WO2002025866A2 - Apparatus, system and method for validating integrity of transmitted data - Google Patents

Apparatus, system and method for validating integrity of transmitted data Download PDF

Info

Publication number
WO2002025866A2
WO2002025866A2 PCT/US2001/028658 US0128658W WO0225866A2 WO 2002025866 A2 WO2002025866 A2 WO 2002025866A2 US 0128658 W US0128658 W US 0128658W WO 0225866 A2 WO0225866 A2 WO 0225866A2
Authority
WO
WIPO (PCT)
Prior art keywords
message digest
data
truncated
accordance
value
Prior art date
Application number
PCT/US2001/028658
Other languages
French (fr)
Other versions
WO2002025866A3 (en
Inventor
James A. Reeds
Wen-Ping Ying
Original Assignee
At & T Corp.
At & T Wireless Services, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by At & T Corp., At & T Wireless Services, Inc. filed Critical At & T Corp.
Priority to AU2001292650A priority Critical patent/AU2001292650A1/en
Publication of WO2002025866A2 publication Critical patent/WO2002025866A2/en
Publication of WO2002025866A3 publication Critical patent/WO2002025866A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/20Manipulating the length of blocks of bits, e.g. padding or block truncation

Definitions

  • the invention relates in general to communication systems and more specifically to methods and systems for validating the integrity of transmitted data.
  • Conventional cora-nui-ication systems utilize encryption or enc ⁇ phe ⁇ nent techniques for several purposes including authentication, key distribution, secure data transmissions and non-repudiation.
  • Data is often encrypted using a key, transmitted through a communication channel, and decrypted (deciphered) at a receiver using another key.
  • Encryption provides security by using an encryption code to mask the data contained in a transmission.
  • a decryption code is used at the receiving end to decode or decrypt the transmitted message to obtain the original data.
  • the decryption code used at the receiving end must be applied to the incoming transmitted data stream in an appropriate timing and order. If the decryption code is n t synchronized to the encryption code, the data cannot be decrypted properly.
  • encryption methods may provide for secrecy for the transmitted data by requiring a key to decode the message, encryption does not necessarily prevent tampering of the data by third parties. Further, encryption does not always provide an indication that the data has not been received as transmitted. For many encryption schemes, the integrity of the transmitted data must be validated using an additional mechanism or process.
  • Message digests are used to secure the integrity of data but do not typically provide secrecy- Message digest methods allow a communication system to determine whether a data in a transmitted message has been manipulated or corrupted, either intentionally by an unscrupulous party or due to system errors.
  • a hash function is applied to a bit string allowing a message digest, also known as checksum, to be calculated based on the bit string.
  • a checksum or message digest is data used for error checking. The checksum is calculated by the sending computer based on an algorithm that counts bits going out in a packet. The check digit is attached as a tail to the packet.
  • the receiving computer applies the same algorithm and if the calculated check digit is the same as the one received, the transmission is determined to be successful.
  • a mismatch may indicate that the message digest has been applied incorrectly. For example, a mismatch will occur if the encryption codes are not synchronized.
  • the present invention provides a system an method of using a minimal amount of bandwidth in data integrity validatton.
  • the integrity of transmitted data is validated using a truncated message digest value included in selected data packets.
  • a message digest value is calculated for a selected set of data and truncated to form a truncated message digest value.
  • the truncated message digest value is appended to an encrypted form of the selected data set to form an encrypted data packet. Accordingly, only some of the encrypted data packets include a truncated message digest value corresponding to the data payload within the data packet. In the exemplary embodiment, however, a message digest value is calculated for every data packet although only selected packets include the truncated message digest value.
  • the encrypted data packets are received at the receiver where the truncated message digest values are extracted from the selected data packets to separate the encrypted data from the received truncated message digest values.
  • the encrypted data is decrypted to produce raw data that is used to calculate a local message digest value.
  • the calculated local message digest value is truncated and compared to the received truncated message digest value. If the values are not equal, an error is detected and the system is reset. Losses in synchronization of the stream cipher and cryptographical attacks are detected by observing the periodically transmitted cryptographic message digest values.
  • Fig. 1 is a block diagram of a communication system in accordance with an exemplary embodiment of the invention.
  • Fig.2 is a block diagram of a transmitter in accordance with the exemplary embodiment of the invention.
  • Fig. 3 is a block diagram of a receiver in accordance with the exemplary embodiment of the invention.
  • Fig.4 is a flow chart f a method of transmitting a signal in accordance with the exemplary embodiment of the invention.
  • Fig.5 is a flow chart of a method of receiving a signal in accordance with the exemplary embodiment of the invention.
  • a truncated checksum called a "message digest value" is periodically transmitted with only selected data packets, minimizing the bandwidth utilized for synchronization and validation.
  • Bandwidth efficiencies are gained by sending a smaller truncated version of a larger message digest while data integrity is maintained by using the complete message digest string for calculations. By transmitting a value (such as a truncated message digest value) representing the message digest less frequently than the rate of packet transmission, bandwidth use is further reduced.
  • Fig. 1 is a block diagram of communication system 100 suitable for implementing the exemplary embodiment of the invention.
  • the communication system 100 is a fixed wireless system providing communication services to subscriber premises through a communication channel 102.
  • a base Station 104 includes a transmitter 106 and a receiver 108 in addition to other circuitry, hardware and software (not shown) required to perform the functions described herein.
  • a remote unit 110 located at the subscriber premises includes a receiver 112 for receiving signals transmitted from the transmitter 106 in the base station 104 and a transmitter 114 for transmittmg signals to the receiver 108 at the base station 104-
  • the communication system 100 may include several remote units 110 and may have any one of a variety of configurations.
  • data to be received by the remote unit 110 is encrypted in the base station 104 and transmitted through a wireless communication channel 102.
  • the communication system 100 is a fixed wireless system in the exemplary embodiment, those skilled in the art will recognize that the teachings herein can be applied to Other types of communication systems and the present invention is not limited to wireless systems or wireless communication channels.
  • the transmitter 106 within the base station 104 includes a controller 118 such as a processor, microprocessor or any other processor arrangement.
  • Software code running on the controller 1 IS facilitates the overall functionality of the transmitter 106 in addition to the encryption and transmission functions described herein.
  • circuitry within the transmitter 106 may be implemented as part of the receiver 108, The controller 118, for example, may facilitate the operation of the receiver 108 in the base station 104.
  • data is transmitted from the base station 104 to the remote units 110 on the forward communication channel and from the remote units 110 to the base station 104 on the reverse communication channel.
  • the receiver 112 in the remote unit 110 includes a controller 120 in addition to analog circuitry 122 such as antennas, amplifiers, mixers, control circuits and other components.
  • the controller 120 may be a processor, microprocessor or any other processor arrangement or combination suitable for running software code that facilitates the overall functionality of the remote unit 110 in addition to the decryption and receiver functions described herein.
  • the controller 120 may facilitate the operation of the transmitter 114 in addition to other tasks in the remote unit 110.
  • FIG. 2 is a pictorial representation of a data flow of the data integrity validation process performed in the transmitter 106. In the exemplary embodiment, a similar procedure is performed at the remote unit 110 for data 202 that is transmitted from the remote unit 110 to the base station 104.
  • the encryption and data integrity validation techniques can be applied to a variety of communication and data systems.
  • the data validation process utilizes a message digest generator 204 and an encryption engine 206.
  • the encryption and validation functions are performed using software code running on the controller, the various functional blocks described below may be implemented either solely in or in any combination of hardware, software, or firmware.
  • data 202 to be transmitted from the transmitter 106 to the receiver 112 is received by an encryption engine 206 and a message digest generator 204.
  • the encryption engine 206 encrypts the data 202 using a forward cipher key 208 to produce an encrypted payload portion 210 of an encrypted data packet 212.
  • the message digest generator 204 creates a current message digest value 214 using the data 202, a previous message digest value 216 calculated for a previous set of data 202 and a message digest key 218.
  • the current message digest value 214 is truncated to produce a truncated message digest value 220 that is appended to the encrypted payload 210 of selected encr ted data packets 212.
  • a high level of data integrity is maintained since the current 214 and previous message digest values 216 are maintained as sufficiently long hash values while the bandwidth used for data integrity validation is minimized by sending only a portion of the current message digest value 214 for each packet. Bandwidth use is further reduced by sending the truncated message digest value 220 periodically with only selected packets.
  • the data 202 to be transmitted from the base station 104 to the remote unit 110 may include a variety of information or control messages and is received by the encryption process as a continuous bit stream in the exemplary embodiment.
  • the data 202 may be received in a variety of formats.
  • the raw data 202 may be arranged into packets or may include some level of error correction.
  • the same data is forwarded to the encryption engine 206 and the message digest generator 204.
  • the encryption engine 206 uses RC4 cipher stream encryption techniques to apply a forward cipher key 208 to incoming data 202 to produce the encrypted payload 210 for an encrypted data packet 212.
  • the encryption engine 206 may use any other suitable stream cipher or block cipher encryption technique.
  • Other cipher stream techniques include exclus ⁇ ve-or or modular addition with the output of a linear feedback shift register and block ciphers used in an output feedback mode or counter mode.
  • block cipher techniques may have some level of data integrity validation inherit to the block cipher encryption scheme, the present invention may be utilized with block ciphers that may or may not have additional or inherent data validation mechanisms.
  • suitable block ciphers include DES, 3DES, IDEA, Skipjack, FEAL, and AES.
  • the message digest generator 204 performs a hash function in accordance with MD5 techniques using the data 202, a previous message digest value 216 and a message digest key 218.
  • the MD5 message digest technique provides a one-way hash function using an algorithm.
  • a current message digest value 214 is produced by manipulating the incoming data 202 to form a fixed string of digits defining a message digest 214.
  • the message digest 214 is used as a checksum to validate data 202.
  • Other types of hash functions may be used to provide a hash value representing the data 202. Examples of other suitable hash functions include SHA-1, MD4, and RIPEM .
  • the message digest generator 204 and the encryption engine 206 may utilize algorithms and techniques not yet developed in other embodiments of the invention.
  • the message digest generator 204 performs the appropriate calculations using the complete bit strings representing the current message digest value 14 and the previous message digest value 216 although a truncated version 220 is used in the encrypted data packet 212.
  • a message digest key 218 is used at the transmitter 114 and the receiver 108 to generate the current message digest 214.
  • the message digest key 218 may be generated and communicated to the receiver 108 using any one of several known techniques.
  • the message digest key 218 may be chosen at the beginning of the communication session, as part of a session establishment procedure.
  • the message digest key 218 may be established and implemented within the various devices of the system 100 at the time of manufacturing, installation or service initialization. If a message digest key is chosen at the transmitter, the message digest key 218 is sent to the receiver 108 using a secure channel.
  • a series of message digest keys 218 may be locally stored at the base station 104 and remote unit 110 at the time of installation of the system. Further, the message digest key 218 may be transmitted to the receiver 108 through a secure wireless communication channel 102 using encryption and other forms of security techniques.
  • the current message digest 214 is calculated using a previous digest message value 216 calculated for a previous set of data 202.
  • the previous message digest 216 used for calculating the current message digest 1 is the message digest 214 immediately preceding the current message digest 214.
  • the previous message digest 216 may be a predetermined number of values preceding the current value and may be a dynamically varying number of values preceding the current value. Since the system continually calculates current message digests 214 based on the previous message digest 216, each message digest may be inherently based on any number of previous message digests 216.
  • the current message digest 214 will be based on a large number of previous message digests 216, If, on the other hand, the system is reset, the current value will not be based on any previous message digests 216. As the system continues to transmit additional packets without disruptions (resetting), the current message digest 214 in use is inherently based on an mcreasing number of previous message digests 216.
  • Other data may be used to calculate the message digest 14, in addition to the parameters discussed above. Additional suitable parameters and data include unique packet numbers identifying each packet and channel identifier tokens identifying packets as belonging to a session. Those skilled in the art will recognize other parameters that may be used for calculating the message digests and the modifications and combinations to the data to provide the desired message digest calculation scheme,
  • a message digest table 224 includes at least the previous message digest 16 and may store any number of previous message digests 216. As new current message digests 214 are calculated, the message digests ( 14, 16) are stacked within the message digest table 224 in accordance with known techniques-
  • the current message digest 214 produced by the message digest generator 204 is truncated by the truncator 222.
  • the truncator 222 forms a truncated message digest value 220 by extracting the first four bytes of the current message digest 214.
  • a compression scheme for example, may be used to form a shorter version of the current message digest 214.
  • a cyclic redundancy checksum CRC can be used to form the truncated message digest value 220.
  • the truncated message digest value 220 is appended to a selected payload to form an encrypted data packet 212.
  • the truncated message digest value 220 is illustrated using dashed lines to illustrate that the truncated message digest value 220 is not incorporated in every encrypted data packet 212.
  • some of the encrypted data packets 212 do not include the truncated message digest value 220 and comprise only the encrypted payload 210 and possibly message information or control data 202,
  • the truncated message digest values 220 therefore, ate included periodically with the selected packets.
  • the truncated message digest value 220 is 5 included every 10 data packets.
  • the truncated message digest value 220 may be included at different frequencies or patterns dependent on the particular communication system 100. The frequency at which the truncated message digest value 220 is included in the encrypted data packets 212 is dependent on the amount of bandwidth
  • the number of selected packets 212 that include the truncated message digest value 220 may be determined dynamically, allowing for an increased number of packets 212 to
  • 15 include the truncated message digest value 220 at times of increased validation and less at other times.
  • the current message digest 214 may be periodically transmitted with selected packets without truncation. Such 0 an embodiment allows limited reduction in bandwidth.
  • FIG. 3 is pictorial representation of a data flow of the data validation and decryption processes performed in the receiver 112.
  • the data integrity validation process utilizes a message digest generator 304 and a decryption engine 306.
  • the receiver data 302 validation functions are performed using software code running on the controller 120 within the receiver 112, the various functional blocks described below may be implemented either solely in or in any combination of hardware, software, or firmware-
  • the encrypted data packet 212 is received through the communication channel 102 using the appropriate circuitry 120, 122 in the receiver 112 and in accordance with known techniques.
  • a message digest extractor 30S extracts the truncated message digest value 220 from the selected received data packet 212 that includes the truncated message digest value 220. As explained above, in the exemplary embodiment, only selected data packets 212 include the truncated message digest value 220.
  • the message digest extractor 308 removes the first four bytes of the encrypted data packet 212 to separate the received truncated message digest value 220 from the encrypted payload 210.
  • the encrypted data payload 210 is decrypted in the decryption engine 306 using the forward cipher key 208 in accordance with known techniques.
  • the decryption engine 306 is a RC4 process compatible with the encryption engine 206 in the transmitter 106.
  • the message digest generator 304 calculates a current local message digest 314 based on the decrypted data 302, the message digest key 218 and a previous local message digest 316.
  • the message igest generator 304 operates as described above in reference to the message digest generator 204 in the transmitter 106 and produces identical message digests 314 as the message digest generator 206 in the transmitter 106 for the same input values.
  • the local message digests 314, 316 are maintained in a message digest table 312 that includes at least a complete string representation of the previous local message digest 316 and a complete string representation of the current local message digest 314.
  • a truncator 322 similar to the truncator 222 discussed above, truncates the current local message digest 314 to form a truncated local message digest 320.
  • the truncated local message digest value 320 is compared to the received truncated message digest value 220 in the message digest ⁇ valuator 310, If the two values are identical, no adjustment is made and the system is allowed to continue to operate.
  • the message digest evaluator 310 determines that the local truncated message digest value 320 does not match the received truncated message digest value 220, an alert is produced by the message digest evaluator 310 indicating tihat the integrity of the data 302 has been compromised.
  • the data 304 is discarded and the system 100 is reset by instructing the transmitter 106 to begin the encryption processes at a predetermined location within the crypto code stream.
  • a mismatch between the message digest values 220, 20 may result from a loss of synchronization of the crypto streams used at the transmitter 106 and receiver 112, an intentional manipulation by a third party, or transmission errors due to events at the transmitter 106, receiver 212 or within the communication channel 102.
  • the system 100 corrects for any of the above disturbances in the communication link between the transmitter 106 and the receiver 112 by resetting the crypto code stream.
  • FIG.4 is a flowchart of the method for validating the integrity of transmitted data 202 performed in the transmitter 106.
  • the encryption and validation functions performed at the sending end of the communication system 100 are implemented using software code running on a processor within the transmitter 106. Other techniques, however, may be used to perform the methods described in FIG.4 and the systems of FIGS. 2 and 3. The functions, for example, may be implemented using hardware, software, firmware or other combinations of s riilar techniques.
  • the message digest generator 204 retrieves the previous message digest 216 calculated for the last payload 210 of data 202 within the previously transmitted data packet 212.
  • the message digests 214, 216 are maintained within the message digest table 224 as described above and are easily accessible by the process performing the message digest generation. If the data validation system has been reset, no previous value will be retrieved. A default previous value can be used for the previous value when the system is reset.
  • the message digest generator 204 calculates a current message digest 214 based on data 202 to be transmitted, a message digest key 218, and the previous message digest 216,
  • the data 202 includes a fixed number of bits for transmitting within an encrypted data packet 212.
  • the message digest algorithm processes and manipulates the data 202 using the previous message digest 216 and the message digest key 218 in accordance with known techniques. As described above, the message digest generator 204 utilizes the MD5 technique for producing the current message digest 214 in the exemplary embodiment.
  • the current message digest 214 is truncated to form a truncated message digest value 220.
  • tli is first of the four bits of the bit stream are retained as the truncated message digest value 220.
  • Other methods, however, for truncating the current message digest 214 to a shortened form may be used.
  • Other bits in the bit stream may be retained as the truncated message digest value 220.
  • the four bits at the end of the bit stream may be retained as the truncated message digest value 220.
  • the data is encrypted to produce an encrypted payload 210
  • a forward cipher key 208 is used to encrypt the same raw data 202 used to generate the current message digest 214 at step 404.
  • RC4 techniques are used to encrypt the data 202, other techniques may be implemented to perform the encryption process as described above.
  • an encrypted data packet 212 is formed by appending the truncated message digest value 220 to the encrypted payload 210.
  • the truncated message digest 220 is attached to the encrypted payload as a prefix. Other methods, however, may be used to combine the two values.
  • the truncated message digest value 220 may be added as a suffix, or within a predetermined location within the encrypted data string of the encrypted payload 210.
  • the trancated message digest value 220 may be distributed at multiple locations within the encrypted data packet 212.
  • only selected packets are used to form encrypted data packets 212 that include a current message digest 214. For example, every tenth data packet includes the current message digest 214.
  • the encrypted data packet 212 is transmitted
  • the encrypted data packet 212 is modulated, amplified and transmitted through the communication channel 102 in accordance with known techniques and components,
  • FIG. 5 is a flow chart of a method performed at the receiver 112 o of validating received data 302 transmitted through the communication channel 102.
  • an encrypted data packet 212 is received at the receiver 112.
  • the encrypted data packet 212 is transmitted from the transmitter 106 in the base station 104 through the coj-omunicalion 5 channel 102 and includes at least an encrypted payload 21 . If the encrypted data packet 212 is one of the selected data packets, the encrypted data packet 212 also includes a truncated message digest value 320.
  • the truncated message digest value 320 is extracted 0 rom the encrypted data packet 212 to separate the truncated message digest value 320 from the encrypted payload 10.
  • the truncated message digest value 320 is extracted by removing the first four bytes from the data string representing the encrypted data packet 212.
  • the encrypted payload 210 is decrypted to produce the received data 302. If the received data 302 is received without error, the received data 302 will be identical to the data 202 that was transmitted by the t-ransmitter 106 as discussed above. Otherwise, the received data 302 will be different from the data 202.
  • a forward cipher key 208 is used to decrypt the data in accordance with known techniques.
  • a decryption engine 306 complementing the encryption engine 206 decrypts the encrypted payload 210 to produce the data 302.
  • the message digest generator 304 retrieves the previous local message digest 316 calculated at the receiver 112 for the previous encrypted data packet 212.
  • the message digest table 312 maintains a record of the previously calculated message digests 216 in accordance with known techniques and allows access to the message digest generator process.
  • a current local message digest 314 is calculated using the message digest key 218, the data 302 and the previous local igest 316.
  • the message digest algorithm processes and manipulates the data 302 using the previous local message digest 316 and the message digest key 21S in accordance with known techniques.
  • the message digest generator utilizes the MD5 technique for producing the local message digest 314 in the exemplary embodiment.
  • the local message digest 314 is truncated to form a truncated local message digest value 320.
  • the truncator performs the same process as the truncator in the transmitter to form a smaller representation of the local message digest value 320.
  • the first four bits of the local message digest 314 are retained as the truncated local message digest value 320.
  • other methods for reducing the size of the current message digest 314 may be used, including the last four bits of the message digest 314.
  • the truncated local message digest value 320 is compared to the truncated message digest value 220 received in the encrypted data packet 2 ⁇ 2.
  • the message digest evaluator 310 utilises known techniques to compare the two strings representing the truncated message digest values.
  • step 516 it is determined whether the message digest values match. If the values match, the system continues operating without interruption and returns to step 502 where another encrypted data packet 212 is received. If however, the truncated locally calculated message digest value 320 does not match the truncated message digest value 220 received within the encrypted data packet 212, the process continues at step 518. At step 518, the process generates an alert message notifying the system 100 that the data 302 received is not valid.
  • the crypto system may be reset using any one of various techniques. One example includes directing the lower layer to hang up from the crypto layer and informing the upper layer that the commumcation link has been compromised. Those skilled in the art will recognize the variations and modifications to this example and form other techniques for resetting the system.
  • the single step of directing the lower layer to end the call can be used.
  • the process returns to step 502 to receive another encrypted data packet 212- Therefore, in the exemplary embodiment, the transmitter 106 calculates message digest 214 for an encrypted payload 210 of selected encrypted data packets 212 using a previous message digest 216.
  • the message digest 214 is truncated and appended to the encrypted payload
  • the encrypted data packet 12 is received and separated into the encrypted payload 10 and the received truncated message digest value 220.
  • the encrypted payload 210 is decrypted to produce the received data 302.
  • the same message digest generator algorithm as used in the transmitter is applied to the received data 302 using the previous local message digest 316 and the message digest key 18.
  • the resulting local message digest 314 is truncated and compared to the received truncated message digest 220. If the values do not match, the data is considered to be corrupted and is discarded.
  • the system 100 is reset and the next encrypted data packet 212 is received.
  • bandwidth used for data integrity validation is significantly reduced by transmitting a truncated message digest value rather than a fidl-length string of the message digest
  • bandwidth is further ⁇ i-jiimized by transmitting the truncated message digest value with only a limited number of encrypted data packets 212.

Abstract

An apparatus, system and method provides validation of the integrity of transmitted data by periodically transmitting a truncated message digest value with selected encrypted data packets. A message digest is calculated for data, truncated into the truncated message digest value and appended to an encrypted payload formed by data encryption. The resulting encrypted data packet is transmitted through a communication system to a receiver. The receiver extracts the truncated message digest value and decrypts the encrypted payload to reveal the received data. A local message digest is calculated for the received data, truncated to forma a truncated local message digest value and compared to the truncated message digest value extracted from the received data packet. If the two message digest values do not match, the data integrity is considered compromised and the date is retransmitted.

Description

APPARATUS. SYSTEM AND METHOD FOR VALIDATING INTEGRITY" OF TRANSMITTED DATA
BACKGROUND OF THE INVENTION
The invention relates in general to communication systems and more specifically to methods and systems for validating the integrity of transmitted data.
Conventional cora-nui-ication systems utilize encryption or encϊpheπnent techniques for several purposes including authentication, key distribution, secure data transmissions and non-repudiation. Data is often encrypted using a key, transmitted through a communication channel, and decrypted (deciphered) at a receiver using another key. Encryption provides security by using an encryption code to mask the data contained in a transmission. A decryption code is used at the receiving end to decode or decrypt the transmitted message to obtain the original data. The decryption code used at the receiving end, however, must be applied to the incoming transmitted data stream in an appropriate timing and order. If the decryption code is n t synchronized to the encryption code, the data cannot be decrypted properly. In order to maintain accurate reception of data, techniques are used to detect an out-of-synchronization situation where the system determines that the decryption code is not properly being applied to the incoming data. Although encryption methods may provide for secrecy for the transmitted data by requiring a key to decode the message,, encryption does not necessarily prevent tampering of the data by third parties. Further, encryption does not always provide an indication that the data has not been received as transmitted. For many encryption schemes, the integrity of the transmitted data must be validated using an additional mechanism or process.
Message digests are used to secure the integrity of data but do not typically provide secrecy- Message digest methods allow a communication system to determine whether a data in a transmitted message has been manipulated or corrupted, either intentionally by an unscrupulous party or due to system errors. In one such message digest method, a hash function is applied to a bit string allowing a message digest, also known as checksum, to be calculated based on the bit string. A checksum or message digest is data used for error checking. The checksum is calculated by the sending computer based on an algorithm that counts bits going out in a packet. The check digit is attached as a tail to the packet. As the packet is received, the receiving computer applies the same algorithm and if the calculated check digit is the same as the one received, the transmission is determined to be successful. In addition to corruption and tampering, a mismatch may indicate that the message digest has been applied incorrectly. For example, a mismatch will occur if the encryption codes are not synchronized.
Conventional systems do not utilize transmission bandwidth efficiently to provide out-of-synchronization and data integrity detection. In many communication systems, transmission bandwidth is inefficiently used by transmitting synchronization information through the communication channel. In these systems, the level of integrity of the data increases with the use of bandwidth. In other words, larger or longer message digests result in more robust systems at the cost of valuable bandwidth.
SUMMARY OF THE INVENTION
What is needed in the art is a system and method of mimmizing the use of bandwidth to provide data integrity validation. The present invention provides a system an method of using a minimal amount of bandwidth in data integrity validatton.
In an exemplary embodiment of the invention, the integrity of transmitted data is validated using a truncated message digest value included in selected data packets. A message digest value is calculated for a selected set of data and truncated to form a truncated message digest value. The truncated message digest value is appended to an encrypted form of the selected data set to form an encrypted data packet. Accordingly, only some of the encrypted data packets include a truncated message digest value corresponding to the data payload within the data packet. In the exemplary embodiment, however, a message digest value is calculated for every data packet although only selected packets include the truncated message digest value.
The encrypted data packets are received at the receiver where the truncated message digest values are extracted from the selected data packets to separate the encrypted data from the received truncated message digest values. The encrypted data is decrypted to produce raw data that is used to calculate a local message digest value. The calculated local message digest value is truncated and compared to the received truncated message digest value. If the values are not equal, an error is detected and the system is reset. Losses in synchronization of the stream cipher and cryptographical attacks are detected by observing the periodically transmitted cryptographic message digest values. BRIEF DESCRIPTION OF THE DRAWINGS
Fig. 1 is a block diagram of a communication system in accordance with an exemplary embodiment of the invention.
Fig.2 is a block diagram of a transmitter in accordance with the exemplary embodiment of the invention.
Fig. 3 is a block diagram of a receiver in accordance with the exemplary embodiment of the invention. Fig.4 is a flow chart f a method of transmitting a signal in accordance with the exemplary embodiment of the invention.
Fig.5 is a flow chart of a method of receiving a signal in accordance with the exemplary embodiment of the invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
As discussed above, conventional communication systems employ inefficient encryption schemes that waste bandwidth to validate the integrity of the received data. The validation is important to detect tampering, loss of cryptographic synchronization and other transmission errors. Throughout this disclosure, the terms "'checksum" and "message digest" are used interchangeably. In the exemplary embodiment of the present invention, a truncated checksum called a "message digest value" is periodically transmitted with only selected data packets, minimizing the bandwidth utilized for synchronization and validation. Bandwidth efficiencies are gained by sending a smaller truncated version of a larger message digest while data integrity is maintained by using the complete message digest string for calculations. By transmitting a value (such as a truncated message digest value) representing the message digest less frequently than the rate of packet transmission, bandwidth use is further reduced.
Fig. 1 is a block diagram of communication system 100 suitable for implementing the exemplary embodiment of the invention. The communication system 100 is a fixed wireless system providing communication services to subscriber premises through a communication channel 102. A base Station 104 includes a transmitter 106 and a receiver 108 in addition to other circuitry, hardware and software (not shown) required to perform the functions described herein. A remote unit 110 located at the subscriber premises includes a receiver 112 for receiving signals transmitted from the transmitter 106 in the base station 104 and a transmitter 114 for transmittmg signals to the receiver 108 at the base station 104- The communication system 100 may include several remote units 110 and may have any one of a variety of configurations. As discussed below in further detail, data to be received by the remote unit 110 is encrypted in the base station 104 and transmitted through a wireless communication channel 102. Although the communication system 100 is a fixed wireless system in the exemplary embodiment, those skilled in the art will recognize that the teachings herein can be applied to Other types of communication systems and the present invention is not limited to wireless systems or wireless communication channels.
In addition to analog circuitry 116 such as antennas, amplifiers, mixers, control circuits and other components, the transmitter 106 within the base station 104 includes a controller 118 such as a processor, microprocessor or any other processor arrangement. Software code running on the controller 1 IS facilitates the overall functionality of the transmitter 106 in addition to the encryption and transmission functions described herein. As is known, circuitry within the transmitter 106 may be implemented as part of the receiver 108, The controller 118, for example, may facilitate the operation of the receiver 108 in the base station 104. In the exemplary embodiment, data is transmitted from the base station 104 to the remote units 110 on the forward communication channel and from the remote units 110 to the base station 104 on the reverse communication channel. Based on the discussion in regard to the transmission of data from the base station 104 to the remote unit 110, those skilled in the art will readily apply the teachings herein to the communication link from the remote unit 110 to the base station 104. Accordingly, in the interest of brevity, the discussion below j$ limited to the forward communication link from the base station 104 to the remote unit 110.
The receiver 112 in the remote unit 110 includes a controller 120 in addition to analog circuitry 122 such as antennas, amplifiers, mixers, control circuits and other components. The controller 120 may be a processor, microprocessor or any other processor arrangement or combination suitable for running software code that facilitates the overall functionality of the remote unit 110 in addition to the decryption and receiver functions described herein. The controller 120, for example, may facilitate the operation of the transmitter 114 in addition to other tasks in the remote unit 110. FIG. 2 is a pictorial representation of a data flow of the data integrity validation process performed in the transmitter 106. In the exemplary embodiment, a similar procedure is performed at the remote unit 110 for data 202 that is transmitted from the remote unit 110 to the base station 104. As discussed above, the encryption and data integrity validation techniques can be applied to a variety of communication and data systems. The data validation process utilizes a message digest generator 204 and an encryption engine 206. Although in the exemplary embodiment the encryption and validation functions are performed using software code running on the controller, the various functional blocks described below may be implemented either solely in or in any combination of hardware, software, or firmware. As described below in further detail, data 202 to be transmitted from the transmitter 106 to the receiver 112 is received by an encryption engine 206 and a message digest generator 204. The encryption engine 206 encrypts the data 202 using a forward cipher key 208 to produce an encrypted payload portion 210 of an encrypted data packet 212. The message digest generator 204 creates a current message digest value 214 using the data 202, a previous message digest value 216 calculated for a previous set of data 202 and a message digest key 218. The current message digest value 214 is truncated to produce a truncated message digest value 220 that is appended to the encrypted payload 210 of selected encr ted data packets 212. A high level of data integrity is maintained since the current 214 and previous message digest values 216 are maintained as sufficiently long hash values while the bandwidth used for data integrity validation is minimized by sending only a portion of the current message digest value 214 for each packet. Bandwidth use is further reduced by sending the truncated message digest value 220 periodically with only selected packets. The data 202 to be transmitted from the base station 104 to the remote unit 110 may include a variety of information or control messages and is received by the encryption process as a continuous bit stream in the exemplary embodiment. The data 202, however, may be received in a variety of formats. For example, the raw data 202 may be arranged into packets or may include some level of error correction. The same data is forwarded to the encryption engine 206 and the message digest generator 204.
In the exemplary embodiment, the encryption engine 206 uses RC4 cipher stream encryption techniques to apply a forward cipher key 208 to incoming data 202 to produce the encrypted payload 210 for an encrypted data packet 212. The encryption engine 206, however, may use any other suitable stream cipher or block cipher encryption technique. Examples of other cipher stream techniques include exclusϊve-or or modular addition with the output of a linear feedback shift register and block ciphers used in an output feedback mode or counter mode. Although many block cipher techniques may have some level of data integrity validation inherit to the block cipher encryption scheme, the present invention may be utilized with block ciphers that may or may not have additional or inherent data validation mechanisms. Examples of suitable block ciphers include DES, 3DES, IDEA, Skipjack, FEAL, and AES.
The message digest generator 204 performs a hash function in accordance with MD5 techniques using the data 202, a previous message digest value 216 and a message digest key 218. As is known, the MD5 message digest technique provides a one-way hash function using an algorithm. A current message digest value 214 is produced by manipulating the incoming data 202 to form a fixed string of digits defining a message digest 214. The message digest 214 is used as a checksum to validate data 202. Other types of hash functions may be used to provide a hash value representing the data 202. Examples of other suitable hash functions include SHA-1, MD4, and RIPEM . Due to increasing speeds of computers and the efforts of unscrupulous individuals, many current security techniques may not provide the same level of security in the future- Accordingly, new message digest techniques are continually being developed to maintain a desired level of security. Those skilled in the art will recognize that the message digest generator 204 and the encryption engine 206 may utilize algorithms and techniques not yet developed in other embodiments of the invention. In the exemplary embodiment, the message digest generator 204 performs the appropriate calculations using the complete bit strings representing the current message digest value 14 and the previous message digest value 216 although a truncated version 220 is used in the encrypted data packet 212.
In the exemplary embodiment, a message digest key 218 is used at the transmitter 114 and the receiver 108 to generate the current message digest 214. The message digest key 218 may be generated and communicated to the receiver 108 using any one of several known techniques. For example, the message digest key 218 may be chosen at the beginning of the communication session, as part of a session establishment procedure. Also, the message digest key 218 may be established and implemented within the various devices of the system 100 at the time of manufacturing, installation or service initialization. If a message digest key is chosen at the transmitter, the message digest key 218 is sent to the receiver 108 using a secure channel. For example, a series of message digest keys 218 may be locally stored at the base station 104 and remote unit 110 at the time of installation of the system. Further, the message digest key 218 may be transmitted to the receiver 108 through a secure wireless communication channel 102 using encryption and other forms of security techniques.
The current message digest 214 is calculated using a previous digest message value 216 calculated for a previous set of data 202. In the exemplary embodiment, the previous message digest 216 used for calculating the current message digest 1 is the message digest 214 immediately preceding the current message digest 214. The previous message digest 216, however, may be a predetermined number of values preceding the current value and may be a dynamically varying number of values preceding the current value. Since the system continually calculates current message digests 214 based on the previous message digest 216, each message digest may be inherently based on any number of previous message digests 216. For example, if the communication system 100 is operating for a relatively long time without an error, the current message digest 214 will be based on a large number of previous message digests 216, If, on the other hand, the system is reset, the current value will not be based on any previous message digests 216. As the system continues to transmit additional packets without disruptions (resetting), the current message digest 214 in use is inherently based on an mcreasing number of previous message digests 216.
Other data may be used to calculate the message digest 14, in addition to the parameters discussed above. Additional suitable parameters and data include unique packet numbers identifying each packet and channel identifier tokens identifying packets as belonging to a session. Those skilled in the art will recognize other parameters that may be used for calculating the message digests and the modifications and combinations to the data to provide the desired message digest calculation scheme,
A message digest table 224 includes at least the previous message digest 16 and may store any number of previous message digests 216. As new current message digests 214 are calculated, the message digests ( 14, 16) are stacked within the message digest table 224 in accordance with known techniques-
The current message digest 214 produced by the message digest generator 204 is truncated by the truncator 222. In the exemplary embodiment, the truncator 222 forms a truncated message digest value 220 by extracting the first four bytes of the current message digest 214. Those skilled in the art will recognize that other techniques may be used to form a truncated version 220 of the current message digest 214. A compression scheme, for example, may be used to form a shorter version of the current message digest 214. For example, a cyclic redundancy checksum (CRC) can be used to form the truncated message digest value 220.
The truncated message digest value 220 is appended to a selected payload to form an encrypted data packet 212. The truncated message digest value 220 is illustrated using dashed lines to illustrate that the truncated message digest value 220 is not incorporated in every encrypted data packet 212. In other words, some of the encrypted data packets 212 do not include the truncated message digest value 220 and comprise only the encrypted payload 210 and possibly message information or control data 202, The truncated message digest values 220, therefore, ate included periodically with the selected packets. In the exemplary embodiment, the truncated message digest value 220 is 5 included every 10 data packets. The truncated message digest value 220, however, may be included at different frequencies or patterns dependent on the particular communication system 100. The frequency at which the truncated message digest value 220 is included in the encrypted data packets 212 is dependent on the amount of bandwidth
I o available for data integrity vaUdation and the maximum delay allowed for determining that the integrity of the data 202 has been compromised. Further, the number of selected packets 212 that include the truncated message digest value 220 may be determined dynamically, allowing for an increased number of packets 212 to
15 include the truncated message digest value 220 at times of increased validation and less at other times.
Although in the exemplary embodiment the current message digest 214 is truncated, the current message digest 214 may be periodically transmitted with selected packets without truncation. Such 0 an embodiment allows limited reduction in bandwidth.
The encrypted data packets 212 are transmitted by the transmitter 106 through the communication channels 102 using the appropriate circuitry within the transmitter 106 in accordance with known techniques. 5 FIG. 3 is pictorial representation of a data flow of the data validation and decryption processes performed in the receiver 112. As discussed above, the decryption and data integrity validation techniques can be applied to a variety of communication and data systems. The data integrity validation process utilizes a message digest generator 304 and a decryption engine 306. Although in the exemplary embodiment the receiver data 302 validation functions are performed using software code running on the controller 120 within the receiver 112, the various functional blocks described below may be implemented either solely in or in any combination of hardware, software, or firmware-
The encrypted data packet 212 is received through the communication channel 102 using the appropriate circuitry 120, 122 in the receiver 112 and in accordance with known techniques. A message digest extractor 30S extracts the truncated message digest value 220 from the selected received data packet 212 that includes the truncated message digest value 220. As explained above, in the exemplary embodiment, only selected data packets 212 include the truncated message digest value 220. The message digest extractor 308 removes the first four bytes of the encrypted data packet 212 to separate the received truncated message digest value 220 from the encrypted payload 210.
The encrypted data payload 210 is decrypted in the decryption engine 306 using the forward cipher key 208 in accordance with known techniques. In the exemplary embodiment, the decryption engine 306 is a RC4 process compatible with the encryption engine 206 in the transmitter 106.
The message digest generator 304 calculates a current local message digest 314 based on the decrypted data 302, the message digest key 218 and a previous local message digest 316. The message igest generator 304 operates as described above in reference to the message digest generator 204 in the transmitter 106 and produces identical message digests 314 as the message digest generator 206 in the transmitter 106 for the same input values.
The local message digests 314, 316 are maintained in a message digest table 312 that includes at least a complete string representation of the previous local message digest 316 and a complete string representation of the current local message digest 314. A truncator 322 similar to the truncator 222 discussed above, truncates the current local message digest 314 to form a truncated local message digest 320. The truncated local message digest value 320 is compared to the received truncated message digest value 220 in the message digest ©valuator 310, If the two values are identical, no adjustment is made and the system is allowed to continue to operate. If, however, the message digest evaluator 310 determines that the local truncated message digest value 320 does not match the received truncated message digest value 220, an alert is produced by the message digest evaluator 310 indicating tihat the integrity of the data 302 has been compromised. In response to the alert, the data 304 is discarded and the system 100 is reset by instructing the transmitter 106 to begin the encryption processes at a predetermined location within the crypto code stream. A mismatch between the message digest values 220, 20 may result from a loss of synchronization of the crypto streams used at the transmitter 106 and receiver 112, an intentional manipulation by a third party, or transmission errors due to events at the transmitter 106, receiver 212 or within the communication channel 102. By identifying a mismatch, therefore, the system 100 corrects for any of the above disturbances in the communication link between the transmitter 106 and the receiver 112 by resetting the crypto code stream.
FIG.4 is a flowchart of the method for validating the integrity of transmitted data 202 performed in the transmitter 106. In the exemplary embodiment of the invention, the encryption and validation functions performed at the sending end of the communication system 100 are implemented using software code running on a processor within the transmitter 106. Other techniques, however, may be used to perform the methods described in FIG.4 and the systems of FIGS. 2 and 3. The functions, for example, may be implemented using hardware, software, firmware or other combinations of s riilar techniques. At step 402, the message digest generator 204 retrieves the previous message digest 216 calculated for the last payload 210 of data 202 within the previously transmitted data packet 212. The message digests 214, 216 are maintained within the message digest table 224 as described above and are easily accessible by the process performing the message digest generation. If the data validation system has been reset, no previous value will be retrieved. A default previous value can be used for the previous value when the system is reset At step 404, the message digest generator 204 calculates a current message digest 214 based on data 202 to be transmitted, a message digest key 218, and the previous message digest 216, The data 202 includes a fixed number of bits for transmitting within an encrypted data packet 212. The message digest algorithm processes and manipulates the data 202 using the previous message digest 216 and the message digest key 218 in accordance with known techniques. As described above, the message digest generator 204 utilizes the MD5 technique for producing the current message digest 214 in the exemplary embodiment.
At step 406, the current message digest 214 is truncated to form a truncated message digest value 220. In the exemplary embodiment, tliis first of the four bits of the bit stream are retained as the truncated message digest value 220. Other methods, however, for truncating the current message digest 214 to a shortened form may be used. Other bits in the bit stream may be retained as the truncated message digest value 220. For example, rather than the first four bits, the four bits at the end of the bit stream may be retained as the truncated message digest value 220.
At step 408, the data is encrypted to produce an encrypted payload 210, A forward cipher key 208 is used to encrypt the same raw data 202 used to generate the current message digest 214 at step 404. Although in the exemplary embodiment RC4 techniques are used to encrypt the data 202, other techniques may be implemented to perform the encryption process as described above.
At step 410, an encrypted data packet 212 is formed by appending the truncated message digest value 220 to the encrypted payload 210. In the exemplary embodiment, the truncated message digest 220 is attached to the encrypted payload as a prefix. Other methods, however, may be used to combine the two values. For example, the truncated message digest value 220 may be added as a suffix, or within a predetermined location within the encrypted data string of the encrypted payload 210. Further, in other embodiments the trancated message digest value 220 may be distributed at multiple locations within the encrypted data packet 212. In the exemplary embodiment, only selected packets are used to form encrypted data packets 212 that include a current message digest 214. For example, every tenth data packet includes the current message digest 214. At step 412, the encrypted data packet 212 is transmitted
5 through the communication system 100 to the remote unit. The encrypted data packet 212 is modulated, amplified and transmitted through the communication channel 102 in accordance with known techniques and components,
FIG. 5 is a flow chart of a method performed at the receiver 112 o of validating received data 302 transmitted through the communication channel 102.
At step 502, an encrypted data packet 212 is received at the receiver 112. The encrypted data packet 212 is transmitted from the transmitter 106 in the base station 104 through the coj-omunicalion 5 channel 102 and includes at least an encrypted payload 21 . If the encrypted data packet 212 is one of the selected data packets, the encrypted data packet 212 also includes a truncated message digest value 320.
At step 504, the truncated message digest value 320 is extracted 0 rom the encrypted data packet 212 to separate the truncated message digest value 320 from the encrypted payload 10. In the exemplary embodiment, the truncated message digest value 320 is extracted by removing the first four bytes from the data string representing the encrypted data packet 212. 5 At step 506, the encrypted payload 210 is decrypted to produce the received data 302. If the received data 302 is received without error, the received data 302 will be identical to the data 202 that was transmitted by the t-ransmitter 106 as discussed above. Otherwise, the received data 302 will be different from the data 202. In the exemplary embodiment, a forward cipher key 208 is used to decrypt the data in accordance with known techniques. As discussed above, a decryption engine 306 complementing the encryption engine 206 decrypts the encrypted payload 210 to produce the data 302.
At step 508, the message digest generator 304 retrieves the previous local message digest 316 calculated at the receiver 112 for the previous encrypted data packet 212. The message digest table 312 maintains a record of the previously calculated message digests 216 in accordance with known techniques and allows access to the message digest generator process.
At step 510, a current local message digest 314 is calculated using the message digest key 218, the data 302 and the previous local igest 316. The message digest algorithm processes and manipulates the data 302 using the previous local message digest 316 and the message digest key 21S in accordance with known techniques. As described above, the message digest generator utilizes the MD5 technique for producing the local message digest 314 in the exemplary embodiment.
At step 512, the local message digest 314 is truncated to form a truncated local message digest value 320. The truncator performs the same process as the truncator in the transmitter to form a smaller representation of the local message digest value 320. In the exemplary embodiment, the first four bits of the local message digest 314 are retained as the truncated local message digest value 320. As discussed above, other methods for reducing the size of the current message digest 314 may be used, including the last four bits of the message digest 314.
At step 514, the truncated local message digest value 320 is compared to the truncated message digest value 220 received in the encrypted data packet 2Ϊ2. The message digest evaluator 310 utilises known techniques to compare the two strings representing the truncated message digest values.
At step 516, it is determined whether the message digest values match. If the values match, the system continues operating without interruption and returns to step 502 where another encrypted data packet 212 is received. If however, the truncated locally calculated message digest value 320 does not match the truncated message digest value 220 received within the encrypted data packet 212, the process continues at step 518. At step 518, the process generates an alert message notifying the system 100 that the data 302 received is not valid. The crypto system may be reset using any one of various techniques. One example includes directing the lower layer to hang up from the crypto layer and informing the upper layer that the commumcation link has been compromised. Those skilled in the art will recognize the variations and modifications to this example and form other techniques for resetting the system. For example, the single step of directing the lower layer to end the call can be used. After step 518, the process returns to step 502 to receive another encrypted data packet 212- Therefore, in the exemplary embodiment, the transmitter 106 calculates message digest 214 for an encrypted payload 210 of selected encrypted data packets 212 using a previous message digest 216. The message digest 214 is truncated and appended to the encrypted payload
210 to form the encrypted data packet 212.
At the receiver, the encrypted data packet 12 is received and separated into the encrypted payload 10 and the received truncated message digest value 220. The encrypted payload 210 is decrypted to produce the received data 302. The same message digest generator algorithm as used in the transmitter is applied to the received data 302 using the previous local message digest 316 and the message digest key 18. The resulting local message digest 314 is truncated and compared to the received truncated message digest 220. If the values do not match, the data is considered to be corrupted and is discarded. The system 100 is reset and the next encrypted data packet 212 is received. The bandwidth used for data integrity validation is significantly reduced by transmitting a truncated message digest value rather than a fidl-length string of the message digest The use of bandwidth is further πi-jiimized by transmitting the truncated message digest value with only a limited number of encrypted data packets 212.
Clearly, other embodiments and modifications of this invention will occur readily to those of ordinary skill in the art in view of these teachings. Therefore, this invention is to be limited only by following claims, which include all such embodiments and modifications when viewed in conjunction with the above specification and accompanying drawings.

Claims

CLAIMS:
1. A method for forming an encrypted data product in a transmitter to be sed in data validation, the method comprising: calculating a message digest; truncating the message digest to form a truncated message digest value; encrypting the data to form an encrypted payload; and appending the truncated message digest value to the encrypted payload to form an encrypted data packet.
2. A method in accordance with claim 1, further comprising: transmitting the encrypted data packet to a receiver.
3. A method in accordance with claim 2, further comprising: calculating, at the receiver, a local message digest based on the data within the encrypted data packet; truncating the message digest to form a truncated local message digest value; and comparing the truncated message digest value to the local truncated message digest value.
4. A method in accordance with claim 3, further comprising: determining that the received data is not valid if the truncated message digest value is not the same as the local truncated message digest value.
5. A method in accordance with claim 4, further comprising: decryptjng the encrypted payload to produce decrypted received data, wherein the calculating comprises calculating the local message digest value based on the decrypted received data.
6. A method in accordance with claim 5 , further comprising: transmitting a plurality of data packets from the transmitter to the receiver wherein not every data packet contains an appended truncated message digest value.
7. A method in accordance with claim 1 , wherein calculating a message digest further comprises: calculating the message digest based on a previously calculated message digest.
8. A method in accordance with claim 7, wherein calculating a message digest further comprises: calculating the message digest in accordance with MD5 techniques.
9. A method in accordance with claim 1 , wherein encrypting the data further comprises: encrypting the data in accordance with a crypto stream encryption process.
10. A method in accordance with claim 1 , wherein encrypting the data further comprises: encrypting the data in accordance with a RC4 encryption process.
11 - A method for transmitting data in a communication system, the meihod comprising: grouping the data into a plurality of data packets; encrypting the data; calculating a message digest of the data; and transmitting at least a portion of the message digest with a selected packet of the plurality of data packets.
12. A method in accordance with claim 11, wherein calculating a message digest further comprises: calculating the message digest based on a previously calculated message digest,
13. A method in accordance with claim 11, wherein calculating a message digest further comprises: calculating the message digest in accordance with MD5 techniques,
14. A method in accordance with claim 11, wherein calculating a message digest further comprises calculating the message digest based on a message digest key.
15. An apparatus capable of providing data integrity validation comprising: a message digest generator adapted to generate a message digest based on data; a truncator adapted to truncate the message digest to produce a truncated message digest value; and an encryption engine adapted to encrypt the data to produce an encrypted payload, wherein the apparatus is adapted to append the truncated message digest value to the encrypted payload to form an encrypted data packet.
16. An apparatus in accordance with claim 15, further comprising a transmitter adapted to transmit the encrypted data packet tlirough a wireless communication channel.
17. An apparatus m accordance with claim 15, wherein the encryption engine is further adapted to produce a plurality of encrypted ata packets and to append the truncated message digest value to less than all encrypted data packets.
18. An apparatus in accordance with claim 15, wherein the message digest generator is a 5 message digest generator,
19. An apparatus in accordance with claim 15, wherein the encryption engine is a RC4 encryption engine.
20. An apparatus for providing data integrity validation comprising: a message digest generator adapted to calculate a local message digest based on data within an encrypted data packet; a truncator adapted to truncate the local message digest to produce a truncated local message digest value; and a controller adapted to compare the truncated local , message digest value to a truncated message digest value calculated at a transmitter transmitting the encrypted data packet.
21. An apparatus in accordance with claim 20, wherein the controller is further adapted to determine that the received encrypted data packet data is not valid if the truncated message digest value is not the same as the local truncated message digest value.
22. An apparatus in accordance with claim 20, further comprising: an encryption engine adapted to decrypt the encrypted data packet to produce the data.
23. An apparatus in accordance with claim 20, wherein the message digest generator is further adapted to generate the local message digest based on a previous message digest.
24. An apparatus in accordance with claim 20 wherein the message digest generator is a MD5 message digest generator.
25. A system for validity data, comprising: a transmitter message digest generator adapted to generate a message digest based on data; a transmitter truncator adapted to truncate the message digest to produce a truncated message digest value; a transmitter encryption engine adapted to encrypt the ata to produce an encrypted payload; a transmitter controller adapted to append the truncated message digest value to the encrypted payload to form an encrypted ta packet; a receiver message digest generator adapted to calculate a local message digest based on data within the encrypted data packet; a receiver truncator adapted to truncate the local message digest to produce a truncated local message digest value; and a receiver controller adapted to compare the truncated h.cal message digest value to the truncated message digest value.
26. A system in accordance with claim 25, wherein the receiver controller is further adapted to compare the truncated local message digest value to the truncated message digest value to validate the data.
27. A system in accordance with claim 26, wherein the transmitter message digest generator is a cipher stream message digest generator.
28. A method for validating data transmission, comprising: in a transmitter: truncating a message digest to form a truncated message digest value; appending the truncated message digest value to a payload; and transmitting the payload with the appended truncated message digest value to a receiver; and in the receiver: truncating a local message digest to form a truncated local message digest value; and comparing the truncated local message digest value to the truncated message digest value,
29. The method of claim 28, further comprising: retxansπiitting the payload if the truncated local message digest value and the truncated message digest value do not match.
PCT/US2001/028658 2000-09-18 2001-09-14 Apparatus, system and method for validating integrity of transmitted data WO2002025866A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001292650A AU2001292650A1 (en) 2000-09-18 2001-09-14 Apparatus, system and method for validating integrity of transmitted data

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US66457100A 2000-09-18 2000-09-18
US09/664,571 2000-09-18

Publications (2)

Publication Number Publication Date
WO2002025866A2 true WO2002025866A2 (en) 2002-03-28
WO2002025866A3 WO2002025866A3 (en) 2002-10-17

Family

ID=24666520

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/028658 WO2002025866A2 (en) 2000-09-18 2001-09-14 Apparatus, system and method for validating integrity of transmitted data

Country Status (3)

Country Link
AR (1) AR030761A1 (en)
AU (1) AU2001292650A1 (en)
WO (1) WO2002025866A2 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006085000A1 (en) * 2005-02-09 2006-08-17 Algoril Holding Method for private-key encryption of messages, and application to an installation
CN102202047A (en) * 2010-03-24 2011-09-28 通用汽车环球科技运作有限责任公司 Adaptive certificate distribution mechanism in vehicular networks using variable inter-certificate refresh period
GB2556210A (en) * 2016-11-07 2018-05-23 Ford Global Tech Llc Controller area network message authentication
CN111683036A (en) * 2020-02-29 2020-09-18 新华三信息安全技术有限公司 Data storage method and device and message identification method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5757919A (en) * 1996-12-12 1998-05-26 Intel Corporation Cryptographically protected paging subsystem
US5768526A (en) * 1996-03-08 1998-06-16 Glenayre Electronics, Inc. Method and apparatus for validating data packets in a paging system
US6085321A (en) * 1998-08-14 2000-07-04 Omnipoint Corporation Unique digital signature
EP1041767A2 (en) * 1999-03-30 2000-10-04 Fujitsu Limited Authentication of electronic data

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5768526A (en) * 1996-03-08 1998-06-16 Glenayre Electronics, Inc. Method and apparatus for validating data packets in a paging system
US5757919A (en) * 1996-12-12 1998-05-26 Intel Corporation Cryptographically protected paging subsystem
US6085321A (en) * 1998-08-14 2000-07-04 Omnipoint Corporation Unique digital signature
EP1041767A2 (en) * 1999-03-30 2000-10-04 Fujitsu Limited Authentication of electronic data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
MENEZES, VANSTONE, OORSCHOT: "Handbook of Applied Cryptography" 1997 , CRC PRESS LLC , USA XP002209606 * page 332 * page 359 -page 367 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006085000A1 (en) * 2005-02-09 2006-08-17 Algoril Holding Method for private-key encryption of messages, and application to an installation
CN102202047A (en) * 2010-03-24 2011-09-28 通用汽车环球科技运作有限责任公司 Adaptive certificate distribution mechanism in vehicular networks using variable inter-certificate refresh period
US20110238986A1 (en) * 2010-03-24 2011-09-29 Gm Global Technology Operations, Inc. Adaptive certificate distribution mechanism in vehicular networks using variable inter-certificate refresh period
US8499155B2 (en) * 2010-03-24 2013-07-30 GM Global Technology Operations LLC Adaptive certificate distribution mechanism in vehicular networks using variable inter-certificate refresh period
CN102202047B (en) * 2010-03-24 2014-07-02 通用汽车环球科技运作有限责任公司 Adaptive certificate distribution mechanism in vehicular networks using variable inter-certificate refresh period
GB2556210A (en) * 2016-11-07 2018-05-23 Ford Global Tech Llc Controller area network message authentication
US10630481B2 (en) 2016-11-07 2020-04-21 Ford Global Technologies, Llc Controller area network message authentication
CN111683036A (en) * 2020-02-29 2020-09-18 新华三信息安全技术有限公司 Data storage method and device and message identification method and device
CN111683036B (en) * 2020-02-29 2022-05-27 新华三信息安全技术有限公司 Data storage method and device and message identification method and device

Also Published As

Publication number Publication date
AR030761A1 (en) 2003-09-03
AU2001292650A1 (en) 2002-04-02
WO2002025866A3 (en) 2002-10-17

Similar Documents

Publication Publication Date Title
US20030156715A1 (en) Apparatus, system and method for validating integrity of transmitted data
US8792642B2 (en) Apparatus, system and method for detecting a loss of key stream system synchronization in a communication system
US10673829B2 (en) Method and Apparatus for Encoding Security Status Information
US8249255B2 (en) System and method for securing communications between devices
US8275997B2 (en) Method of encrypting and transmitting data and system for transmitting encrypted data
US7171552B1 (en) Encrypting information in a communications network
US5594797A (en) Variable security level encryption
EP1094634B1 (en) Automatic resynchronization of crypto-sync information
WO2007040664A2 (en) Shared key encryption using long keypads
WO2008001867A1 (en) Content data, transmitter apparatus, receiver apparatus and decrypting method
JP2007140566A (en) Efficient packet encryption method
JP2020513117A (en) Method and system for improved authenticated encryption in a counter-based cryptosystem
CN101179374B (en) Communication equipment, communications system and method therefor
EP1569379B1 (en) Method of generating a cryptosync
WO2002025866A2 (en) Apparatus, system and method for validating integrity of transmitted data
KR100551992B1 (en) encryption/decryption method of application data
US20050152550A1 (en) System for transmitting encrypted data
CN111683365A (en) Data storage method and system of block chain
Liu et al. The BCH-NTMAC for noisy message authentication
JPH11224048A (en) Ciphering device, deciphering device, and cipher communicating method
Zhang et al. Research on end-to-end encryption of TETRA
McHugh Chaffing at the bit: Thoughts on a note by ronald rivest
McHugh Chaffing at the Bit: Thoughts on
CA2552995A1 (en) Method of encrypting and transmitting data and system for transmitting encrypted data
KR20060012012A (en) Processor, method, transmitter and terminal for use in communications

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: A3

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP