Patent US5724428 - Block encryption algorithm with data-dependent rotations

A simple encryption and decryption device has been developed. The underlying algorithm is a fast block cipher that may be implemented efficiently in hardware or software. The algorithm makes heavy use of data-dependent rotations. The amount of each rotation depends on the data being encrypted and intermediate encryption results. The variables for the algorithm include word size, rounds, and the length of a secret key.

Inventor: Ronald L. Rivest
Original Assignee: RSA Data Security, Inc.
Primary Examiner: Pinchus M. Laufer
Current U.S. Classification: 380/37; 380/28; 380/43
International Classification: H04L 906

View patent at USPTO
Search USPTO Assignment Database

Citations

Cited Patent	Filing date	Issue date	Original Assignee	Title
US4078152	Apr 26, 1976	Mar 7, 1978	International Business Machines Corporation	Block-cipher cryptographic system with chaining
US4157454	Dec 19, 1977	Jun 5, 1979	International Business Machines Corporation	Method and system for machine enciphering and deciphering
US4249180	Sep 20, 1978	Feb 3, 1981	Northern Telecom Limited	Past dependent microcomputer cipher apparatus
US4255811	Mar 25, 1975	Mar 10, 1981	International Business Machines Corporation	Key controlled block cipher cryptographic system
US4724541	Jul 24, 1985	Feb 9, 1988		Data-dependent binary encoder/decoder
US5003597	Dec 21, 1989	Mar 26, 1991	Xerox Corporation	Method and apparatus for data encryption
US5054067	Feb 21, 1990	Oct 1, 1991	General Instrument Corporation	Block-cipher cryptographic device based upon a pseudorandom nonlinear sequence generator
US5214704	Aug 5, 1991	May 25, 1993	Teledyne Industries, Inc.	Nonlinear dynamic substitution devices and methods for block substitutions
US5351299	Jun 4, 1993	Sep 27, 1994	Matsushita Electric Industrial Co., Ltd.	Apparatus and method for data encryption with block selection keys and data encryption keys
US5454039	Dec 6, 1993	Sep 26, 1995	International Business Machines Corporation	Software-efficient pseudorandom function and the use thereof for encryption

Referenced by

Citing Patent	Filing date	Issue date	Original Assignee	Title
US5983252	Jan 16, 1998	Nov 9, 1999	PictureTel Corporation	Pseudo-random number generator capable of efficiently exploiting processors having instruction-level parallelism and the use thereof for encryption
US6078663	Jun 26, 1996	Jun 20, 2000	Canon Kabushiki Kaisha	Communication apparatus and a communication system
US6185304	Feb 23, 1998	Feb 6, 2001	International Business Machines Corporation	Method and apparatus for a symmetric block cipher using multiple stages
US6185679	Feb 23, 1998	Feb 6, 2001	International Business Machines Corporation	Method and apparatus for a symmetric block cipher using multiple stages with type-1 and type-3 feistel networks
US6199162	Feb 17, 2000	Mar 6, 2001		Block cipher method
US6233337	Apr 13, 1998	May 15, 2001	Lucent Technologies Inc.	Methods and apparatus for enhanced security expansion of a secret key into a lookup table for improved security for wireless telephone messages
US6249582	Dec 31, 1997	Jun 19, 2001	Transcrypt International, Inc.	Apparatus for and method of overhead reduction in a block cipher
US6259789	Dec 12, 1997	Jul 10, 2001	Safecourier Software, Inc.	Computer implemented secret object key block cipher encryption and digital signature device and method
US6269163	Jun 15, 1998	Jul 31, 2001	RSA Security Inc.	Enhanced block ciphers with data-dependent rotations
US6330678	Nov 29, 2000	Dec 11, 2001		Block cipher method
US6483918	Jun 9, 1999	Nov 19, 2002	Microsoft Corporation	Technique for producing a parameter, such as a checksum, through a primitive that uses elementary register operations
US6487294	Mar 9, 1999	Nov 26, 2002		Secure satellite communications system
US6490357	Aug 28, 1998	Dec 3, 2002	Qualcomm Incorporated	Method and apparatus for generating encryption stream ciphers
US6570988	Jun 9, 1999	May 27, 2003	Microsoft Corporation	Simple technique for implementing a cryptographic primitive using elementary register operations
US6578150	Nov 29, 2000	Jun 10, 2003		Block cipher method
US6597790	Dec 27, 1999	Jul 22, 2003	Canon Kabushiki Kaisha	Communication apparatus and a communication system
US6606385	Aug 4, 1998	Aug 12, 2003	Hitachi, Ltd.	Data encrypting/decrypting conversion methods and apparatuses and data communication system adopting the same
US6615354	Mar 20, 2000	Sep 2, 2003	Hitachi, Ltd.	Information processing equipment
US6631471	Dec 10, 1999	Oct 7, 2003	Hitachi, Ltd.	Information processing equipment
US6751319	Oct 23, 2001	Jun 15, 2004		Block cipher method
US6842860	Jul 21, 2000	Jan 11, 2005	Networks Associates Technology, Inc.	System and method for selectively authenticating data
US6845449	Jul 21, 2000	Jan 18, 2005	Networks Associates Technology, Inc.	System and method for fast nested message authentication codes and error correction codes
US6915426	Jul 21, 2000	Jul 5, 2005	Networks Associates Technology, Inc.	System and method for enabling authentication at different authentication strength-performance levels
US6947560	Dec 15, 1999	Sep 20, 2005	Telefonaktiebolaget L M Ericsson (publ)	Method and device for effective key length control
US6957330	Mar 1, 1999	Oct 18, 2005	Storage Technology Corporation	Method and system for secure information handling
US6960981	Feb 6, 2002	Nov 1, 2005	ATMEL Germany GmbH	Detecting redirection during data transmission
US6976168	Jul 21, 2000	Dec 13, 2005	McAfee, Inc.	System and method for adaptive cryptographically synchronized authentication
US7007050	May 17, 2001	Feb 28, 2006	Nokia Corporation	Method and apparatus for improved pseudo-random number generation
US7043017	Sep 13, 2001	May 9, 2006	Freescale Semiconductor, Inc.	Key stream cipher device
US7103180	Oct 25, 2001	Sep 5, 2006	Hewlett-Packard Development Company, L.P.	Method of implementing the data encryption standard with reduced computation
US7162031	Dec 16, 1999	Jan 9, 2007	Nokia Corporation	Method and device for cryptographically processing data
US7215769	Oct 25, 2003	May 8, 2007	Fiske Software LLC	Non-autonomous dynamical orbit cryptography
US7292693	Aug 13, 1999	Nov 6, 2007	Teledyne Technologies Incorporated	Deterministically generating block substitution tables which meet a given standard of nonlinearity
US7346160	Apr 22, 2004	Mar 18, 2008		Randomization-based encryption apparatus and method
US7376235	Jul 29, 2002	May 20, 2008	Microsoft Corporation	Methods and systems for frustrating statistical attacks by injecting pseudo data into a data system
US7478748	Aug 30, 2004	Jan 20, 2009		Access control system and method
US7499567	Oct 18, 2005	Mar 3, 2009	Canon Kabushiki Kaisha	Electronic device and information processing apparatus and control method thereof, and computer program and computer-readable storage medium
US7508945	Oct 27, 1999	Mar 24, 2009		Self-corrector randomisation-encryption and method
US7522723	Jul 10, 2008	Apr 21, 2009		Password self encryption method and system and encryption by keys generated from personal secret information
US7620187	Mar 30, 2005	Nov 17, 2009	Rockwell Collins, Inc.	Method and apparatus for ad hoc cryptographic key transfer
US7657033	Dec 8, 2005	Feb 2, 2010	Fiske Software LLC	Cryptography related to keys
US7681245	Aug 30, 2002	Mar 16, 2010	Avaya Inc.	Remote feature activator feature extraction
US7698225	Aug 30, 2002	Apr 13, 2010	Avaya Inc.	License modes in call processing
US7698557	Dec 7, 2004	Apr 13, 2010	Guardtime AS	System and method for generating a digital certificate
US7707116	Aug 30, 2002	Apr 27, 2010	Avaya Inc.	Flexible license file feature controls
US7707405	Sep 21, 2004	Apr 27, 2010	Avaya Inc.	Secure installation activation
US7747851	Sep 30, 2004	Jun 29, 2010	Avaya Inc.	Certificate distribution via license files
US7814023	Sep 8, 2005	Oct 12, 2010	Avaya Inc.	Secure download manager
US7844572	Oct 30, 2007	Nov 30, 2010	Avaya Inc.	Remote feature activator feature extraction
US7885896	Jul 9, 2002	Feb 8, 2011	Avaya Inc.	Method for authorizing a substitute software license server
US7890997	Jan 20, 2003	Feb 15, 2011	Avaya Inc.	Remote feature activation authentication file system
US7913301	Oct 30, 2006	Mar 22, 2011	Avaya Inc.	Remote feature activation authentication file system
US7914107	Apr 12, 2010	Mar 29, 2011	Silverbrook Research Pty Ltd	Printer incorporating multiple synchronizing printer controllers
US7945049	Feb 28, 2008	May 17, 2011	Red Hat, Inc.	Stream cipher using multiplication over a finite field of even characteristic
US7958354	Feb 14, 2008	Jun 7, 2011	Rockwell Collins, Inc.	High-order knowledge sharing system to distribute secret data
US7966520	Aug 30, 2002	Jun 21, 2011	Avaya Inc.	Software licensing for spare processors
US8007063	Jul 15, 2010	Aug 30, 2011	Silverbrook Research Pty Ltd	Printer having printhead with multiple controllers
US8023647	Mar 12, 2009	Sep 20, 2011		Password self encryption method and system and encryption by keys generated from personal secret information
US8041642	Jul 10, 2002	Oct 18, 2011	Avaya Inc.	Predictive software license balancing
US8059814	Sep 28, 2007	Nov 15, 2011	EMC Corporation	Techniques for carrying out seed or key derivation
US8060750	Jun 29, 2007	Nov 15, 2011	EMC Corporation	Secure seed provisioning
US8123318	May 25, 2010	Feb 28, 2012	Silverbrook Research Pty Ltd	Printhead having controlled nozzle firing grouping
US8135130	Jun 19, 2007	Mar 13, 2012	Panasonic Corporation	Data encryption apparatus, data converting method, data converting program, recording medium and integrated circuit
US8204945	Oct 9, 2008	Jun 19, 2012	Stragent, LLC	Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US8229858	Feb 4, 2005	Jul 24, 2012	Avaya Inc.	Generation of enterprise-wide licenses in a customer environment

Claims

1. A method of communicating information comprising:

(a) communicating a secret key from the source to the receiver in a manner intended to maintain the secrecy of the key;

(b) selecting plaintext data at the source to be communicated over the unsecured channel to the receiver;

(c) encrypting the plaintext data using the key and a block cipher that includes at least two data-dependent rotations to generate encrypted data, wherein the amount of a second of the two data-dependent rotations depends on an encryption result derived from a first of the two data-dependent rotations, wherein the block cipher includes steps of

(c.1) segmenting the plaintext data into first and second words,

(c.2) rotating the first word by a value derived from the second word, and rotating the second word by a value derived from the first word, and

(c.3) repeating step c.2 by a number of rounds;

(d) transmitting the encrypted data over the unsecured channel to the receiver;

(e) decrypting at the receiver the encrypted data using the key and an inverse of the block cipher to generate the plaintext data.

2. A method of communicating information as in claim 1 wherein each word has a predetermined uniform bit length, and the bit length is a selectable variable.

3. A method of communicating information as in claim 2 wherein the bit length of each word is 64 bits.

4. A method of communicating information as in claim 2 wherein the bit length of each word is 32-bits.

5. A method of communicating information as in claim 1 wherein the number of rounds performed in step c.3 is a selectable variable.

6. A method of communicating information as in claim 1 wherein the number of rounds performed in step c.3 is at least four.

7. A method of encrypting information comprising the steps of:

(a) selecting a secret key having a predetermined number of bytes, and

(b) encrypting the information using the key and a block cipher that includes data-dependent rotations to generate encrypted data, and wherein the amount of rotation in at least one of the rotations depends on an intermediate result, wherein the block cipher includes steps:

(b.1) segmenting the information, and storing a first part of the information in a first memory register and a second part of the information in a second memory register,

(b.2) rotating a first value stored in the first memory register by a value derived from the contents of the second register, and rotating a second value stored in the second register by a value derived from the contents of the first register,

(b.3) repeating step b.2 by a number of rounds.

8. A method of encrypting information as in claim 7 wherein the first and second parts of information each have a predetermined uniform bit length, and the bit length is a selectable variable.

9. A method of encrypting information as in claim 8 wherein the bit length of each first and second parts of information is 64 bits.

10. A method of encrypting information as in claim 8 wherein the bit length of each of the first and second parts of information is 32-bits.

11. A method of encrypting information as in claim 7 wherein the number of rounds performed in step c.3 is a selectable variable.

12. A method of encrypting information as in claim 7 wherein the number of rounds performed in step c.3 is at least four.

13. A method of encrypting information comprising:

a. inputting a first block of plaintext information into a first memory register that temporarily stores a first value and a second block of plaintext information into a second memory register that temporarily stores a second value;

b. deriving a key table from a secret key where said key table has a sequence of elements;

c. executing a first invertible operation on the first block of plaintext information stored in the first memory register with a first element of the key table and storing a result of the first invertible operation in the first memory register as the first value, and executing a second invertible operation on the second block of plaintext information stored in the second memory register with a second element of the key table and storing a result of the second invertible operation in the second memory register as the second value;

d. executing a third invertible operation on the first value with the second value from step (c); and storing a result of the third invertible operation in the first memory register as the first value;

e. rotating the bits of the first value from step (d) in the first memory register by a number corresponding to at least a portion of the second value from step (c), and storing a result of the rotation in the first memory register as the first value;

f. executing a fourth invertible operation on the second value from step (c) with the first value from step (e), and storing a result of the fourth invertible operation in the second memory register as the second value;

g. rotating the bits of the second value from step (f) in the second memory register by a number corresponding to at least a portion of the first value from step (e) and storing a result of the rotation in the second memory register as the second value;

h. repeating steps d to g for a predetermined number of rounds, and

i. outputting the values in the first and second memory registers as encrypted information.

14. A method as in claim 13 further comprising step:

j. executing a fifth invertible operation on the first value from step (e) stored in the first memory register with a next in the sequence element of the key table and storing a result of the fifth invertible operation in the first memory register as the first value after step e, and executing a sixth invertible operation on the second value from step (g) stored in the second memory register with a next in the sequence element of the key table and storing a result of the sixth invertible operation in the second memory register as the second value after step g.

15. A method as in claim 14 wherein the fifth and sixth invertible operations are two's complement addition operations.

16. A method of encrypting information as in claim 13 wherein the first invertible operation in step c is a two's complement addition operation, the third invertible operation in step d is a bitwise exclusive OR operation, and the fourth invertible operation in step f is another bitwise exclusive OR operation.

Drawings

Patents

Block encryption algorithm with data-dependent rotations

Citations

Referenced by

Claims

Drawings