WO1988001119A1 - Data encipherment - Google Patents

Data encipherment Download PDF

Info

Publication number
WO1988001119A1
WO1988001119A1 PCT/GB1987/000557 GB8700557W WO8801119A1 WO 1988001119 A1 WO1988001119 A1 WO 1988001119A1 GB 8700557 W GB8700557 W GB 8700557W WO 8801119 A1 WO8801119 A1 WO 8801119A1
Authority
WO
WIPO (PCT)
Prior art keywords
algorithm
bit
bits
data
key
Prior art date
Application number
PCT/GB1987/000557
Other languages
French (fr)
Inventor
John Philip Chambers
Derek Thomas Wright
Original Assignee
British Broadcasting Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by British Broadcasting Corporation filed Critical British Broadcasting Corporation
Publication of WO1988001119A1 publication Critical patent/WO1988001119A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI

Definitions

  • the DES standard defines an algorithm based upon five bit- permutation operations and eight substitution tables.
  • the bit permutation tables are themselves each defined by a table which lists, for each output bit, the bit number of the corresponding input bit. An output bit cannot be fed from more than one input bit but it is possible for two or more output bits to be fed from the same input bit (this is known as an expanded permutation) or for some input bits to not be used at all (a permuted choice).
  • substitution tables and the tables defining the bit permutations would be stored as data constants in read only memory.
  • a data cipherment method and apparatus for converting a block of input bits into a block of output bits, in which data is subjected to the operation of an algorithm defining a plurality of bit-permutation and/or substitution operations selected under the control of a key of substantial length, in which the operations available for selection by the key can be changed in response to operation-control data obtained from an external source.
  • cipherment is used to cover both encipherment and decipherment.
  • the substitution and bit-permutation tables are stored in read/write memory so that they can be loaded with data obtained from an external source.
  • the source may involve the use of transmission techniques such as teletext or videotex (Prestel) or input techniques such as card readers, bar code readers, or direct keyboard input.
  • transmission techniques such as teletext or videotex (Prestel)
  • input techniques such as card readers, bar code readers, or direct keyboard input.
  • the data for modifying the table contents could be carried over the chosen transport channel enciphered by a further algorithm and key at a higher level of security. It could alternatively be carried by mechanical or physical methods (e.g. punched cards, magnetic cards, printed bar codes, typewritten numbers) and distributed by post or courier. Also a point-to-point electrical connection could be used (landline or telephone).

Abstract

Data encipherment and decipherment is achieved by converting blocks of input bits into blocks of output bits. The input bits are subjected to the operation of an algorithm, such as in accordance with the DES standard, involving a plurality of bit-permutation and/or substitution operations selected under the control of a key of substantial length. In the invention the operations available for selection by the key are changed in response to operation-control data received from an external source such as one involving the use of teletext or videotext, or using card or bar code readers, or direct keyboard input.

Description

DATA ENCIPHERMENT
BACKGROUND OF THE INVENTION
This invention relates to a data encipherment apparatus and method which converts a block of input bits into a block of output bits under the control of a key of substantial length.
Several data encryption algorithms have been defined where the input data is converted into output data by passing it through a succession of bit-permutation operations (re-arranging the order of the bits in the data word) and substitution tables (groups of bits are used to address tables which produce new bit patterns). Typical algorithms have input and output words of 64 bits and are controlled by a key of up to 64 bits in length. The exact process of the conversion depends in each case not only on a key variable which acts upon the data path, but also upon the definitions of the bit permutations and substitution tables around which the algorithm is constructed.
One example of such an encryption method is known as DES and published by U.S. National Bureau of Standards, "Data Encryption Standard", Federal Information Processing Standards Publication 46 (January 15, 1977). This specification assumes a knowledge of this standard.
The DES standard defines an algorithm based upon five bit- permutation operations and eight substitution tables. The bit permutation tables are themselves each defined by a table which lists, for each output bit, the bit number of the corresponding input bit. An output bit cannot be fed from more than one input bit but it is possible for two or more output bits to be fed from the same input bit (this is known as an expanded permutation) or for some input bits to not be used at all (a permuted choice).
In a software realisation of the algorithm the substitution tables and the tables defining the bit permutations would be stored as data constants in read only memory.
Other examples of encipherment algorithms using bit permutations and/or substitutions are to be found in our British Patent Applications Nos. 8607961 and 8610733 (International Patent (A &
Applications PCT/J87/00216 and PC 87/00266).
SUMMARY OF THE INVENTION
According to this invention we provide a data cipherment method and apparatus for converting a block of input bits into a block of output bits, in which data is subjected to the operation of an algorithm defining a plurality of bit-permutation and/or substitution operations selected under the control of a key of substantial length, in which the operations available for selection by the key can be changed in response to operation-control data obtained from an external source.
In this specification the term cipherment is used to cover both encipherment and decipherment.
Thus for example with the DES algorithm instead of storing the substitution and bit-permutation tables in read-only memory they are stored in read/write memory so that they can be loaded with data obtained from an external source. The source may involve the use of transmission techniques such as teletext or videotex (Prestel) or input techniques such as card readers, bar code readers, or direct keyboard input.
This enables the effect of the algorithm to be changed in a more drastic way than by changing the key variable alone. The changed algorithm is then no longer the defined DES algorithm but one of very many possible variants of it. The data loaded into the tables must conform to various restrictions imposed for the particular type of algorithm being modified.
BRIEF DESCRIPTION OF THE DRAWING
The invention will be described in more detail with reference to the DES algorithm as illustrated by the accompanying drawing in which the sole figure is a flow chart illustrating the logical structure of the DES algorithm.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
As the DES algorithm is itself known detailed description of the drawing is not deemed necessary, and reference should be made to the DES standard noted above. (This is reprinted with additional comment in "Cipher Systems" by H. Beker and F. Piper published by Northwood Publications 1982 ISBN 7198 2611 X). The figure in the drawing is taken from page 55 of "Security for Computer Networks" by D.W. Davies and W.L. Price published by John Wiley and Sons, ISBN 0 471 90063 X. Reference should be made to that book for a detailed description of the figure. The algorithm comprises a succession of five bit-permutation operations PCI, PC2, IP, IP-1 and E, in which the order of the bits in the data word is re-arranged, and eight substitution tables in the S boxes in which groups of bits are applied as inputs to look-up tables which produce new bit patterns. PCI and PC2 are permuted choice and E is an expanded permutation. The number of bits being processed at various points is indicated on the figure.
It is seen in the drawing that some of the operations are outlined by dashed boxes U to Z. These boxes define areas capable of external re-definition. These areas provide changeable data as follows:
Table of Changeable Data
Dashed Box Operations Words X Bits Total
U IP and IP"1 64 X 6 384
V PCI 56 X 6 336
W PC2 48 X 6 288
X E 48 X 5 240
Y P 32 X 5 160
Z S boxes 8 x 64 X 4 2048
TOTAL: 3456
Thus for the DES algorithm the total data content of all the bit- permutation and substitution tables approaches 3500 bits. This gives greater freedom for change than the existing 56-bit key variable alone.
In the absence of an external source of data for loading the tables in read/write memory, a suitable set of default values could be transferred to the read/write memory from an area of read only memory. Another possibility is for partial modification of the table contents starting with initial values obtained from read only memory.
The data for modifying the table contents could be carried over the chosen transport channel enciphered by a further algorithm and key at a higher level of security. It could alternatively be carried by mechanical or physical methods (e.g. punched cards, magnetic cards, printed bar codes, typewritten numbers) and distributed by post or courier. Also a point-to-point electrical connection could be used (landline or telephone).
In a hardware realisation of the algorithm it would be considerably more difficult to change the bit permutations under the control of external data but there is still the possiblity of modifying the contents of the substitution tables.
Similar principles to those described for use with the DES algorithm could be used to vary the algorithms the subject of our British Patent Applications Nos. 8607961 and 8610733 (International Patent Applications PCT/GB87/00216 and PCT/GB87/00266^> In the first of these the algorithm consists of a series of bit permutations dependent upon a keyword, and in the second, it consists of a repeated permutation and substitution sequence with the initial substitution pattern dependent upon a control word.

Claims

1. A method of data cipherment in which blocks of input bits are converted into blocks of output bits, comprising subjecting the input bits to the operation of an algorithm defining a plurality of bit-permutation and/or substitution operations selected under the control of a key of substantial length, and changing the operations available for selection by the key in response to operation-control data received from an external source.
2. Data cipherment apparatus for converting blocks of input bits into blocks of output bits, comprising storage means for storing bit-permutation and/or substitution tables defined by an algorithm, data conversion means for subjecting input bits to a plurality of bit-permutation and/or substitution operations defined by the tables in the storage means as selected under the control of a key of substantial length to provide the output bits; and means for changing the stored tables in response to operation-control data received from an external source.
3. Apparatus according to claim 2, in which the algorithm is based on the DES algorithm.
PCT/GB1987/000557 1986-08-08 1987-08-06 Data encipherment WO1988001119A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB8619453A GB8619453D0 (en) 1986-08-08 1986-08-08 Data encipherment
GB8619453 1986-08-08

Publications (1)

Publication Number Publication Date
WO1988001119A1 true WO1988001119A1 (en) 1988-02-11

Family

ID=10602487

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB1987/000557 WO1988001119A1 (en) 1986-08-08 1987-08-06 Data encipherment

Country Status (4)

Country Link
EP (1) EP0277186A1 (en)
JP (1) JPH01500794A (en)
GB (2) GB8619453D0 (en)
WO (1) WO1988001119A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0395618A2 (en) * 1989-04-28 1990-10-31 Emile Paul Henry Musyck Cryptographic system by blocs of binary data
US5003597A (en) * 1989-12-21 1991-03-26 Xerox Corporation Method and apparatus for data encryption
WO1999036942A1 (en) * 1998-01-19 1999-07-22 Otkrytoe Aktsionernoe Obschestvo 'moskovskaya Gorodskaya Telefonnaya Set' Method for the cryptographic conversion of binary data blocks

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2228650A (en) * 1989-01-24 1990-08-29 P C Hire Ltd A data encryption device
GB2415798A (en) * 2004-06-29 2006-01-04 Farhad Dalvi A non-deterministic secret key cipher using bit permutations

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4275265A (en) * 1978-10-02 1981-06-23 Wisconsin Alumni Research Foundation Complete substitution permutation enciphering and deciphering circuit
FR2486680A1 (en) * 1980-07-11 1982-01-15 Trt Telecom Radio Electr Coding system for digitised radio telephonic messages - uses random number generators to provide permutation plan for message data within predetermined number of memory cells
EP0202989A1 (en) * 1985-05-15 1986-11-26 Thomson-Csf Enciphering apparatus using substitutions and permutations

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SE426128B (en) * 1981-04-08 1982-12-06 Philips Svenska Ab METHOD FOR TRANSFER OF DATA MESSAGES BETWEEN TWO STATIONS, AND TRANSFER PLANT FOR EXECUTING THE METHOD
US4531020A (en) * 1982-07-23 1985-07-23 Oak Industries Inc. Multi-layer encryption system for the broadcast of encrypted information
GB2131586B (en) * 1982-12-03 1985-11-20 Burroughs Corp Autoteller systems
GB2149944A (en) * 1983-11-14 1985-06-19 Softnet Inc Software distribution
GB2154108B (en) * 1984-02-07 1987-06-03 Communications Patents Ltd Broadcasting system
JPS6120442A (en) * 1984-07-09 1986-01-29 Toshiba Corp Chargeable broadcasting system
DE3565918D1 (en) * 1984-08-10 1988-12-01 Gretag Ag Enciphering/deciphering method
US4649233A (en) * 1985-04-11 1987-03-10 International Business Machines Corporation Method for establishing user authenication with composite session keys among cryptographically communicating nodes

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4275265A (en) * 1978-10-02 1981-06-23 Wisconsin Alumni Research Foundation Complete substitution permutation enciphering and deciphering circuit
FR2486680A1 (en) * 1980-07-11 1982-01-15 Trt Telecom Radio Electr Coding system for digitised radio telephonic messages - uses random number generators to provide permutation plan for message data within predetermined number of memory cells
EP0202989A1 (en) * 1985-05-15 1986-11-26 Thomson-Csf Enciphering apparatus using substitutions and permutations

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Proceedings of the IEEE, Volume 67, No. 3, March 1979, IEEE, (New York, US), W. DIFFIE et al.: "Privacy and Authentication: an Introduction to Cryptography", pages 397-427 see page 409, left-hand column, lines 18-42; figures 11,12 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0395618A2 (en) * 1989-04-28 1990-10-31 Emile Paul Henry Musyck Cryptographic system by blocs of binary data
EP0395618A3 (en) * 1989-04-28 1992-10-21 Emile Paul Henry Musyck Cryptographic system by blocs of binary data
US5003597A (en) * 1989-12-21 1991-03-26 Xerox Corporation Method and apparatus for data encryption
WO1999036942A1 (en) * 1998-01-19 1999-07-22 Otkrytoe Aktsionernoe Obschestvo 'moskovskaya Gorodskaya Telefonnaya Set' Method for the cryptographic conversion of binary data blocks
CN100393026C (en) * 1998-01-19 2008-06-04 莫斯科戈罗德电话设备公开股份公司 Cryptographic conversion of binary data blocks

Also Published As

Publication number Publication date
GB8619453D0 (en) 1986-09-17
EP0277186A1 (en) 1988-08-10
GB8718674D0 (en) 1987-09-09
JPH01500794A (en) 1989-03-16
GB2194419A (en) 1988-03-02

Similar Documents

Publication Publication Date Title
US4751733A (en) Substitution permutation enciphering device
US5425103A (en) Variable-key cryptography system
US5008935A (en) Efficient method for encrypting superblocks of data
US5548648A (en) Encryption method and system
EP0342832B1 (en) Dynamic feedback arrangement scrambling technique keystream generator
US5479512A (en) Method and apparatus for performing concryption
US4668103A (en) Polygraphic encryption-decryption communications system
EP1193665B1 (en) Block encryption device using auxiliary conversion
US5231662A (en) Method and device for enciphering data to be transferred and for deciphering the enciphered data, and a computer system comprising such a device
US5253294A (en) Secure transmission system
US5261003A (en) Data communication system and method with data scrambling
WO2000070819A1 (en) Cryptographic engine using base conversion, logic operations and prng in data arrays to increase dispersion in ciphertext
EP0421754A2 (en) Block substitution based encryption by a modulo 2 addition method and apparatus
WO1988001119A1 (en) Data encipherment
EP0647034B1 (en) A variable word length code decoding method, and a decoder for performing the same
US4177355A (en) Array device for data scrambling
CN113095042B (en) Character string encryption method, system, device and storage medium
US4488001A (en) Intellectual properties protection device
US7352860B2 (en) Method of encipherment by permutations of fixed-length sequences
KR970005596B1 (en) Method for encrypting and decryting digital information
EP0035048B1 (en) Cipher system using a variant key matrix
EP0411712B1 (en) Method and device for enciphering data to be transferred and for deciphering the enciphered data, and a computer system comprising such a device
GB2612125A (en) Identifier generation
EP1179243A1 (en) Cryptographic engine using base conversion, logic operations and prng in data arrays to increase dispersion in ciphertext
KR20000066704A (en) Chaos ciphering and decoding system for digital data

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE FR GB IT LU NL SE

WWE Wipo information: entry into national phase

Ref document number: 1987905233

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1987905233

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1987905233

Country of ref document: EP