Subclass 45	Subclass 46	Subclass 47
Nonlinear (e.g., pseudorandom)

System for enciphering or deciphering data

4797921

Abstract

A system for enciphering or deciphering wherein bit patterns in a binary number notation of a plurality of elements, which an irreducible polynomial in the Galois field GF (2.sup.i) has, are stored in registers arranged in a certain correspondence with the bit positions of input data or messages, as random numbers for an encryption key or decryption key. The bit patterns retained in the registers corresponding to the digit of bit "1" in the input data are subjected to a mod 2 addition operation independently for each digit of the random numbers, to thereby obtain encipher or decipher data corresponding to the input data. The elements to be used for the encipher and decipher keys have a specific relationship therebetween in conformity with the periodical characteristic of the elements the irreducible polynomial has.

Claims

I claim:

1. A system for enciphering or deciphering i binary digit data comprising:

first store means for temporarily storing input data to be enciphered or deciphered;

second store means for storing a matrix formed by a plurality of streams of i binary digit random numbers, each stream corresponding to a respective digit of said first store means; and

output means for outputting a signal as encryption or decryption data for said input data, said signal being obtained by performing mod 2 addition of the streams of random numbers, among a plurality of streams stored in said second store means, which correspond to those digits of the input data store in said first store means and having a "1" bit, said addition operation being performed independently for each digit of said random numbers;

wherein said plurality fo streams of random numbers to be stored in said second store means respectively correspond to i element consecutive in power number and selected from the (2.sup.1-1) elements of an i order irreducible primitive polynomial in the Galois field GF(2.sup.i).

2. A system as set forth in claim 1, wherein if in encryption operation the polynomials stored as the random numbers in said second store means correspond to the elements x.sup.E to x.sup.E+i-1 in a power form, then in decryption operation the polynomials stored as the random numbers in said second store means correspond to the elements x.sup.D to x.sup.D+i-1 in a power form, wherein E+D.ident.0 (mod 2.sup.i -1).

3. A system as set forth in claim 1, wherein

said second store means comprises i shift registers, each storing a stream of i digit random numbers;

said first store means comprises an input register for outputting in parallel i digit input data; and

said addition means comprises a plurality of AND circuit means provided for each digit of said input register for performing an AND between a one digit output from said input register and an output from said shift register corresponding to said one digit, and an adder for performing a mod 2 addition operation of the outputs from said plurality of AND circuit means.

Description

BACKGROUND OF THE INVENTION

(1) Field of the Invention

The present invention relates to a system for enciphering or deciphering data, and more particularly to a system for enciphering or deciphering data or messages by multiplying them by pseudorandom numbers.

(2) Description of the Prior Art

Recently, in an on-line system such as a bank system, protection of transmission data through encryption has strongly been requested in order to prevent illegal access to the transmission data and its abuse through cryptoanalysis. Not only the protection for transmission data through encryption, but also the protection for file data within a computer system has also been requested heretofore.

Of conventional data encryption systems, there are known systems in which pseudorandom numbers are added to data, as proposed for example in U.S. Pat. Nos. 3,535,642, 3,681,708, 3,691,472, 3,816,764, 3,838,259, 3,911,216. In these known systems, basically the bit patterns of transmission data and pseudorandom numbers are added together at each of the corresponding bits of the respective data and the resultant bit pattern is transmitted as a cipher message. With such system, if there is only one terminal for destination of a message, i.e., in case of an end-to-end type communication network, both sending and receiving terminals may suffice only if they have a single common stream of pseudorandom numbers as a cipher key for enciphering and deciphering. However, if the number of terminals in a communication network increases, then it is necessary to use a plurality of particular cipher keys for respective pairs of sending and receiving terminals. This results in a large number of cipher keys which must be prepared for the whole communication system.

The number of types of cipher keys may be reduced by allocating a particular cipher key for each communication channel. For instance, as shown in FIG. 1, in a system where terminals A, B, C, D and E are connected to each other via nodes P.sub.1, P.sub.2 and P.sub.3, the number of cipher keys necessary for each terminal becomes minimum on condition that different streams of pseudorandom numbers C.sub.1 to C.sub.7 are prepared for respective communication channels and enciphering and deciphering are performed by using as a cipher key C.sub.1 for the channel from A to P.sub.1, C.sub.2 for the channel from P.sub.1 to P.sub.2, C.sub.3 for the channel from P.sub.2 to P.sub.3 and C.sub.4 for the channel from P.sub.3 to B. However, if the above-noted encryption using an independent cipher key for each communication channel is employed for an encryption system where a transmission message and a stream of pseudorandom numbers are added together (EXCLUSIVE 0R operation), there arises a possibility of a cryptoanalysis of the message by performing an AND operation, relative to the same plain text, of the cipher texts obtained from a plurality of communication channels. Thus, data protection is not sufficient.

Among other encryption systems, also known is an American encryption standard system by the Department of Commerce of U.S. Government. This system however requires complicated circuits in order to perform iterative operations of combinations of substitution and transposition processings for the input data.

SUMMARY OF THE INVENTION

It is an object of the present invention to provide a system which has little risk of cipher data being illegally cryptoanalized and is capable of enciphering or deciphering the data with a simple circuit arrangement.

It is another object of the present invention to provide an enciphering or deciphering system having an extremely high degree of freedom in selection and alteration of cipher keys.

It is a further object of the present invention to provide a system capable of enciphering and deciphering data by using the same circuit construction and changing only the cipher keys.

It is a still further object of the present invention to provide an enciphering system capable of transposition of the bit positions of a cipher text by using a selected set of cipher keys.

In order to achieve the above objects, the system for enciphering or deciphering i binary digit data according to the present invention comprises:

first store means for temporarily storing input data to be enciphered or deciphered;

second store means for storing a plurality of streams of i binary digit random numbers, each stream corresponding to each digit of said first store means; and

output means for outputting a signal as encryption or decryption data for said input data, said signal being obtained by performing mod 2 addition of the streams of random numbers, among a plurality of streams stored in said second store means, which correspond to those digits of the input data stored in said first store means and having "1" bit, said addition being performed independently for each digit of said random numbers.

A consecutive set of elements is used as said plurality of streams of random numbers, the set of elements being selected from the finite number of elements of an irreducible polynomial f(x) in the Galois field (2.sup.i). These elements can be expressed in a binary bit pattern when they are expressed in a polynomial form and the degree of x terms is made to correspond to the binary number digit. The enciphering system of the invention utilizes the characteristic of an irreducible polynomial and generates encryption data by performing a partial product operation between the inputted data and random number patterns. Also in deciphering, the original data is reproduced from a partial product operation between the inputted cipher data and random number patterns.

These and other objects, features, and uses will become more apparent as the description proceeds, when considered with the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic diagram showing a data communication network for enciphering and deciphering data;

FIG. 2 is a block diagram showing a schematic construction of a node in a data communication network;

FIG. 3 is a table for explaining the principle of enciphering a message according to the present 0180 invention;

FIG. 4 is a table for explaining the principle of deciphering a cipher text according to the present invention;

FIG. 5 is a circuit diagram showing one example of enciphering and deciphering circuits according to the present invention;

FIG. 6 is a flow chart illustrating a sequence for generating random numbers to be used as an encryption key; and

FIG. 7 is a flow chart illustrating a sequence for generating random numbers to be used in a decryption key.

DESCRIPTION OF THE PREFERRED EMBODIMENT

FIG. 2 is a block diagram schematically showing the construction of the node P.sub.1 in the communication network of FIG. 1. The node P.sub.1 is provided with a data processor 30 for operation of a data exchange, modems 20, 20' and 20" between data communication channels C.sub.1, C.sub.2 and C.sub.5, encipher circuits 10A, 10A' and 10A" and decipher circuits 10B, 10B' and 10B". A cipher text from the data communication channel C.sub.1 received at the modem 20 is deciphered into a plain text at the decipher circuit 10B, and inputted to the processor 30 via a signal bus 31. Alternatively, a message to be transmitted on the communication channel C.sub.1 is transferred via the signal bus 31 to the encipher circuit 10A where it is enciphered into a cipher text and thereafter transmitted via the modem 20. A stream of random numbers used as a cipher key for enciphering and deciphering is supplied via a signal line 32 from the processor 30 to the circuits 10A and 10B. Reference numeral 33 denotes a control signal line for data transmission. The encipher circuits 10A' and 10A" and decipher circuits 10B' and 10B" between the data communication channels C.sub.2 and C.sub.5 and the processor 30, are constructed similarly to the circuits 10A and 10B.

According to the present invention, in the encipher circuits 10A, 10A' and 10A" and decipher circuits 10B, 10B' and 10B", a cipher key is used which is expressed as will be described later in a polynomial form of a set of elements selected from a plurality of elements obtained in association with an irreducible polynomial in the Galois field GF(2.sup.i).

An irreducible polynomial in the Galois field GF(2.sup.i) is generally expressed in the form of:

F.sub.i (x)=a.sub.i .multidot.x.sup.i +a.sub.i=1 .multidot.x.sup.i-1 +. . . +a.sub.1 .multidot.x.sup.1 +a.sub.0 (1)

Any desired element x.sup.n can be identified by performing a mod f.sub.i (x) operation, i.e., by obtaining a remainder through division of X.sup.n by f.sub.i (x), and expressed by a sum of x.sup.i-1 to x.sup.0 as in the following equation where b.sub.i-1, . . . , b.sub.0 are constants of "1" or "0".

X.sup.n .ident.b.sub.i-1 .multidot.x.sup.i-1 +b.sub.i-1 .multidot.x.sup.i-2 +. . . +b.sub.1 .multidot.x+b.sub.0 (mod f.sub.i (x)) (2)

Here, as an example of an irreducible polynomial in the Galois field GF(2.sup.6), the following equation is used.

f(x)=x.sup.6 +x+1 (3)

The above polynomial is an irreducible primitive polynomial having i=6 as the maximum degree of x. As shown in Table 1, all of the elements X.sup.n expressed in a power form can be expressed as a polynomial f.sub.i (x) formed of a sum of 1, x, x.sup.2, x.sup.3, x.sup.4 and x.sup.5. The number g of elements is (2.sup.i -1) since the element of the order 63 equals the value of X.sup.0.

The equation 3 can be expressed as a binary number of "1000011" by making the term of 6 order x correspond to the uppermost bit and the term of 0 order x to the lowermost bit. Simiarily, each element of Table 1 can be expressed in a 6 digit binary number.

                                      TABLE 1
    __________________________________________________________________________
    f.sub.(x) = x.sup.6 + x + 1
    X.sup.n
       X.sup.n = F (mod f.sub.(x))
                      X.sup.n
                         X.sup.n = F (mod f.sub.(x))
    __________________________________________________________________________
    X.sup.0
       1              X.sup.32
                         x.sup.3 + 1
    X.sup.1
       x              X.sup.33
                         x.sup.4 + x
    X.sup.2
       x.sup.2        X.sup.34
                         x.sup.5 + x.sup.2
    X.sup.3
       x.sup.3        X.sup.35
                         x.sup.3 + x + 1
    X.sup.4
       x.sup.4        X.sup.36
                         x.sup.4 + x.sup.2 + x
    X.sup.5
       x.sup.5        X.sup.37
                         x.sup.5 + x.sup.3 + x.sup.2
    X.sup.6
       x + 1          X.sup.38
                         x.sup.4 + x.sup.3 + x + 1
    X.sup.7
       x.sup.2 + x    X.sup.39
                         x.sup.5 + x.sup.4 + x.sup.2 + x
    X.sup. 8
       x.sup.3 + x.sup.2
                      X.sup.40
                         x.sup.5 + x.sup.3 + x.sup.2 + x + 1
    X.sup.9
       x.sup.4 + x.sup.3
                      X.sup.41
                         x.sup.4 + x.sup.3 + x.sup.2 + x + 1
    X.sup.10
       x.sup.5 + x.sup.4
                      X.sup.42
                         x.sup.5 + x.sup.4 + x.sup.3 + x
    X.sup.11
       x.sup.5 + x + 1
                      X.sup.43
                         x.sup.5 + x.sup.4 + x.sup.2 + x + 1
    X.sup.12
       x.sup.2 + 1    X.sup.44
                         x.sup.5 + x.sup.3 + x.sup.2 + 1
    X.sup.13
       x.sup.3 + x    X.sup.45
                         x.sup.4 + x.sup.3 + 1
    X.sup.14
       x.sup.4 + x.sup.2
                      X.sup.46
                         x.sup.5 + x.sup.4 + x
    X.sup.15
       x.sup.5 +  x.sup.3
                      X.sup.47
                         x.sup.5 + x.sup.2 + x + 1
    X.sup.16
       x.sup.4 + x + 1
                      X.sup.48
                         x.sup.3 + x.sup.2 + 1
    X.sup.17
       x.sup.5 + x.sup.2 + x
                      X.sup.49
                         x.sup.4 + x.sup.3 + x
    X.sup.18
       x.sup.3 + x.sup.2 + x + 1
                      X.sup.50
                         x.sup.5 + x.sup.4 + x.sup.2
    X.sup.19
       x.sup.4 + x.sup.3 + x.sup.2 + x
                      X.sup.51
                         x.sup.5 + x.sup.3 + x + 1
    X.sup.20
       x.sup.5 + x.sup.4 + x.sup.3 + x.sup.2
                      X.sup.52
                         x.sup.4 + x.sup.2 + 1
    X.sup.21
       x.sup.5 + x.sup.4 + x.sup.3 + x + 1
                      X.sup.53
                         x.sup.5 + x.sup.3  + x
    X.sup.22
       x.sup.5 + x.sup.4 + x.sup.2 + 1
                      X.sup.54
                         x.sup.4 + x.sup.2 + x + 1
    X.sup.23
       x.sup.5 + x.sup.3 + 1
                      X.sup.55
                         x.sup.5 + x.sup.3 + x.sup.2 + x
    X.sup.24
       x.sup.4 + 1    X.sup.56
                         x.sup.4 + x.sup.3 + x.sup.2 + x + 1
                                        D
    X.sup.25
       x.sup.5 + x    X.sup.57
                         x.sup.5 + x.sup.4 + x.sup.3 + x.sup.2 + x
    X.sup.26
       x.sup.2 + x + 1
                      X.sup.58
                         x.sup.5 + x.sup.4 + x.sup.3 + x.sup.2 + x + 1
    X.sup.27
       x.sup.3 + x.sup.2 + x
                      X.sup.59
                         x.sup.5 + x.sup.4 + x.sup.3 +  x.sup.2 + 1
    X.sup.28
       x.sup.4 + x.sup.3 + x.sup.2
                      X.sup.60
                         x.sup.5 + x.sup.4 + x.sup.3 + 1
    X.sup.29
       x.sup.5 + x.sup.4 + x.sup.3
                      X.sup.61
                         x.sup.5 + x.sup.4 + 1
    X.sup.30
       x.sup.5 + x.sup.4 + x + 1
                      X.sup.62
                         x.sup.5 + 1
    X.sup.31
       x.sup.5 + x.sup.2 + 1
                      X.sup.63
                         1
    __________________________________________________________________________

According to the present invention, a plurality of streams of random numbers are used for an encryption key, in which a set of i elements consecutive in power number are selected from the elements X.sup.0 to X.sup.q-1 obtained in association with the irreducible polynomial and the respective polynomials for the selected elements are expressed in a binary number notation for use as an encryption key. Another set of i elements having a particular relation with the elements selected in enciphering is also expressed in a binary number notation to use it as the random numbers for a decryption key.

For instance, when 6 elements X.sup.7 to X.sup.12 starting from X.sup.7 indicated by reference E in Table 1 are selected for use as an encryption key, X.sup.7 to X.sup.12 in a binary number notation of the respective polynomials are: X.sup.7 ="000110", X.sup.8 ="001100", X.sup.9 ="011000", X.sup.10 ="11000", X.sup.11 ="100011" and X.sup.12 ="000101".

In the encipher circuit of the invention, these bit patterns are arranged for use as encryption random numbers in the order of power as shown in FIG. 3. In enciphering, a message M of a binary number notation is arranged in such a way that the lowermost bit m.sup.0 corresponds to the row 11 of X.sup.7 and the uppermost bit m.sup.5 to the row 16 of X.sup.12. Only those streams of random numbers whose rows correspond with bit "1" in the message are used as an object of addition operation (mod 2 addition) for each bit of the random numbers. Assuming that the content of message M is "010101" as shown in FIG. 3, the random numbers located at the rows 11, 13 and 15 becomes an object to be operated, and a bit pattern "111101" shown in a block 4 becomes a cipher text.

In the above example, it can be understood that the bit pattern "010101" of the message M and "111101" of the cipher text respectively correspond to the polynomials of and X.sup.59. Therefore, taking E (=7) as the degree of power of the reference element X.sup.7 among the set of elements used in enciphering, M (=52) as for X.sup.52, and S (=59) as for X.sup.59, the above-described enciphering processing means that the following operation is performed through a partial product operation.

X.sup.S =X.sup.M .multidot.X.sup.E (4)

In the decipher circuit of the invention, a received message is deciphered by using a partial product operation similarly to the case of enciphering. In this case, taking D as the degree of power of a reference element among the set of elements used for a decryption key, the deciphering processing can be expressed in the form of:

X.sup.S .multidot.X.sup.D =X.sup.M (5)

Therefore, from the equations (4) and (5), as the degree D of a reference element among the elements selected for use as a decryption key, the value which meets the following condition can properly be selected.

D+E.ident.0 (mod q) (6)

wherein q is the number of elements the irreducible polynomial can take.

In this example, since q=63 and E=7, the value D sufficing the equation (6) becomes 56. As a result, as the decryption key forming a counterpart of the encryption key obtained from X.sup.7 to X.sup.12, six elements X.sup.56 to X.sup.61 starting from a reference X.sup.56 indicated by reference D in Table 1 are used and the corresponding bit patterns X.sup.56 ="011111" to X.sup.61 ="110001" representative of the respective polynomials become the decryption random numbers. These random numbers are arranged in the order of power and the received cipher text S is arranged in such a way that lowermost bit s.sup.0 corresponds to the row 11' of X.sup.56 and the uppermost bit s.sup.5 corresponds to the row 16' of X.sup.61. The random numbers corresponding to bit "1" in the cipher text are selected as an object of addition operation (mod 2 addition) at each bit. The resultant bit pattern D equals the message prior to enciphering as shown in a block 4'.

It is possible to select any desired element X.sup.E for an encryption key in a single irreducible polynomial and select accordingly the element X.sup.D for a decryption key which corresponds to the element X.sup.E. As the polynomials of the encryption and decryption keys, another irreducible primitive polynomial in the Galois field GF(2.sup.i) may be used. For example, Table 2 shows the elements which a fifth order irreducible polynomial, f(x)=x.sup.5 +x.sup.2 +1 for example can take. In this case, X.sup.E and X.sup.D sufficing the relation of the equation (6) can be selected by setting q=32. The irreducible polynomial may be selected such that the order thereof corresponds to the bit length i of the message to be enciphered.

                  TABLE 2
    ______________________________________
    f = x.sup.5 + x.sup.2 + 1
    X.sup.n
         X.sup.n = F (mod f)
                         X.sup.n
                                X.sup.n = F (mod F)
    ______________________________________
    X.sup.0
         1               X.sup.16
                                x.sup.4 + x.sup.3 + x + 1
    X.sup.1
         x               X.sup.17
                                x.sup.4 + x + 1
    X.sup.2
         x.sup.2         X.sup.18
                                x + 1
    X.sup.3
         x.sup.3         X.sup.19
                                x.sup.2 + x
    X.sup.4
         x.sup.4         X.sup.20
                                x.sup.3 + x.sup.2
    X.sup.5
         x.sup.2 + 1     X.sup.21
                                x.sup.4 + x.sup.3
                                             D
    X.sup.6
         x.sup.3 + x     X.sup.22
                                x.sup.4 + x.sup.2 + 1
    X.sup.7
         x.sup.4 + x.sup.2
                         X.sup.23
                                x.sup.3 + x.sup.2 + x + 1
    X.sup.8
         x.sup.3 +  x.sup.2 + 1
                         X.sup.24
                                x.sup.4 + x.sup.3 + x.sup.2 + x
    X.sup.9
         x.sup.4 + x.sup.3 + x
                         X.sup.25
                                x.sup.4 + x.sup.3 + 1
    X.sup.10
         x.sup.4 + 1     X.sup.26
                                x.sup.4 + x.sup.2 + x + 1
    X.sup.11
         x.sup.2 + x + 1 X.sup.27
                                x.sup.3 + x + 1
    X.sup.12
         x.sup.3 + x.sup.2 + x
                         X.sup.28
                                x.sup.4 + x.sup.2 + x
    X.sup.13
         x.sup.4 + x.sup.3 + x.sup.2
                         X.sup.29
                                x.sup.3 + 1
    X.sup.14
         x.sup.4 + x.sup.3 + x.sup.2 + 1
                         X.sup.30
                                x.sup.4 + x
    X.sup.15
         x.sup.4 + x.sup.3 + x.sup.2 + x + 1
                         X.sup.31
                                1
    ______________________________________

FIG. 5 shows an example of the construction of a circuit for performing the above-described enciphering operation. In the figure, reference numberal 1 represents a memory for storing polynomial bit patterns of binary number notation to be used as random numbers. The memory 1 is constructed of i shift registers 1l to 1i. Reference numeral 2 represents an i bit input register to which a message M is inputted, the content of each bit is outputted in parallel. Reference numeral 3 denotes an operation circuit which includes 2-input AND circuits 3l to 3i corresponding to each bit 2l to 2i of the register 2 and an adder 30 for performing a mod 2 addition of the outputs from the AND circuits. Reference numeral 4 denotes an i bit output shift register to which an output of the adder 30 is inputted successively. The shift registers 1l to 1i start shifting every time when the message is inputted to the input register 2, and sequentially output the bit patterns from the uppermost bits 1li to 1ii to the lowermost bits 1ll to 1ii. These outputs are respectively inputted to the AND circuits 3l to 3i. To the other input terminal of each AND gate 3l to 3i, each bit output from the input register 2 is applied. Only those AND gates corresponding to bit "1" in the message supply each bit signal from the shift registers to the mod 2 adder 30.

As a result, if the polynomial bit patterns for i elements are previously arranged to be stored in the memory 1 in such a way that a bit pattern of the polynomial

X.sup.E .ident.C.sub.i-1 .multidot.X.sup.i-1 +. . . C.sub.0 mod f.sub.1(x)) (7)

representative of a reference for the encryption key is located at the shift register 11, and a bit pattern of the polynomial

X.sup.E+i-1 5 l.sub.i-1 .multidot.X.sup.i-1 +. . . +l.sub.0 (mod f.sub.i(x)) (8)

is located at the shift register 1i, then the operation circuit 3 can perform the encryption operation for the i bit input message as described with FIG. 3. The resultant cipher text is sequentially inputted to the output register 4.

Each shift register 1l to 1i is constructed such that the output bit is re-entered into the lowermost bit upon every shift operation. Therefore, at the end of enciphering of the message, the contents of each register resume the initial state, enabling accordingly to perform an encryption operation of the following message.

It can be understood by reference to FIGS. 3 and 4 that the decryption operation of the invention can be performed with the same procedure as that in the encryption operation. Thus, the circuit of FIG. 5 per se can be adopted as a decipher circuit. By storing bit patterns forming a decryption key into the respective shift registers in the memory 1, and deciphering a cipher text S inputted to the input register 2, it is possible to obtain the original message at the output register 4.

Next, a modification of the present invention will be described.

Referring to FIG. 3, if the elements X.sup.7 and X.sup.8 forming part of the encryption key is arranged to transpose their relative position, the elements corresponding bit "1" in the message M="010101" become X.sup.8, X.sup.9 and X.sup.11, so that the bit pattern of the cipher text S is changed to "110111" By setting this bit pattern at the block 2' of FIG. 4 and performing a decryption operation, a deciphered message D to be obtained at the block 4' becomes "010110" whose bit pattern contains two transposed lower bits of the bits m.sup.0 and m.sup.1 of the message M. From this, it can be understood that if the elements X.sup.7 and X.sup.8 are transposed at the encipher circuit side, the streams of bits x.sup.0 and x.sup.1 corresponding to the transposed bits m.sup.0 and m.sup.1 are arranged to be transposed in the decryption bit pattern matrix at the decipher circuit side so as to decipher the cipher text into a correct original message. In particular, therefore, if the elements X.sup.9 and X.sup.11 are transposed at the encipher circuit side, the decipher circuit side may prepare such bit patterns whose bit streams x.sup.4 and x.sup.2 corresponding to the bits m.sup.4 and m.sup.2 are transposed. Thus, as the arrangement of elements forming an encryption key is transposed at the encipher circuit side, cryptoanalysis of the ciphertext illegally obtained during data transmission becomes more difficult, thereby further improving the security of data.

The random numbers (bit pattern) for enciphering and deciphering to be set in each shift register in the memory 1 can be supplied to each node from the data processor 30.

In order to generate polynomial bit patterns serving as random numbers, it is necessary for those persons at the two nodes for data transmission to previously be informed of: an irreducible polynomial f(x) forming the basis of enciphering and deciphering; the order E of a reference element used as part of the encryption key; and the arrangement K.sub.E of the encryption key. These information may be provided via another route other than the above data transmission channel.

FIG. 6 schematically shows an operation flow performed by the data processor 30 for effecting formation of encryption random numbers. Bit patterns necessary for encryption can be obtained at block 31 by performing division of the i elements expressed in a power form starting from x.sup.E by the irreducible polynomial f(x) and by calculating its remainder. These bit patterns are temporarily stored at block 32 in the memory. As all of the bit patterns have been prepared, the bit patterns are sequentially read from the memory in accordance with the arrangement designation K.sub.E of the encryption key. The read-out bit patterns are then transferred to the shift registers 1l to 1i in the encipher circuit 10A. The above-described transposition in the encryption key can be performed in accordance with the arrangement designation K.sub.E.

FIG. 7 schematically shows an operation flow for generating decryption random numbers. Bit patterns forming the basis of decryption are obtained at block 41 by dividing the i elements starting from x.sup.D by the irreducible polynomial f(x). The bit patterns representative of the remainders are temporarily stored at block 42 in the memory. As all of the bit patterns have been prepared, the bit streams are read out at block 43 in accordance with the arrangement designation K.sub.D of the decryption key to restore them in the memory (block 44). After the end of transposition of the bit streams, at block 45 the bit patterns corresponding to x.sup.D are sequentially read to transfer them sequentially to the shift registers 1l to 1li in the decipher circuit 10B.

The elements x.sup.D for the decryption key can be unanimously obtained if f(x) and x.sup.E are identified. The arrangement designation K.sub.D for the decryption key can also be obtained unanimously based on the arrangement designation K.sub.E for the encryption key.

Enciphering and deciphering of a message using random numbers of the bit patterns of the elements have been described by way of example by using an irreducible primitive polynomial in the Galois field GF(2.sup.i). However, other polynomials whose elements have a periodical property shown by

X.sup.S .ident.1 (mod fi(x)) (9)

may also be used for the encryption and decryption keys. In this case, the following relationship between x.sup.E and x.sup.D is established:

E+D.ident.0 (mod s) (10)

Furthermore, although enciphering and deciphering have been applied to data transmission in the above embodiments, it is apparent that enciphering and deciphering of the present invention may also be adopted for protection of file data in a general computer system.

Inventors
Shiraishi, Takayoshi;
Assignee
Hitachi, Ltd. (Tokyo, JP)
Published
Jan-10-1989
Current US Classes:
380/28
380/30
380/44
380/46
Application #
796753
International Classes
H04K 001/00; H04K 009/00
Field of Search
178/22.10 178/22.19 178/22.15 178/22.14 380/28 380/30 380/44 380/46 380/50
Examiner
Cangialosi; Salvatore
Agent
Antonelli, Terry & Wands
US Patent References:
4165444
4520232

Same subclass

Method and apparatus for improving the security of an electronic codebook encryption scheme utilizing an offset in the pseudorandom sequence	5438622
Random bit stream generator and method	5239494
Scrambled transmission system	5621799
Pseudorandom noise sequence generator	6201870
Method, system and apparatus for improved reliability in generating secret cryptographic variables	6345098
Vehicle security system	5903653
Block-cipher cryptographic device based upon a pseudorandom nonlinear sequence generator	5054067
Process and device for making secure a telephone link connecting two subscriber sets	5963644
Method and circuit for compensating for oscillator drift in a spread-spectrum communication system	5303260
Scrambled-communication system using adaptive transversal filters for descrambling received signals	5008937
Method and apparatus for generating truly random numbers	5781458
Encoding and decoding information using randomization with an alphabet of high dimensionality	6301361

Same class

Method for verifying the use of public keys generated by an on-board system	6968060
Technique for promoting CATV pay-per-view events and acknowledging subscriber orders	4700386
Data encryptor	4760599
System for the secure storage and transmission of data	5027401
Strong mutual authentication of devices	7020773
Apparatus and method for encrypting communications without exchanging an encryption key	5455862
Compatible color television with regenerable signals	4568966
Split-key key-agreement protocol	6934392
Speech scramblers	4773092
Satellite receiver retuning system	5235643
Method of protected distribution of keying and certificate material	5825300
Encryption system key distribution method and apparatus	4578531

Consider this

Data processing system with a pipelined structure for editing trace memory contents and tracing operations during system debugging	4879646
Method and system of converting data from a source file system to a target file system	5742818
System and method for acquiring high granularity performance data in a computer system	5774724
Breakpoint setting/deleting system using a symbolic debugger in a digital data processing system	5835699
System for sending small positive data notification messages over a network to indicate that a recipient node should obtain a particular version of a particular data item	5842216
Method and apparatus in a data processing system for systematically serializing complex data structures	6292933
Method and system for reporting XML data from a legacy computer system	6687873
Method and system for changing rating data via internet or modem in a carrier management system	6910047
System and method for analyzing data accesses of a trace from a computer-executable program to determine data access patterns	6971092
Method and system for automatically prioritizing and analyzing performance data for one or more, system configurations	7043719