nadaljnjem so izvedbeni primeri izuma pobliže razloženi s pomočjo risbe.Hereinafter, embodiments of the invention are explained in greater detail by way of drawing.

Pri tem prikazuje sl. 1 uporabniško postajo s pripravo za varovanje informacije podatkovnega paketa, sl. 2 telekomunikacijsko omrežje z več primerki uporabniške postaje, sl. 3 diagram pretoka podatkov za postopek za varovanje informacije podatkovnega paketa, sl. 4 pripravo za kodiranje podatkovnega paketa in sl. 5 pripravo za dekodiranje podatkovnega paketa.In this, FIG. 1 is a user station with a device for protecting data packet information; FIG. 2 is a telecommunications network with multiple instances of a user station, FIG. 3 is a data flow diagram for a process for securing information of a data packet; FIG. 4 is a preparation for encoding a data packet and FIG. 5 preparing to decode the data packet.

Na sl. 1 pomeni številka 1 uporabniško postajo, ki je izvedena kot oddajna in sprejemna priprava in ima vsaj eno pripravo 2 za varovanje informacije podatkovnih paketov, vsaj en priključek 3 za prenosno sredstvo, ki na sl. 1 ni predstavljeno, vhodni modul 4, ki je na vhodni strani povezan s priključkom 3, in izhodni modul 5, kije na izhodni strani povezan s priključkom 3.In FIG. 1 is a number 1 user station which is designed as a transmitter and receiver device and has at least one device 2 for securing information of the data packets, at least one port 3 for the transmission means, which in FIG. 1 is not represented, the input module 4 connected to the input terminal 3 on the input side and the output module 5 connected to the output 3 terminal on the output side.

Priprava 2 za varovanje informacije podatkovnih paketov obsega prvi podatkovni vhod 6 za prvi podatkovni tok 7 z nevarovano informacijo, prvi podatkovni izhod 8 za drugi podatkovni tok 9, ki vodi proti izhodnemu modulu 5, z varovano informacijo, drugi podatkovni vhod 10 za tretji podatkovni tok 11, ki ga oddaja vhodni modul 4, z varovano informacijo in drugi podatkovni izhod 12 za četrti podatkovni tok 13 z nevarovano informacijo.The data packet information security device 2 comprises a first data input 6 for a first data stream 7 with unsecured information, a first data output 8 for a second data stream 9 leading to an output module 5, a secured information, a second data input 10 for a third data stream 11 emitted by input module 4, with secured information, and a second data output 12 for the fourth data stream 13 with unsecured information.

V nadaljnjem priprava 2 za varovanje informacije podatkovnega paketa obsega polnilniško enoto 14 s shranjenim ključem Z, prvo transformacijsko verigo 15, ki leži med prvim podatkovnim tokom 7 in drugim podatkovnim tokom 9, in drugo transformacijsko verigo 16, ki leži med tretjim podatkovnim tokom 11 in četrtim podatkovnim tokom 13.Further, device 2 for securing information of the data packet comprises a charging unit 14 with stored key Z, a first transformation chain 15 lying between the first data stream 7 and a second data stream 9, and a second transformation chain 16 lying between the third data stream 11 and fourth data stream 13.

Prva transformacijska veriga 15 ima prvi transformacijski blok 17, drugi transformacijski blok 18 in pripravo 19 za kodiranje podatkovnih paketov, ki so razporejeni v verigo drug za drugim v zaporedju njihovega naštevanja, pri čemer se peti podatkovni tok 20 lahko prenaša med prvim transformacijskim blokom 17 in drugim transformacijskim blokom 18, in nadalje šesti podatkovni tok 21 med drugim transformacijskim blokom 18 in pripravo 19 za kodiranje podatkovnih paketov.The first transformation chain 15 has a first transformation block 17, a second transformation block 18, and a device 19 for encoding the data packets arranged one after the other in a sequence of enumeration, the fifth data stream 20 being transmitted between the first transformation block 17 and the second transformation block 18, and further a sixth data stream 21 between the second transformation block 18 and the encoder 19 for encoding the data packets.

Druga transformacijska veriga 16 obsega pripravo 22 za dekodiranje podatkovnih paketov, tretji transformacijski blok 23 in četrti transformacijski blok 24, ki sta medsebojno povezana v verigo v zaporedju njihove navedbe, pri čemer se lahko sedmi podatkovni tok 25 prenaša med pripravo 22 za dekodiranje podatkovnih paketov in tretjim transformacijskim blokom, in nadalje osmi podatkovni tok 26 med tretjim transformacijskim blokom 23 in četrtim transformacijskim blokom 24.The second transformation chain 16 comprises a data packet decoding device 22, a third transformation block 23 and a fourth transformation block 24, which are interconnected in a chain in the order of their indication, wherein the seventh data stream 25 may be transmitted between the data packet decoding device 22 and the third transformation block, and further the eighth data stream 26 between the third transformation block 23 and the fourth transformation block 24.

Tako priprava 19 kot priprava 22 za kodiranje oz. dekodiranje podatkovnih paketov sta s pomnilniško enoto 14 povezani, tako da se ključ Z lahko bere z obema pripravama 19 in 22.Thus, the device 19 and the device 22 for encoding or. the decoding of the data packets is connected to the memory unit 14 so that the Z key can be read with both devices 19 and 22.

Sl. 2 prikazuje telekomunikacijsko omrežje 30 s tremi primerki uporabniške postaje 1. Največje število primerkov uporabniške postaje 1 v telekomunikacijskem omrežju 30 v bistvu ni omejeno. Obstoječe razdelilno omrežje za električno energijo takoimenovano elektroenergetsko omrežje - se lahko s prednostjo uporabi kot prenosno sredstvo telekomunikacijskega omrežja 30.FIG. 2 shows telecommunication network 30 with three instances of user station 1. The maximum number of instances of user station 1 in telecommunication network 30 is essentially unlimited. The existing electricity distribution network, the so-called electricity network - can be advantageously used as a transmission medium of the telecommunications network 30.

Prvi izvedbeni primer 1.1, drugi izvedbeni primer 1.2 in tretji izvedbeni primer 1.3 uporabniške postaje 1 so vsakič preko priključka 3 povezani s prenosnim sredstvom telekomunikacijskega omrežja 30. Tretji izvedbeni primer 1.3 je variantni izvedbeni primer, ki obsega dva primerka priprave 2 (sl.l) za varovanje podatkovnega paketa in tudi po dva primerka vhodnega modula 4 in izhodnega modula 5, pri čemer je drugi primerek priprave 2 za varovanje podatkovnega paketa preko drugega primerka vhodnega modula 4 in preko drugega primerka izhodnega modula 5 povezan z nadaljnjim priključkom 3.1.The first embodiment 1.1, the second embodiment 1.2 and the third embodiment 1.3 of user station 1 are each connected to the telecommunication network transmission port 30 via port 3. The third embodiment 1.3 is a variant embodiment comprising two instances of device 2 (FIG. 1) for securing the data packet, as well as two instances of input module 4 and output module 5, the second instance of device 2 for securing the data packet via a second instance of the output module 4 and via a further instance 3.1.

Četrti izvedbeni primer 1.4 uporabniške postaje 1 je preko prenosne priprave 31 povezan s tretjim izvedbenim primerom 1.3, pri čemer je prenosna priprava 31 priključena na priključku 3 četrtega izvedbenega primera 1.4 in na priključku 3.1 tretjega izvedbenega primera 1.3.The fourth embodiment 1.4 of user station 1 is connected to the third embodiment 1.3 by means of the portable device 31, wherein the portable device 31 is connected at the port 3 of the fourth embodiment 1.4 and at the port 3.1 of the third embodiment 1.3.

Prenosna priprava 31 je npr. telefonsko omrežje.The portable device 31 is e.g. telephone network.

V telekomunikacijskem omrežju 30 ali preko prenosne priprave 31 se npr. posredujejo krmilni ukaz in/ali merilne vrednosti med izvedbenimi primeri 1.1, 1.2, 1.3 in 1.4 uporabniške postaje 1, ki so izoblikovani kot oddajna in sprejemna priprava, pri čemer se prenešeno informacijo - npr. krmilni ukaz ali merilne vrednosti - pred oddajo na prednosten način zavaruje v pripravi 2 (sl. 1) izvedbenega primera 1.1, 1.2, 1.3 ali 1.4, ki deluje kot oddajnik, in se jo po prenosu pridobi nazaj v pripravi 2 izvedbenega primera 1.1,1.2,1.3 ali 1.4, ki deluje kot sprejemnik.In a telecommunications network 30 or via a transmission device 31, e.g. transmit a control command and / or measurement values between embodiments 1.1, 1.2, 1.3 and 1.4 of user station 1, which are configured as transmitting and receiving apparatus, wherein the transmitted information - e.g. control command or measurement values - Prior to delivery, securely secured in device 2 (Fig. 1) of embodiment 1.1, 1.2, 1.3 or 1.4, which acts as a transmitter, and is retrieved after transmission in preparation of embodiment 2 1.1.1.2 , 1.3 or 1.4 acting as a receiver.

Prvi podatkovni tok 7 (sl. 1) se tvori iz podatkovnih paketov W , ki po številu obsegajo e enako dolgih podatkovnih besed W1-\Ve z besedno dolžino L. Če uporabniška postaja 1 deluje kot oddajnik, se v prvi transformacijski verigi 15 informacijo prvega podatkovnega toka 7 zavaruje po paketih, pri čemer se drugi podatkovni tok 9, ki obsega zavarovano informacijo, tvori iz podatkovnih paketov p ki po številu obsegajo f enako dolgih podatkovnih besed Y1-Yf z besedno dolžino L. S pomočjo izhodnega modula se drugi podatkovni tok 9 posreduje uporabniški postaji 1, ki deluje kot sprejemnik, pri čemer izhodni modul 5 izvaja funkcije, ki so potrebne za prenašanje, kot so npr. prilagajanje na prenosni kanal, moduliranje in krmiljenje povezave.The first data stream 7 (Fig. 1) is formed from data packets W, which in number consist of e equally long data words W 1 - \ V e with word length L. If user station 1 acts as a transmitter, the first transformation chain 15 the information of the first data stream 7 is secured by packets, the second data stream 9 comprising the secured information being formed from data packets p which in number comprise f equally long data words Y 1 -Y f with word length L. By means of an output module the second data stream 9 is transmitted to user station 1, which acts as a receiver, with the output module 5 performing the functions necessary for transmission, such as e.g. adapting to the transmission channel, modulating and controlling the connection.

V uporabniški postaji 1, ki deluje kot sprejemnik, je prenešeni tretji podatkovni· tok 11 na razpolago na izhodni strani vhodnega modula 4, ki izvaja funkcije, ki so potrebne za sprejem podatkov, kot so npr. prilagajanje na prenosni kanal, demoduliranje in filtriranje. Sprejeti tretji podatkovni tok 11 se tvori iz podatkovnih paketov ki po številu obsegajo f enako dolgih podatkovnih mesed Yj-Yf z besedno dolžino L. V uporabniški postaji 1, ki deluje kot sprejemnik, se s pomočjo druge transformacijske verige 16 ponovno pridobi informacijo, ki je zavarovana vsebovana v tretjem podatkovnem toku 11.In user station 1, which acts as a receiver, the transmitted third data stream 11 is available on the output side of the input module 4, which performs the functions necessary for receiving data, such as. adapting to the transmission channel, demodulating and filtering. The received third data stream 11 is formed from data packets comprising, by number, f equally long data meshes Yj-Y f with word length L. In user station 1, which acts as a receiver, information is retrieved by means of another transformation chain 16, which is secured contained in the third data stream 11.

Prednosten postopek za varovanje informacije podatkovnega paketa je predstavljen na sl. 3, iz katere je razvidno tudi ponovno pridobivanje informacije. Z oznako 2g je označena priprava 2 (sl. 1) uporabniške postaje 1, ki deluje kot oddajnik, medtem ko je z oznako 2E označena priprava 2 uporabniške postaje 1, ki deluje kot sprejemnik. Pripravi 2S in 2β, ki sta druga od druge ločeni s telekomunikacijskim sistemom 32, praviloma pripadata različnim izvedbenim primerom 1.1, 1.2, 1.3 in 1.4 (sl. 2) uporabniške postaje 1.A preferred procedure for protecting data packet information is presented in FIG. 3, which also shows the retrieval of information. The label 2 g denotes the device 2 (Fig. 1) of user station 1 acting as a transmitter, while the label 2 E indicates the device 2 of user station 1 acting as receiver. The 2 S and 2 β devices , which are separated from each other by the telecommunication system 32, generally belong to different embodiments 1.1, 1.2, 1.3 and 1.4 (Fig. 2) of user station 1.

Če se npr. postopek uporablja pri prenosu podatkovnega paketa od tretjega izvedbenega primera 1.3 na prvi izvedbeni primer 1.1, telekomunikacijski sistem 32 obsega vsaj izhodni modul 5 in priključek 3 tretjega izvedbenega primera 1.3, prenosno sredstvo telekomunikacijskega omrežja 30 kot tudi priključek 3 in vhodni modul 4 prvega izvedbenega primera 1.1.If, for example, the method uses when transferring the data packet from the third embodiment 1.3 to the first embodiment 1.1, the telecommunication system 32 comprises at least the output module 5 and the port 3 of the third embodiment 1.3, the transmission medium of the telecommunications network 30 as well as the port 3 and the input module 4 of the first embodiment 1.1 .

Priprava 2S obsega podatkovni pomnilnik 33 za pripravljanje drugega podatkovnega toka 9 iz prvega podatkovnega toka 7, medtem ko priprava 2E obsega nadaljnji podatkovni pomnilnik 34 za ponovno pridobivanje zavarovane informacije iz tretjega podatkovnega toka 11.Preparation 2 S comprises data memory 33 for preparing a second data stream 9 from the first data stream 7, while preparation 2 E comprises a further data memory 34 for retrieving secured information from the third data stream 11.

V prvem koraku postopka se zagotovi, da podatkovni paket, ki obsega podatkovne besede W -W , na vnaprej določenem mestu obsega podatkovno besedo, ki ima bitni vzorec, kije enkrat uporabljen v vnaprej določenem časovnem intervalu T na omenjenem položaju za varovanje, s čimer je enkraten časovni paket v časovnem intervalu T. Prvi korak postopka se prednostno izvaja s prvim transformacijskim blokom 17, s tem da se podatkovni paket W1 e, kije stvorjen iz podatkovnih besed W -W , dopolni z nadaljnjo podatkovno besedo CC besedne dolžine L, tako da se stvori podatkovni paket W1 f, ki obsega podatkovne besede W1-Wp pri čemer je f=e+l in se podatkovno besedo CC prednostno doda na koncu podatkovnega paketa Wx , tako da se podatkovno besedo za doseganje višje varnosti podatkovnega paketa Wx sorazmerno pozno kodira. Podatkovna beseda CC je zgrajena tako, da sejo z visoko verjetnostjo le enkrat tvori v časovnem intervalu T, ki npr. traja več dni. Prednostna zgradba podatkovne besede CC se doseže, če se podatkovno besedo CC izračuna s transformacijo Tcc iz vsaj delov datuma in urinega časa svojega generiranja.In the first step of the process, it is ensured that a data packet comprising data words W -W comprises, at a predetermined location, a data word having a bit pattern once used at a predetermined time interval T at said security position, thereby a one-time time packet in the time interval T. The first step of the process is preferably performed with the first transformation block 17 by supplementing the data packet W 1 e created from data words W -W with a further data word CC of word length L, thus to create a data packet W 1 f comprising data words W 1 -W p wherein f = e + l and preferentially adding the data word CC at the end of the data packet W x , such that the data word is used to achieve higher data security packets W x relatively late encodes. The CC data word is constructed in such a way that it forms a high probability session only once in a time interval T, e.g. lasts for several days. The preferred construction of the CC data word is achieved if the CC data word is calculated by transforming T cc from at least parts of the date and time of its generation.

V drugem koraku postopka se drugo podatkovno besedo W , ki jo je treba kodirati, razširjenega podatkovnega paketa W s transformacijo Tw, ki se jo lahko izvede z drugim transformacijskim blokom 18, tako spremeni v podatkovno besedo W1‘, da sta prvi podatkovni besedi W ki jih je treba kodirati, v obeh razširjenih podatkovnih paketih W f različni druga od druge , če se v pripravi za oddajanje v časovnem intervalu T pojavita za varovanje dva podatkovna paketa Wx , ki obsegata vsakokrat identični prvi podatkovni besedi W . Transformacija Tw drugega podatkovnega koraka je prednostno antivalenčna operacija podatkovne besede Wp ki jo je treba kodirati kot prvo podatkovno besedo, s podatkovno besedo CC, pri čemer se antivalenčno operacijo v obeh podatkovnih besedah W in CC vsakokratno uporabi na ekvivalentne bite in s prvo podatkovno besedo Wx prepiše z rezultatom W * omenjene antivalenčne operacije. Antivalenčno operacijo se v digitalni tehniki označuje tudi kot logično ekskluzivno ALI funkcijo oz. kot XOR. Praviloma je antivalenčna operacija za podatkovne besede v mikroprocesorju neposredno na razpolago kot strojni ukaz.In the second step of the process, the second data word W to be encoded of the extended data packet W with transformation T w , which can be performed with the second transformation block 18, is transformed into data word W 1 'such that the first data words W to be encoded in the two extended data packets W f are different from each other if two W x data packets, each of which are identical to the first first data word W, appear in security for transmission at time interval T. Transformation T w of the second data step is preferably an anti-valence operation of the data word W p to be encoded as the first data word, with the data word CC, using the anti-valence operation in both data words W and CC each time on equivalent bits and with the first data overwrites the word W x with the result W * of the said anti-valence operation. Anti-valence surgery is also referred to in digital technology as a logic-exclusive OR function. as XOR. As a rule, the anti-valence operation for data words in the microprocessor is directly available as a machine command.

V zapisu, ki je podoben programirnemu jeziku PASCAL in v katerem se antivalenčno operacijo označi s simbolom © , se prednostni izvedbeni primer drugega koraka postopka zapiše na naslednji način:In a record similar to the PASCAL programming language, in which the anti-valence operation is indicated by the © symbol, the preferred embodiment of the second step of the procedure is written as follows:

{Tw(W1):} © CC [Fl]{T w (W 1 ):} © CC [Fl]

Če besedna dolžina L znaša npr. štiri bite in ima podatkovna beseda CC binarno vrednost 1010, medtem ko ima prva podatkovna beseda W1 pred drugim korakom postopka binarno vrednost 1001, potem ima prva podatkovna beseda Wx* po prednostnem izvedbenem primeru drugega koraka postopka binarno vrednost 0011.If the word length L is e.g. four bits and the CC data word has a binary value 1010, while the first data word W 1 has a binary value 1001 before the second process step, then the first data word W x * has a binary value 0011 according to a preferred embodiment of the second process step.

V tretjem koraku postopka se dopolnjeni podatkovni paket Wx (kodira s prednostno uporabo Cipher-Feedback-postopka, ki je sam po sebi poznan, pri čemer se uporablja ključ Z in se podatkovno besedo W ’ najprej kodira. Prednostno se dopolnjeni podatkovni paket W f kodira s pripravo 19 za kodiranje podatkovnega paketa, pri čemer se stvori drugi podatkovni tok 9 z varovano informacijo, ki se ga lahko prenaša od komunikacijskega sistema 32 na pripravo 2E, kjer je na razpolago kot tretji podatkovni tok za ponovno pridobivanje varovane informacije.In the third step of the process, the updated data packet W x ( coded using the Cipher-Feedback procedure known in itself, using the key Z and first encoding the data word W 'is preferred. Preferably, the completed data packet W f encodes with the encoder 19 for encoding the data packet, creating a second data stream 9 with protected information that can be transmitted from the communication system 32 to the device 2 E , where it is available as a third data stream for retrieving the secured information.

S tem da se prvo podatkovno besedo W , ki jo je treba kodirati, s transformacijo Tw pred kodiranjem pretvori v podatkovno besedo W ‘, se s postopkom CipherFeedback na prednosten način tvori različne šifrirane besede, če ima več podatkovnih paketov, ki jih je treba varovati, vsakokrat identični prvi podatkovni besedi W , kar poveča varnost informacije pri prenosu.By converting the first data word W to be encoded into a data word W 'by transformation T w before encoding, the CipherFeedback process preferentially generates different encrypted words if it has multiple data packets to be encoded. to protect, in each case, identical to the first data word W, which increases the security of the transmission information.

Za ponovno pridobivanje varovane informacije je prednostno treba izvesti dva koraka, ki sta v bistvu določena s predstavljenim postopkom za varovanje informacije.In order to retrieve the protected information, it is preferable to carry out two steps, which are essentially determined by the information security procedure presented.

V prvem koraku se kodiran razširjeni podatkovni paket Y dekodira ob uporabi postopka Cipher-Feedback, pri čemer se ponovno uporabi ključ Z. Prvi korak se prednostno izvede s pripravo 22 za dekodiranje podatkovnega paketa, pri čemer se stvori sedmi podatkovni tok 25, v katerem je na razpolago razširjeni podatkovni paket W1 f z izjemo prve podatkovne besede W * kot čistopis - to se pravi, z nekodirano informacijo.In the first step, the encoded extended data packet Y is decoded using the Cipher-Feedback procedure, using the Z key again. The first step is preferably performed by preparing the 22 for decoding the data packet, creating a seventh data stream 25 in which an extended data packet W 1 f is available with the exception of the first data word W * as a clean copy - that is, with non-encoded information.

V drugem koraku se prvo podatkovno besedo W *, kar se na prednosten način izvede s ponovno uporabo transformacije Tw.In the second step, the first data word is W *, which is preferably done by reusing the transformation T w .

Z uporabo podatkovne besede CC in antivalenčne operacije, kije označena z φ, se drugi korak glasi:Using the CC data word and the anti-valence operation, denoted by φ, the second step is:

{Tw(w;):} Wi: = W/ Φ CC. [F2]{T w (w;):} W i: = W / Φ CC. [F2]

Prednostno se drugi korak izvaja s tretjim transformacijskim blokom 23.Preferably, the second step is performed with the third transformation block 23.

S tem da je transformacija Tw na V antivalenčna operacija z CC, se prvo podatkovno besedo Wp ki jo je treba kodirati, tako pretvori v podatkovno besedo W1*, da sta prvi podatkovni besedi W ‘, ki ju je treba kodirati, v obeh razširjenih podatkovnih paketih Wx f različni druga od druge, če v pripravo za oddajanje med časovnim intervalom T prideta za varovanje dva podatkovna paketa Wt , ki imata identični prvi podatkovni besedi Wp pri čemer se lahko podatkovno besedo W v sprejemni pripravi z uporabo transformacije Tw na W ’ lahko ponovno pridobi z malo truda.Since the transformation T w to V is an antivalence operation with CC, the first data word W p to be encoded is transformed into a data word W 1 * such that the first data words W 'to be encoded are v the two extended W xf data packets are different from each other if two data packets W t having the same first data word W p are received for transmission during the time interval T and the data word W can be received in the receiving preparation using transformation T w on W 'can regain with a little effort.

Po drugem koraku je informacija, ki jo v varovani obliki daje komunikacijski sistem 32, v podatkovnem paketu W osmega podatkovnega toka 26 na razpolago kot čistopis, pri čemer podatkovni paket W f obsega tudi podatkovno besedo CC, ki se jo lahko uporabi za preizkušanje pristnosti.In a second step, the information provided in a secure form by the communication system 32 is available as a clean copy in the data packet W of the eighth data stream 26, and the data packet W f also includes a data word CC that can be used for authentication.

Prednostno se pristnost podatkovnega paketa W ki obsega podatkovne besede W -W , ugotovi s četrtim transformacijskim blokom 24, s tem da se razloži podatkovno besedo CC.Preferably, the authenticity of the data packet W comprising the data words W -W is determined by the fourth transformation block 24 by explaining the data word CC.

V sprejemni pripravi se podatkovni paket Wx , ki obsega podatkovne besede WxW , prednostno sprejme le, če ima podatkovna beseda CC, ki dopolnjuje podatkovni paket W , vnaprej določeno vrednostno področje. Če je sprejemna priprava npr.In the receive preparation, the W x data packet comprising the W x W data words is preferably received only if the data word CC supplementing the W data packet has a predetermined value range. If the receiving device is e.g.

del električnega števca ali tarifne priprave in sprejeti podatkovni paket Wx e obsega ukaz za preklop od visoke tarife na nizko tarifo, se lahko z analizo vrednostnega področja podatkovne besede CC na prednosten način razpozna, ali je podatkovni paket W2 e pristen ali pa so ga morda tretje osebe duplicirale.part of the electrical meter or tariff preparation and the received W xe data packet comprises the command to switch from high tariff to low tariff, it may be advantageous to identify, by analyzing the value range of the CC data word, whether the W 2 e data packet is authentic or possibly third parties duplicated.

Na sl. 4 predstavljena prednostna izvedbena oblika priprave 19 za kodiranje podatkovnega paketa po postopku Cipher-Feedback ima m-stopenjski pomikalni register 35, s pomočjo katerega je na razpolago m kodiranih podatkovnih besed Yk -Y za tvorjenje kodirane podatkovne besede Yk za podatkovno besedo Wk, pri čemer velja za indeks k indeksno področje od 1 do f. S pomikalnim registrom 35 se lahko po podatkovnih besedah pomika kodirane podatkovne besede Yk-Yk +1 vsakokrat pred tvorjenjem kodirane podatkovne besede Yk+r In FIG. 4, a preferred embodiment of a Cipher-Feedback encoder 19 for encoding a data packet has an m-step scroll register 35, with which m coded data words Y k -Y are available to generate a coded data word Y k for the data word W k , with index k being the index range from 1 to f. With the scroll register 35, the coded data word Y k -Y k +1 can be scrolled through the data words each time before the coded data word Y k + r is formed .

Kodirana podatkovna beseda Yk je rezultat operacije WR ®Tk, pri čemer znamenje φ pomeni antivalenčno operacijo, izvedeno na podatkovno besedo W , in je podatkovna beseda Tk podatkovne dolžine L in je operacijo Wk φ TR za kodiranje podatkovne besede W f treba izvesti za vsako vrednost indeksa k v indeksnem področju 1 do f. Podatkovna beseda Tk je funkcijska vrednost nelinearne povezave FR kodiranih podatkovnih besed Yk j do YR :The coded data word Y k is the result of the operation W R ®T k , where the sign φ denotes an anti-valence operation performed on the data word W and is a data word T k of a data length L and is an operation W k φ T R for encoding the data word W f must be derived for each index value in the index range 1 through f. The data word T k is the functional value of the nonlinear connection F R of the coded data words Y k j to Y R :

· [F3]· [F3]

Na sl. 5 predstavljeni prednostni izvedbeni primer priprave 22 za dekodiranje podatkovnega paketa po postopku Cipher-Feedback obsega m-stopenjski pomikalni register 36, s pomočjo katerega je na razpolago m kodiranih podatkovnih besed Yfc l do Y za dekodiranje kodirane podatkovne besede YR. S pomikalnim registrom 36 so kodirane podatkovne besede Yk do Yk.m+1 premakljive po podatkovnih besedah vsakič pred dekodiranjem podatkovne besede Yk+r In FIG. 5, a preferred embodiment of Cipher-Feedback decoder 22 for decoding a data packet comprises an m-step scroll register 36, by which m coded data words Y fc l to Y are available for decoding the coded data word Y R. Scroll register 36 encodes the data words Y k through Y k . m + 1 moveable by data words each time before decoding the data word Y k + r

Nekodirana podatkovna beseda W je rezultat operacije Yk φ T , pri čemer znamenje φ predstavlja antivalenčno operacijo, kije izvedena na podatkovni besedi Yk in je podatkovna beseda TR besedne dolžine L in se operacijo YR φ Tk za dekodiranje podatkovne besede Y mora izvesti za vsako vrednost k indeksa v indeksnem področju od 1 do f. Podatkovna beseda Tk je funkcijska vrednost nelinearne povezave FR kodiranih podatkovnih besed YR 4 do YR m.The non-encoded data word W is the result of the operation Y k φ T, where the sign φ represents an anti-valence operation performed on the data word Y k and is a data word T R of word length L and the operation Y R φ T k to decode the data word Y must perform for each value of k in the index range from 1 to f. The data word T k is the functional value of the nonlinear connection F R of the coded data words Y R 4 to Y R m .

Na prednosten način je nelinearna povezava Fk uresničena z antivalenčno operacijo med vsotami, pri čemer se vsoto tvori iz naključnega števila in vsaj ene kodirane podatkovne besede Yk l oz. Yk 2 oz. Yk .In a preferred way, the nonlinear connection F k is realized by antivalence operation between sums, the sum being formed from a random number and at least one coded data word Y kl or. Y k 2 oz. Y k .

V Cipher-Feedback-postopku uporabljeni ključ Z ima p komponent, pri čemer se število p označuje tudi kot dolžino ključa. V bistvu se s povečevanjem števila p - to se pravi s povečevanjem dolžine ključa - lahko doseže večjo varnost.The Z key used in the Cipher Feedback process has p components, with p being also denoted as the key length. In fact, by increasing the number of p - that is, by increasing the length of the key - greater security can be achieved.

V nadaljnjem je podana prednostna definicija nelinearne povezave Fk, pri čemer sta oba pomikalna registra 35 in 36 trostopenjska in ima ključ Z šest komponent; torej velja p=6.The following is a preferred definition of a nonlinear connection F k , with the two shift registers 35 and 36 being three-tier and having the key Z having six components; therefore, p = 6.

Navedena povezava Fk je predvsem prednostna za izvajanje v 8-bitnem mikroračunalniku, če tudi besedna dolžina L podatkovnih besed W1-Wf podatkovnega paketa W f znaša 8 bitov. Oba pomikalna registra 35 in 36 sta prednostno izvedena s kodo, ki jo izvaja mikroračunalnik.The aforementioned link F k is preferably preferred for implementation in an 8-bit microcomputer if the word length L of the data words W 1 -W f of the data packet W f is also 8 bits. Both shift registers 35 and 36 are preferably implemented by a code executed by the microcomputer.

Iz ključa Z=(Zp Z2, Z3, Z4, Z5, Z6), katerega šest komponent Zj do Z6 so cela števila v področju od 0 do 255, se izračuna:From the key Z = (Z p Z 2 , Z 3 , Z 4 , Z 5 , Z 6 ), whose six components Zj to Z 6 are integers in the range 0 to 255, it is calculated:

prvo vrednost c4 s celoštevilčnim vrednostnim področjem [0 ... 1], ki ima vrednost bita z najvišjo valenco (najpomembnejši bit MSB) četrte ključeve komponente Z4, drugo vrednost c5 s celoštevilčnim vrednostnim področjem [0 ... lj, ki ima vrednost bita z najvišjo valenco (najpomembnejši bit MSB) pete ključeve komponente Z5, tretjo vrednost c6 s celoštevilčnim vrednostnim področjem [0 ... 1], ki ima vrednost bita z največjo valenco (najpomembnejši bit MSB) šeste ključeve komponente Z6, četrto vrednost b4 s celoštevilčnim vrednostnim področjem [0 ... 127], ki ima vrednost četrte ključeve komponente Z4 brez bita (MSB) z največjo valentnostjo, peto vrednost b5 s celoštevilčnim vrednostnim področjem [0 ... 127], ki ima vrednost pete ključeve komponente Z5 brez bita (MSB) z najvišjo valentnostjo, šesto vrednost b6 s celoštevilčnim vrednostnim področjem [0...127], ki irjia šesto ključevo komponento Z6 brez bita (MSB) z največjo valentnostjo, prvi koeficient BI po formulithe first value c 4 with an integer value range [0 ... 1] having the highest valence bit value (the most important bit of MSB) of the fourth key of component Z 4 , the second value c 5 with an integer value range [0 ... lj which has the highest valence bit value (the most important MSB bit) of the fifth key of component Z 5 , the third c 6 value with an integer value range [0 ... 1] that has the highest valence bit value (the most important MSB bit) of the sixth key of component Z 6 , the fourth value of b 4 with an integer value range [0 ... 127] having the fourth key value of component Z 4 without a bit (MSB) with the highest valence, the fifth value of b 5 with an integer value range [0 ... 127], having the value of the fifth key of component Z 5 without bit (MSB) with the highest valence, the sixth value of b 6 with an integer value range [0 ... 127] that irritates the sixth key component of Z 6 without bit (MSB) with the highest valence , the first BI coefficient of the formula

Bl:=2*b4 + 1,Bl: = 2 * b 4 + 1, [F4j [F4j drugi koeficient B2 po formuli B2:=2*b5 + 1,second coefficient B2 of formula B2: = 2 * b 5 + 1, [F5j [F5j tretji koeficient B3 po formuli B3:=2*b6 + 1,the third coefficient B3 according to the formula B3: = 2 * b 6 + 1, [F6j [F6j prvo začetno vrednost Υθ po formuli Y0: = 131 + c4,the first initial value of Υθ by the formula Y 0 : = 131 + c 4 , [F7j [F7j drugo začetno vrednost Y j po formuli Yi: = ll + c5,the second initial value Y j according to the formula Y i: = ll + c 5 , [F8j [F8j tretjo začetno vrednost Υ n po formuli Y.2:=67 + c6,the third initial value Υ n of formula Y. 2 : = 67 + c 6 , [F9] [F9] četrto začetno vrednost R1Q po formuli Rl0:=Zp the fourth initial value of R1 Q by the formula Rl 0 : = Z p [F10] [F10] peto začetno vrednost R2fl po formuli R20:=Zl the fifth initial value of R2 fl by the formula R2 0 : = Zl [Fllj [Fllj in še šesto začetno vrednost R30 po formuli R30: = Z3.and the sixth initial value of R3 0 according to the formula R3 0 : = Z 3 . [F12] [F12]

S prvo konstanto Al=65, drugo konstanto A2=5 in s tretjo konstanto A3=33 se . vsako vrednost indeksa k v indeksnem področju od 1 do f izračuna na naslednji način:With the first constant Al = 65, the second constant A2 = 5, and the third constant A3 = 33 se. calculate each index value k in the index range 1 through f as follows:

prvo naključno število Rlk, ki je omejeno na osem bitov, s pomočjo prvega generatorja naključnih števil po formulithe first random number Rl k limited to eight bits by the first random number generator according to the formula

Rlk: = [Al*Rlk.1 + Bl]mod256I [F13] drugo naključno število R2k, ki je omejeno na osem bitov, s pomočjo drugega generatorja naključnih števil po formuliRl k : = [Al * Rl k . 1 + Bl] mod256I [F13] a second random number R2 k limited to eight bits by a second random number generator according to the formula

R2lt:=[A2*R2k.I+ B2]mod2J6, [F14] tretje naključno število R3k, ki je omejeno na osem bitov, s pomočjo tretjega generatorja naključnih števil po navodilu if (k mod 251) not_equal 1 thenR2 lt : = [A2 * R2 k . I + B2] mod2J6 , [F14] third random number R3 k limited to eight bits by the third random number generator according to if (k mod 251) not_equal 1 then

R3k:=[A3 * R3k l + B3]mod256 elseR3 k : = [A3 * R3 kl + B3] mod256 else

R3t:=[A3*R30 + B3]mod256 end if [F15] in končno nelinearno povezavo Fk, ki je omejena na osem bitov, po formuli Fk:-[Rlk + Tk l]moci25g © [R2k + Yk l + Yk.2]mod256 + [ΪΤ6]R3 t : = [A3 * R3 0 + B3] mod256 end if [F15] and a finite nonlinear connection F k limited to eight bits by the formula F k : - [Rl k + T kl ] power 25g © [R2 k + Y kl + Y k . 2 ] mod256 + [ΪΤ6]

Prednostna transformacija FR uporablja tri generatorje Rlk, R2k in R3k naključnih števil, ki delujejo po formulah [F13] oz. [F14] oz. [F15], ki so tako preračunani, da je najmanjši skupni mnogokratnik vseh period kar se da velik.The advantageous transformation F R uses three generators Rl k , R2 k and R3 k of random numbers acting according to the formulas [F13] or. [F14] respectively. [F15] so calculated that the smallest common multiple of all periods is as large as possible.

Po potrebi se prednostno transformacijo Fk lahko razširi z nadaljnjimi generatorji naključnih števil.If necessary, the preferential transformation F k can be extended by further random number generators.

Visoka varnost informacije v kodiranem podatkovnem paketu Y f se predvsem doseže s kombiniranjem treh korakov postopka, ki se jih lahko izvede s pripravo 2 (sl. 1), namreč, s tem daThe high security of the information in the encoded data package Y f is mainly achieved by combining three steps of the process that can be performed by preparation 2 (Fig. 1), namely that

1) se podatkovni paket W dopolni s podatkovno besedo CC in se nadalje1) the data packet W is completed with the data word CC and further

2) prvo podatkovno besedo Wp ki jo je treba kodirati, spremeni s transformacijo Tw po formuli [Fl] in da2) change the first data word W p to be coded by transforming T w by the formula [Fl] and that

3) se v Cipher-Feedback-postopku uporabi podatkovno besedo Tfc, ki se jo tvori z nelinearno transformacijo Fk iz kodiranih podatkovnih besed Yk do Yk.m+r 3) the data word T fc is used in the Cipher Feedback process, which is formed by the nonlinear transformation F k from the coded data words Y k to Y k . m + r

Opisani postopek za varovanje informacije podatkovnega paketa je, kot predvsem učinkovito prikazujejo formule [Fl] in [F16], izvedljiv s cenenimi mikroprocesorji ali mikroračunalnikom, npr. z MC68HC11 firme Motorola. Postopek se lahko prednostno uporabi tudi v telekomunikacijskih omrežjih z nezanesljivimi prenosnimi kanali, ker zaradi uporabe razširjajoče podatkovne besede CC v povezavi s transformacijo Tw prve podatkovne besede W , ki jo je treba kodirati, v podatkovno besedo Wx* lahko odpade zahtevna sinhronizacija algoritmov za kodiranje oz. dekodiranje.The procedure described above for protecting data packet information is, above all, efficiently illustrated by the formulas [Fl] and [F16], feasible with inexpensive microprocessors or microcomputers, e.g. with Motorola's MC68HC11. The process can also be advantageously used in telecommunications networks with unreliable transmission channels, because the use of the expanding CC data word in conjunction with the transformation T w of the first data word W to be encoded into the data word W x * may require complex synchronization of algorithms for coding or. decoding.

Claims (6)

PATENTNI ZAHTEVKIPATENT APPLICATIONS 1. Postopek za varovanje informacije podatkovnega paketa (W J, ki obsega več podatkovnih besed, pri prenosu med oddajno pripravo (1;2J, ki je priključena na prenosno sredstvo, in sprejemno pripravo (1;2E), ki je priključena na prenosno sredstvo, pri čemer se nekodirano informacijo podatkovnega paketa (Wj ) kodira ob uporabi Cipher-Feedbach-postopka v oddajni pripravi (1;2§) in se kodirano informacijo dekodira v sprejemni pripravi (1;2E), označene s tem, da se nekodiran podatkovni paket (W ) na vnaprej določenem mestu razširi s podatkovno besedo (CC), ki ima bitni vzorec, ki je v vnaprej določenem časovnem intervalu (T) na mestu za varovanje enkratno uporabljen, s čimer se v časovnem intervalu (T) tvori enkraten razširjen podatkovni paket (W ), da se dopolnjeni podatkovni paket (W f) v enako dolgih enotah zaporedno kodira oz. dekodira ob uporabi Cipher-Feedback-postopka, pri čemer je vsakič-ena enota ena podatkovna beseda (W ; Y ), in da se prva podatkovna beseda (W ), ki jo je treba kodirati, razširjenega podatkovnega paketa (W f) s transformacijo tako spremeni, da sta prvi podatkovni besedi (W ), ki ju je treba kodirati v obeh dopolnjenih podatkovnih paketih (W f) različni druga od druge, če gledano v oddajno pripravo (1;2J v časovnem intervalu (T) dospeta v varovanje dva podatkovna paketa (W J, ki imata vsakokrat identični prvi podatkovni besedi (W ).1. A method for protecting information of a data packet (WJ comprising several data words when transferring between a transmitting device (1; 2J connected to a transmission means) and a receiving device (1; 2 E ) connected to a transmitting means , wherein the non-encoded information of the data packet (Wj) is encoded using the Cipher-Feedbach process in the broadcast device (1; 2 § ) and the encoded information is decoded in the receiving device (1; 2 E ), characterized in that it is uncoded the data packet (W) is expanded at a predetermined location by a data word (CC) having a bit pattern that is used once at a predetermined time interval (T) at the security location, thereby forming a unique one at a time interval (T). an expanded data packet (W) that the completed data packet (W f ) is sequentially encoded or decoded in equally long units using the Cipher-Feedback process, each time being one unit being one data word (W; Y), and that the first data word (W ) to be encoded, transforms the extended data packet (W f ) so that the first data words (W) to be encoded in the two completed data packets (W f ) are different from each other if viewed two data packets (WJ having identical identical first data words (W)) are matched to the transmitter (1; 2J at time interval (T)). 2. Postopek po zahtevku 1, označen s tem, da se kodirano podatkovno besedo (YJ tvori z antivalenčno operacijo nekodirane podatkovne besede (WJ in nadaljnje podatkovne besede (TJ, pri čemer se nadaljnjo podatkovno besedo (TJ tvori z nelinearno povezavo (FJ določenega števila (m) kodiranih podatkovnih besed (Yk4, Υ.,.-,Υ. ).A method according to claim 1, characterized in that the encoded data word (YJ is formed by the anti-valence operation of the non-encoded data word (WJ and further data words (TJ, where a further data word (TJ is formed by a nonlinear connection (FJ of a certain number (m) coded data words (Y k4 , Υ., .-, Υ.). 3. Postopek po zahtevku 2, označen s tem, da se nelinearno povezavo (FJ izvede z antivalenčnimi operacijami med vsotami, pri čemer se vsoto tvori iz naključnega števila (Rlk; R2k; R3 J in vsaj ene kodirane podatkovne besede (Ykl; Yk.25-\.m)·Method according to claim 2, characterized in that it is a nonlinear connection (FJ is performed by anti-valence operations between sums, the sum being formed from a random number (Rl k ; R2 k ; R3 J and at least one coded data word (Y kl ; Y k . 2 5 - \. M) · 4. Postopek po enem izmed predhodnih zahtevkov, označen s tem, da se enkrat uporabljeni podatkovni vzorec podatkovne besede (CC), ki dopolnjuje podatkovni paket (W ), tvori iz trenutnega datuma in urinega časa.Method according to one of the preceding claims, characterized in that the once used data word pattern (CC), which complements the data packet (W), is formed from the current date and time. 5. Postopek po enem izmed predhodnih zahtevkov, označen s tem, da se v oddajni pripravi prva podatkovna beseda (WJ, ki jo je treba kodirati, spremeni z antivalenčno operacijo s podatkovno besedo (CC), ki dopolnjuje podatkovni paketMethod according to one of the preceding claims, characterized in that the first data word (WJ to be encoded) is modified in the broadcast by modifying the anti-valence operation with the data word (CC) supplementing the data packet 6. Priprava za varovanje informacije podatkovnega paketa (Wj ), ki obsega več podatkovnih besed, pri prenosu med oddajno pripravo (1; 2J, ki je priključena na prenosno sredstvo, in sprejemno pripravo (1; 2£), ki je priključena na prenosno sredstvo, pri čemer se ob uporabi Cipher-Feedback-postopka v oddajni pripravi (1; 2S), kodira nekodirano informacijo in se v sprejmni pripravi (1; 2E) dekodira kodirano informacijo, označena s tem, da pomnilniška enota (14) obsega ključ (Z) in daje pomnilnik (33) vsebovan v transformacijski verigi (15) s prvim transformacijskim blokom (17) pred drugim transformacijskim blokom (18) in s pripravo (19), ki je priključena za drugim transformacijskim blokom (18) in je povezana s pomnilniško enoto (14), za kodiranje podatkovnih paketov ob uporabi ključa (Z), pri čemer se podatkovni paket (W ) lahko dopolni s prvim transformacijskim blokom (17) za podatkovno besedo (CC), ki ima bitni vzorec, ki je enkrat uporabljen v vnaprej določenem časovnem intervalu (T) za varovanje, in da je prva podatkovna beseda (W ), ki jo je treba kodirati, podatkovnega paketa (W ) spremenljiva z drugim transformacijskim blokom (18) s pomočjo antivalenčne operacije s podatkovno besedo (CC), ki dopolnjuje podatkovni paket (W ), in se lahko s pripravo (19) izvede Cipher-Feedback-postopek.6. A device for protecting information of a data packet (Wj) comprising several data words during transmission between a transmitting device (1; 2J connected to a portable means and a receiving device (1; 2 £ ) connected to a portable device means encoding the non-encoded information using a Cipher-Feedback process in the transmitter (1; 2 S ) and decoding the encoded information in the receiving device (1; 2 E ), characterized in that the memory unit (14) comprises a key (Z) and providing the memory (33) contained in the transformation chain (15) with the first transformation block (17) in front of the second transformation block (18) and with a device (19) connected behind the second transformation block (18), and is coupled to a memory unit (14) for encoding data packets using a key (Z), wherein the data packet (W) can be supplemented with a first data block (17) for a data word (CC) having a bit pattern that is used once at a predetermined time the security interval (T), and that the first data word (W) to be encoded of the data packet (W) is variable with the second transformation block (18) by means of an anti-valence operation with the data word (CC) supplementing data packet (W), and a Cipher-Feedback process can be performed by preparation (19).
SI9400439A 1993-12-14 1994-12-14 Process and device for secure an information data packet SI9400439A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP93810875A EP0658996B1 (en) 1993-12-14 1993-12-14 Method and apparatus to secure the information of a data packet

Publications (1)

Publication Number Publication Date
SI9400439A true SI9400439A (en) 1995-06-30

Family

ID=8215089

Family Applications (1)

Application Number Title Priority Date Filing Date
SI9400439A SI9400439A (en) 1993-12-14 1994-12-14 Process and device for secure an information data packet

Country Status (5)

Country Link
EP (1) EP0658996B1 (en)
AT (1) ATE191110T1 (en)
DE (1) DE59309987D1 (en)
DK (1) DK0658996T3 (en)
SI (1) SI9400439A (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102014017671B4 (en) * 2014-11-28 2021-03-04 Diehl Defence Gmbh & Co. Kg Procedure for securing networked systems
US11764805B2 (en) 2021-10-06 2023-09-19 Samsung Display Co., Ltd. System and method for transition encoding with reduced error propagation

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5001752A (en) * 1989-10-13 1991-03-19 Fischer Addison M Public/key date-time notary facility

Also Published As

Publication number Publication date
EP0658996A1 (en) 1995-06-21
DK0658996T3 (en) 2000-10-16
DE59309987D1 (en) 2000-04-27
ATE191110T1 (en) 2000-04-15
EP0658996B1 (en) 2000-03-22

Similar Documents

Publication Publication Date Title
US4160120A (en) Link encryption device
US4172213A (en) Byte stream selective encryption/decryption device
US5483598A (en) Message encryption using a hash function
US5148485A (en) Encrypton system for digital cellular communications
US5594797A (en) Variable security level encryption
US6879689B2 (en) Stream-cipher method and apparatus
CA1258305A (en) Encryption/decryption system
JP3798031B2 (en) How to send and receive personal programs
US5355412A (en) Identifying secret data messages in a one-direction multipoint network
CA2305264A1 (en) Method and apparatus for generating a stream cipher
RU2000104503A (en) MULTIPLE ACCESS CODING USING FOLDED SEQUENCES FOR MOBILE RADIO SYSTEMS
US6430230B1 (en) Methods of encoding payload bits for transmission
CA2347011A1 (en) Apparatus and methods for cryptographic synchronization in packet based communications
CA2441392A1 (en) Encrypting apparatus
JPH09120260A (en) Method for encryption or decoding
EP0858696A1 (en) Cryptosystem for optical storage
WO2000070818A1 (en) Multiple number base encoder/decoder using corresponding xor
SI9400439A (en) Process and device for secure an information data packet
US7587046B2 (en) Method and apparatus for generating keystream
JP2009528006A (en) Method and apparatus for encryption of synchronous stream ciphers with reserved code
CN101882991B (en) Communication data stream encryption method based on block cipher
Kaushik et al. Block encryption standard for transfer of data
JPH04360438A (en) Data transmission method
JPH06311157A (en) Privacy transmission system
Morrison et al. Novel Implementation of a Keyless Concurrent Codes Spread-Spectrum (CCSS) Jam-Resistant Method in GNU Radio