WO2000001110A1 - Encryption and decryption key arrangements - Google Patents
Encryption and decryption key arrangements Download PDFInfo
- Publication number
- WO2000001110A1 WO2000001110A1 PCT/GB1999/002052 GB9902052W WO0001110A1 WO 2000001110 A1 WO2000001110 A1 WO 2000001110A1 GB 9902052 W GB9902052 W GB 9902052W WO 0001110 A1 WO0001110 A1 WO 0001110A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- characters
- primitives
- session key
- results
- encrypt
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/088—Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
Definitions
- the present invention relates to apparatus arranged to encrypt messages or decrypt messages, particularly to communications apparatus arranged to encrypt messages prior to transmission and decrypt received messages. It is known to provide communications apparatus (for example facsimile machines) with the ability to encrypt messages prior to transmission and decrypt received messages. However, each such apparatus operates with a cypher of a predetermined, fixed cryptographic strength: two apparatus can only communicate with each other if they both use cyphers of the same strength. There are many circumstances in which this limits the ability for communications to be established.
- an apparatus which is arranged to encrypt or decrypt messages, the apparatus being arranged to generate a session key of a variable selected number of characters and to distribute the characters of said session key in sequence into a predetermined number of groups to form a corresponding predetermined number of primitives, and further arranged to use said primitives, in accordance with a predetermined algorithm, to form a cypher key stream the characters of which are used in sequence to encrypt or decrypt successive characters (or other elements) of a message.
- the length (i.e. the number of characters) of the session key can be selected: the longer the session key, the greater will be the strength of the cypher.
- the session key is preferably randomly generated.
- the characters (typically numerical characters) of the session key are distributed into the predetermined number of groups in a manner forming a corresponding set of multi-digit numbers.
- the first term allocated to each group may form the first digit of a multi-digit number
- the second term allocated to that group forms the second digit of the multi-digit number
- these multi-digit numbers are processed further in order to produce the corresponding set of primitives, used to form the cypher key stream.
- predetermined values are then added to the respective results of the XOR process, to form a corresponding set of primitives.
- different values are added to the different results of the XOR process: preferably these different values are different multiples of a basic value. For example, 100 may be added to the first XOR result, 200 to the second, and so on.
- FIGURE 1 is a schematic block diagram showing part of the electronic system of communications apparatus in accordance with the present invention.
- FIGURE 2 is a table showing the formation of six different groups of primitives from six session keys of different lengths.
- a communications apparatus e.g. a facsimile machine
- means 10 for encrypting a plain message M prior to transmission via a port 12.
- the microprocessor 10 is provided with a program memory 14 which stores an encryption algorithm and also an algorithm for forming a group of primitives from a session key.
- the microprocessor is able to generate a session key on a random basis, of selected length.
- the microprocessor is also arranged to correspondingly decrypt messages received via the port 12.
- Figure 2 shows six different examples, in which session keys of 56,48,40,32,18 and 12 decimal digits (186,159,133,106,60 and 40 binary bits) are generated.
- the microprocessor distributes its digits, one- af er-another , into 14 groups, in the same manner as dealing a pack of cards out to the players of a card game.
- the first 14 digits (44490925319354) form the first digits of respective 4-digit numbers: continuing, the next 14 digits of the session key (89500321347811) form the second digits of the respective 4- digit numbers, the next 14 digits of the session key (67111248217917) form the third digits of the respective 4- digit numbers and the final 14 digits of the session key (36922366044359) form the fourth (and final) digits of the respective 4-digit numbers.
- the microprocessor 10 combines successive pairs of the 14 numbers in an XOR (exclusive OR) procedure: in each of the examples shown in Figure 2, the second line gives the corresponding results.
- each number in the first line is combined with the XOR result of the proceeding number, in a process which involves an XOR function or their binary equivalents.
- the microprocessor 10 adds a multiple of 100 to each of the 14 results formed by the XOR procedure.
- 100 is added: to the second result, 200 is added; to the third result, 300 is added, and so on up to the seventh result, to which 700 is added.
- 100 is added: to the ninth result, 200 is added, and so on up to the fourteenth result, to which 700 is added.
- the final results (last line in each of the 6 examples set out in Figure 2) provide a set of 14 primitives.
- the 14 primitives thus produced are used by the microprocessor, in accordance with the encryption algorithm, to form a cypher key stream comprising a long stream of digits. Then, in order to encrypt a plain message, the digits of this stream are taken one-after-another, and used in accordance with an encryption algorithm to encrypt respective, successive elements (e.g. characters or groups of characters) of the message to be transmitted. Similarly, in order to decrypt a received message, the digits of the cypher key stream are taken one-after-another and used, in accordance with a decryption algorithm (being the inverse of the encryption algorithm) to decrypt respective, successive elements of the received message.
- a decryption algorithm being the inverse of the encryption algorithm
Abstract
An apparatus, arranged to encrypt or decrypt messages, is arranged to generate a session key of a variable selected number of characters and to distribute these characters in sequence into a predetermined number of groups to form a corresponding number of primitives: these primitives are used, in accordance with a predetermined algorithm, to form a cypher key stream the characters of which are used in sequence to encrypt or decrypt successive characters (or elements) of a message.
Description
ENCRYPTION AND DECRYPTION KEY ARRANGEMENTS
The present invention relates to apparatus arranged to encrypt messages or decrypt messages, particularly to communications apparatus arranged to encrypt messages prior to transmission and decrypt received messages. It is known to provide communications apparatus (for example facsimile machines) with the ability to encrypt messages prior to transmission and decrypt received messages. However, each such apparatus operates with a cypher of a predetermined, fixed cryptographic strength: two apparatus can only communicate with each other if they both use cyphers of the same strength. There are many circumstances in which this limits the ability for communications to be established.
We have now devised an arrangement in which the cypher can be varied in strength, so that when any two apparatus wish to communicate with each other, a common cypher strength can be selected.
Thus, in accordance with the present invention, there is provided an apparatus which is arranged to encrypt or decrypt messages, the apparatus being arranged to generate a session key of a variable selected number of characters and to distribute the characters of said session key in sequence into a predetermined number of groups to form a corresponding predetermined number of primitives, and further arranged to use said primitives, in accordance with a predetermined algorithm, to form a cypher key stream the characters of which are used in sequence to encrypt or decrypt successive characters (or other elements) of a message.
In use of this apparatus, the length (i.e. the number of characters) of the session key can be selected: the longer the session key, the greater will be the strength of the cypher.
Once the length of the session key to be used is decided upon, the session key is preferably randomly generated.
Preferably the characters (typically numerical characters) of the session key are distributed into the predetermined number of groups in a manner forming a
corresponding set of multi-digit numbers. For example, the first term allocated to each group may form the first digit of a multi-digit number, the second term allocated to that group forms the second digit of the multi-digit number, and so on. Preferably these multi-digit numbers are processed further in order to produce the corresponding set of primitives, used to form the cypher key stream.
Preferably successive pairs of these multi-digit numbers are then subjected to an XOR (exclusive OR) process to form a corresponding set of results.
Preferably predetermined values are then added to the respective results of the XOR process, to form a corresponding set of primitives. Preferably different values are added to the different results of the XOR process: preferably these different values are different multiples of a basic value. For example, 100 may be added to the first XOR result, 200 to the second, and so on.
An embodiment of the present invention will now be described with reference to the accompanying drawings, in which:
FIGURE 1 is a schematic block diagram showing part of the electronic system of communications apparatus in accordance with the present invention; and
FIGURE 2 is a table showing the formation of six different groups of primitives from six session keys of different lengths.
Referring to Figure 1, a communications apparatus (e.g. a facsimile machine) comprises means 10, in the form of a microprocessor, for encrypting a plain message M prior to transmission via a port 12. The microprocessor 10 is provided with a program memory 14 which stores an encryption algorithm and also an algorithm for forming a group of primitives from a session key. The microprocessor is able to generate a session key on a random basis, of selected length. The microprocessor is also arranged to correspondingly decrypt messages received via the port 12.
In effecting communication between two apparatus, these follow an initial protocol to determine the cryptographic strength to be employed: this determines the length of the
session key to be used. Then the session key is randomly generated by the microprocessor 10 in one of the apparatus: Figure 2 shows six different examples, in which session keys of 56,48,40,32,18 and 12 decimal digits (186,159,133,106,60 and 40 binary bits) are generated.
Once the session key of selected length has been generated, the microprocessor distributes its digits, one- af er-another , into 14 groups, in the same manner as dealing a pack of cards out to the players of a card game. Thus, referring to the first example in Figure 2, the first 14 digits (44490925319354) form the first digits of respective 4-digit numbers: continuing, the next 14 digits of the session key (89500321347811) form the second digits of the respective 4- digit numbers, the next 14 digits of the session key (67111248217917) form the third digits of the respective 4- digit numbers and the final 14 digits of the session key (36922366044359) form the fourth (and final) digits of the respective 4-digit numbers. In the first example in Figure 2, 14 groups of 4-digit numbers are thus formed: however, in each of the other examples, the number of digits in the session key is not divisible by the number of groups (14) , so that 14 numbers of differing numbers of digits are formed (in some cases, only a single digit) .
In the next step, the microprocessor 10 combines successive pairs of the 14 numbers in an XOR (exclusive OR) procedure: in each of the examples shown in Figure 2, the second line gives the corresponding results. In particular, each number in the first line is combined with the XOR result of the proceeding number, in a process which involves an XOR function or their binary equivalents.
In the next step (third line of each example shown in Figure 2) , the microprocessor 10 adds a multiple of 100 to each of the 14 results formed by the XOR procedure. Thus, to the first result, 100 is added: to the second result, 200 is added; to the third result, 300 is added, and so on up to the seventh result, to which 700 is added. Then, to the eighth result, 100 is added: to the ninth result, 200 is added, and so on up to the fourteenth result, to which 700 is added. The final results (last line in each of the 6 examples set out in
Figure 2) provide a set of 14 primitives.
It will be appreciated that the second and third steps which have been described add complexity to the primitives finally produced. The third step in particular ensures that none of the primitives will be zero.
The 14 primitives thus produced are used by the microprocessor, in accordance with the encryption algorithm, to form a cypher key stream comprising a long stream of digits. Then, in order to encrypt a plain message, the digits of this stream are taken one-after-another, and used in accordance with an encryption algorithm to encrypt respective, successive elements (e.g. characters or groups of characters) of the message to be transmitted. Similarly, in order to decrypt a received message, the digits of the cypher key stream are taken one-after-another and used, in accordance with a decryption algorithm (being the inverse of the encryption algorithm) to decrypt respective, successive elements of the received message.
Claims
Claims
1) An apparatus which is arranged to encrypt or decrypt messages, the apparatus being arranged to generate a session key of a variable selected number of characters and to distribute the characters of said session key in sequence into a predetermined number of groups to form a corresponding predetermined number of primitives, and further arranged to use said primitives, in accordance with a predetermined algorithm, to form a cypher key stream the characters of which are used in sequence to encrypt or decrypt successive characters (or other elements) of a message.
2) An apparatus as claimed in claim 1, arranged to generate said session key in random manner.
3) An apparatus as claimed in claim 1 or 2 , arranged so that the characters of the session key are distributed into said predetermined number of groups in a manner forming a corresponding set of multi-digit numbers.
4) An apparatus as claimed in claim 3, arranged to further process said multi-digit numbers to produce said primitives.
5) An apparatus as claimed in claim 4, arranged to subject successive pairs of said multi-digit numbers to an exclusive OR process to form a corresponding set of results, and to process said results to produce said primitives.
6) An apparatus as claimed in claim 5, arranged so to add predetermined values to the respective said results, to form said primitives.
7) An apparatus as claimed in claim 6, arranged to add different said values to different said results.
8) An apparatus as claimed in claim 7, arranged such that said different values are different multiples of a basic value.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2000557580A JP2002519940A (en) | 1998-06-30 | 1999-06-30 | Apparatus for encryption and decryption key construction |
| EP99928133A EP1099323A1 (en) | 1998-06-30 | 1999-06-30 | Encryption and decryption key arrangements |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB9814003.1 | 1998-06-30 | ||
| GB9814003A GB2339121B (en) | 1998-06-30 | 1998-06-30 | Encryption and decryption key arrangements |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO2000001110A1 true WO2000001110A1 (en) | 2000-01-06 |
Family
ID=10834577
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/GB1999/002052 WO2000001110A1 (en) | 1998-06-30 | 1999-06-30 | Encryption and decryption key arrangements |
Country Status (4)
| Country | Link |
|---|---|
| EP (1) | EP1099323A1 (en) |
| JP (1) | JP2002519940A (en) |
| GB (1) | GB2339121B (en) |
| WO (1) | WO2000001110A1 (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1995026087A1 (en) * | 1994-03-23 | 1995-09-28 | Chantilley Corporation Limited | Apparatus for generating encryption/decryption look-up tables using a session key |
| FR2732531A1 (en) * | 1995-03-30 | 1996-10-04 | Sanyo Electric Co | Encryption and decryption of data on frequency modulated sub-carrier |
| US5594795A (en) * | 1994-07-05 | 1997-01-14 | Ericsson Inc. | Method and apparatus for key transforms to discriminate between different networks |
| WO1998019420A1 (en) * | 1996-10-25 | 1998-05-07 | Intel Corporation | A circuit and method for ensuring interconnect security within a multi-chip integrated circuit package |
| US5768381A (en) * | 1993-09-14 | 1998-06-16 | Chantilley Corporation Limited | Apparatus for key distribution in an encryption system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5425103A (en) * | 1994-03-14 | 1995-06-13 | Shaw; William Y. | Variable-key cryptography system |
-
1998
- 1998-06-30 GB GB9814003A patent/GB2339121B/en not_active Expired - Fee Related
-
1999
- 1999-06-30 JP JP2000557580A patent/JP2002519940A/en active Pending
- 1999-06-30 WO PCT/GB1999/002052 patent/WO2000001110A1/en not_active Application Discontinuation
- 1999-06-30 EP EP99928133A patent/EP1099323A1/en not_active Withdrawn
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5768381A (en) * | 1993-09-14 | 1998-06-16 | Chantilley Corporation Limited | Apparatus for key distribution in an encryption system |
| WO1995026087A1 (en) * | 1994-03-23 | 1995-09-28 | Chantilley Corporation Limited | Apparatus for generating encryption/decryption look-up tables using a session key |
| US5594795A (en) * | 1994-07-05 | 1997-01-14 | Ericsson Inc. | Method and apparatus for key transforms to discriminate between different networks |
| FR2732531A1 (en) * | 1995-03-30 | 1996-10-04 | Sanyo Electric Co | Encryption and decryption of data on frequency modulated sub-carrier |
| WO1998019420A1 (en) * | 1996-10-25 | 1998-05-07 | Intel Corporation | A circuit and method for ensuring interconnect security within a multi-chip integrated circuit package |
Also Published As
| Publication number | Publication date |
|---|---|
| GB9814003D0 (en) | 1998-08-26 |
| GB2339121B (en) | 2003-03-05 |
| EP1099323A1 (en) | 2001-05-16 |
| GB2339121A (en) | 2000-01-12 |
| JP2002519940A (en) | 2002-07-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5222139A (en) | Cryptographic method and apparatus | |
| US5623549A (en) | Cipher mechanisms with fencing and balanced block mixing | |
| US7254232B2 (en) | Method and system for selecting encryption keys from a plurality of encryption keys | |
| JP2628660B2 (en) | Encryption / decryption method and apparatus | |
| AU706247B2 (en) | Cryptographic system with concealed work factor | |
| KR19990087103A (en) | How to share encryption key | |
| WO1994016509A1 (en) | A method and apparatus for generating a cipher stream | |
| US6640303B1 (en) | System and method for encryption using transparent keys | |
| Gautam et al. | An enhanced cipher technique using vigenere and modified caesar cipher | |
| US20020159588A1 (en) | Cryptography with unconditional security for the internet, commercial intranets, and data storage | |
| CN109344627B (en) | Novel Shannon perfect secrecy method | |
| Bhat et al. | A novel approach to information security using four dimensional (4d) playfair cipher fused with linear feedback shift register | |
| CN1820449B (en) | Method for encoded data transmission via a communication network | |
| US7184546B2 (en) | Method based on an algorithm capable of being graphically implemented to be used for the generation of filtering of data sequences and crytographic applications | |
| Kwan | The design of the ICE encryption algorithm | |
| WO2001091368A2 (en) | Encryption system based on crossed inverse quasigroups | |
| WO2000001110A1 (en) | Encryption and decryption key arrangements | |
| Chunguang et al. | Permutation of image encryption system based on block cipher and stream cipher encryption algorithm | |
| Kresmer et al. | CCM-SIV: Single-PRF Nonce-Misuse-Resistant Authenticated Encryption | |
| JPH10303881A (en) | Enciphering and decoding device, and method | |
| Khorsheed | A Compartive Study Between (AES) and (DES) Algorithms Based on the (SET) Protocol | |
| Rubin | The cryptographic uses of post tag systems | |
| Hattab et al. | Developing the Complexity and Security of the Twofish Algorithm Through a New Key Scheduling Design | |
| Mandal et al. | New Key Generation Technique in RSA Algorithm | |
| Denning | Encryption algorithms |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A1 Designated state(s): JP US |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
| WWE | Wipo information: entry into national phase |
Ref document number: 1999928133 Country of ref document: EP |
|
| WWE | Wipo information: entry into national phase |
Ref document number: 09720636 Country of ref document: US |
|
| WWP | Wipo information: published in national office |
Ref document number: 1999928133 Country of ref document: EP |
|
| WWW | Wipo information: withdrawn in national office |
Ref document number: 1999928133 Country of ref document: EP |