`United States Patent
`[45]
`Oct. 23, 1979
`Barnes et all.
`
`[11]
`
`4,172,213
`
`[54] BYTE STREAM SELECTIVE
`ENCRYPTION/DECRYPTION DEVICE
`
`Primary Examr'ner—S. C. Buczinski
`Attorney, Agent, or Ft'rm—Mark T. Starr
`
`[75]
`
`3,651,699
`3.74-(1.41-TS
`3,798,605
`3_962_539
`3,984,668
`
`[ST]
`ABSTRACT
`Inventors: Vera L. Barnes, Wayne; Thomas .1.
`An apparatus for insertion in a communications line _for
`g?b1?£'JE$$§;;t]o}::ll;l g;:";:F'
`§i‘L‘,Z2si?.?g?§‘.i1?§n‘EZ§L’§.iL§L‘t'3$’5fk§‘?ifi=iZ”L§§s’§i?E
`Ce'-v'=="- Jr» Newtewn Square» all
`ter end, the apparatus receives messages from the com-
`of Pa"
`Inunications line, enciphers them and retrartsmits them
`[73] Assignee: Burroughs Corporation, Detroit.
`onto the communications line. At the receiver end, the
`Mich.
`apparatus receives messages from the communications
`21 A L N _: 852,444
`line, declphers them and retransmtts them onto the
`1
`Pp
`0
`[
`communications line. The apparatus contains both a
`Nov. 17, 1977
`[22] Filed:
`[51] um CL; _____________________________________________ __ HML 9/W transmitter and receiver and is capable of full duplex
`[52] U_S_ CL _____________________________ 173/22; 340/I461 AL
`operatlon 1n a_btd1rect1oI1al communtcattons line. An-
`[523] Field of Search ................. 178/22; 340/146.1 AL
`F°“‘"'B *0 the "“:’e"“°'=g data '5 enelphered by '=°=Pbm-
`mg the data received with the output of an algorithm,
`[55]
`Referefleee Cited
`the algorithm output being dependent on the data previ-
`U_s_ pATEN1‘ DOCUMENTS
`:.;s‘liy encipherededand a uniq:e::y en-lie? by the user.
`ata ts receiv
`it is com in wit
`t e output of the
`4/1972 Rocher et al.
`......................... 173/22
`algorithm’ transmitted and using cipher feedback mh_
`
`. . . .. I73/22
`6/19'.-'3
`Ehrat . . . . . . . . . .
`.
`red b
`k
`.
`h a}
`. 11
`3/1974
`Feistel ........
`364/200
`mques,
`3°
`35 an “'9'” ‘°F 5
`801'“ "1 "-° l_’e “Se?
`5,1975 Ehmm et a1_
`173,-22
`to encipher subsequently received data. Data IS deci~
`
`
`Zetterberg et al.
`ID/1976
`173/22
`phered usms equivalent elements as used for enCiPher-
`ing,
`the basic difference in the apparatus operation
`OTHER PUBLICATIONS
`being the point from which data fed back into the algo-
`rithm is taken. The apparatus operates on a byte-by-byte
`basis, and contains provisions for responding to control
`characters and ignoring messages intended for a differ-
`ent apparatus.
`
`C. M. Campbell, Jr.; Conf. on Computer Security and
`the Data Encryption Standard; NBS (Preprint of Pa-
`pers); Feb. 15, I9':''.!.
`B. Morgan; Conf. on Computer Security and the Data
`Encryption Standard; NBS (Preprint of Papers); Feb.
`15, 197?.
`
`
`
`49 Claims, 1‘? Drawing Figures
`
`BET
`IN
`
`lllPlJI 5 EIL|IF'|.|l
`PESIMUTE AJJTUIUHIEILLT
`
`B I B an
`
`(3 sERlEs:rmuLLEL
`
`
`
`
`
`n'« Ec::Z-=:.—n 3=2=3-___-..___-.l
`
`rxctiiswr at
`
`la—6-I :4 ms:
`
`'.
`
`I52-{ltGLUS1'u|E MS]
`
`
`Page 1
`
`Apple v. PMC
`|PR2016-00753
`
`PMC Exhibit 2096
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 1
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 1 of 15
`
`4,172,213
`
`To Rn
`
`IIAIA
`om
`
`IIEI
`III
`
`C9
`
`(3
`
`I PUT SIOUTPUT
`PNEIIIAUIE AIIIIIIIAIICALLI
`IIP)
`
`W33”
`(9 SERIES/PARALLEL
`I-2
`
`IIAIA
`IN
`
`9
`
`L
`
`Ln
`
`I I I I II I II
`
`I
`
`III II I I
`
`DATA SIIOHAGE
`
`59
`
`R
`
`0
`
`KEY S:TORAGE
`
`D
`
`9-3anREG.) A
`
`Rn
`
`®
`
`TRANSFORM
`In
`
`€53
`
`I
`,
`I
`
`II
`
`PERMUTE
`II=c2I
`
`GI?
`
`I III I
`
`III I I II
`
`EXCLUSIVE (III
`
`I48-EXCLUSIVE 0R‘SJ
`
`99999999
`
`SUBSTITUTIUN
`
`I32-EXCLUSIVE 0R'sI
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00753
`
`Page 2
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 2
`
`
`
`S.
`
`tn6LI»3
`
`3,
`
`cm2w%
`
`2
`
`
`
`U.i§m_§5.25%51%
`
`pEEEEEEEE
`
`
`
`9mg::_:§EW_.,_E_%§..
`
`MNQt‘.
`
`525.5:
`
`lI:.l||nJJD555:2z_§M,5%
`.,3ollllllllllllll
`
`Bm
`
`mwmpMmmCAW
`moms
`mmmm
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 3
`
`
`
`U.S. Patent
`
`CO
`
`9mm,
`
`S
`
`w
`
`.I._,4
`
`1.12,27..
`
`
`
`mzo_:§:_§:§_:§m22.2%
`
`3mat
`
`...5%..
`
`.E2_z~m:
`
`E939
`
`mega
`
`éz__.EE
`
`Ewfié
`
`§_E§m
`
`5.2
`
`
`
`zc_§§;.§E_E-E-E_on_
`
`2:2;
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00753
`
`Page 4
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 4
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 4 of 15
`
`4,172,213
`
`§_§E
`
`:25
`
`$2.53
`
`mega
`
`Emfié.efim._q2_2E_
`
`._qz=#_E
`
`EQEQ
`
`$25.5
`
`Egg
`
`329
`
`.2z__.EE
`
`M...
`
`.m.W\»E
`
`_§__gE
`
`:33
`
`Emfié
`
`ééfiza
`
`Em%
`
`.1
`
`mesaE53
`
`§___._§
`
`$23
`
`._«.z_§E..
`
`%5%
`
`
`
`:533:3_E_:=§,_o_E$Em_>_5m_._mm-9;
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00753
`
`Page 5
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 5
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 5 of 15
`
`4,172,213
`
`23:2
`
`
`
`EWEE_,5E§
`
`ézzéfi
`
`5%:
`
`33.
`
`§EE_,__
`
`2,:5228assszs
`
`5.2.%§5%Egg
`
`
`
`533$51%‘EB:51%
`
`EEE52$mat
`
`NE
`
`EmEv...
`
`figs
`
`ESE:
`
`§_”_Em
`
`E5_H.E
`
`2E_m8.E
`
`mug_
`
`§,__e§:=
`
`222$
`
`E2
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00753
`
`Page 6
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 6
`
`
`
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 6 of 15
`
`4,172,213
`
`: : : : ? :——i
`
`VARIABLE
`
`ONE BIT SHIFT
`PER BIT
`
`F
`!
`
`r I I
`
`0
`
`'
`ABTWATE
`ONCE PER I
`
` __ Q-
`
`m
`'
`
`TRANSWT
`
`'
`
`RECEIVE
`
`
`
`KEY BiT
`
`
`
`
`
`\|||l||
`
`0
`
`T1’)?
`
`Fig. 7
`
`Page 7
`
`PMC Exhibit 2096
`A le v. PMC
`IPR
`6-00753
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 7
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 7 of 15
`
`4,172,213
`
`5%
`
`E:”_§5
`
`Eng
`
`22.:
`
`E3
`
`z_5._$_.__Q
`
`.5528CE
`
`we22:
`
`§_sa3¢
`
`4omH2oQ
`
`EE:%,_E
`
`E8:
`
`fiaa
`
`Ezzgénmg22:
`
`§_=§:9
`
`
`
`,__5&$_¢sEa
`
`.59:
`
`z_§_
`
`$52
`
`$538
`
`§_§m
`
`atzazs:
`
`was2
`
`5:58
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00753
`
`Page 8
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 8
`
`
`
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`ob
`
`B
`
`h_S__m_+I$__
` __IHfigIpm__,__:_%34:55:wMm.o|.m\_amEmfig_
`
`
`
`n/WE:52%3:53%................
`
`
`
`27]|E||IlII|][||]IIlI1I_U_IIIFII4.,¢_
`
`_
`
`__
`
`I I
`
`| I
`
`I
`
`33.255.2%
`
`
`
`£52.32...
`
`IEas
`
`PMCExhibit
`
`
`
`22.59fig;fix:5...9%IIIII
`
`Apple v. PMC
`|PR2016-00753
`
`Page 9
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 9
`
`
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 9 of 15
`
`4,172,213
`
`@1913
`
`I3-4
`
`PARITY
`CHECK
`
`INPUTOATA FROM DTE
`
`DATA
`INPUT
`REGISTER
`
`I3‘?
`
`KEY MEMORY
`STORAGE
`
`CHARACTER
`STORAGE
`DELAY
`
`B-W
`
`
`
`|3-|0
`
`CHLTEARTER
`
`AUTRE\T|fiT_|ON__
`
`SELECT
`
`H EXCLUSIVE-OR
`TRANSFORMATION
`
`ARR
`
`R3
`
`DATA FROMALGORTTHM
`
`DATA T0 ALGORITHM
`CONTROLTCIPHER
`FEEDBABK REGISTER)
`
`SELECT
`
`GETRLTTAR
`
`BUFFER
`
`5'5
`
`OUTPUT RATA TO DOE
`
`"KEY BiTS"(8&T)
`oo
`01
`I0
`
`,
`|||
`
`"KEY B|TS"(6&T)
`no
`OI
`I0
`
`ll
`
`INPUT
`(BATTER
`
`ll
`
`Ii
`
`J
`R
`00 \ofi\gT To
`T0:
`0: 0|\\O0\\I|
`10
`I0
`u\\o‘R\0|
`~\ \ T
`TR
`no
`oT\g9\T
`IO
`OUTPUT
`EXCLUSIVE-OR O
`(B)
`(A)
`
`F/g./0
`
`INPUT
`
`00
`0|
`I0
`
`II
`
`no
`0|
`IO
`
`II
`
`on
`0|
`ll
`
`00
`II
`I0
`
`0o—coRTRoLcRARAcTER
`10
`0|
`
`NUWNTROL
`CHARACTER
`
`ll
`
`PMC Exhibit 2096
`
`Apple v. PMC
`IPR2016-00753
`
`Page 10
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 10
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 10 of 15
`
`4,172,213
`
`ONE BYTE SHIFT
`PER BYTE
`
`H‘?
`
`3 BTTS
`/4%
`
`mmmflflmmmm
`
`0
`
`|
`|
`
`DES ALGORITHM
`STRANSFERS/BYTE
`IIIIIIII
`(w
`
`ENBRYPT MODE
`
`®
`
`KEY
`‘”*“'*’~BLE
`
`—' 6
`_ T
`- T
`I '
`'
`_ T
`|
`ACTIVATE
`_ T
`{JNCEPE
`_ pm;
`W .
`— |
`[
`T
`‘T’
`E
`T
`| IIIIIIII (3
`IIIITIIII
`Q
`
`0
`
`m
`
`m m
`ECEIVE
`
`-
`
`mans
`
`u—:2
`
`IN
`
`CONTROL
`
`- xon AND E I
`
`I
`
`TRANSFORMATION
`
`T
`
`ll-I0
`
`‘
`
`=
`
`PLAINTEXT
`
`Page 11
`
`PMC Exhibit 2096
`
`Apple v.PMC
`|PR2016-00753
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 11
`
`
`
`
`
`'3'“
`
`5
`
`0
`H
`
`A
`
`-D
`I
`
`A
`
`0
`2
`
`T
`x
`
`I
`c
`
`D
`3
`
`D
`4
`
`F
`I
`
`-F
`5
`
`’“--I2-2
`
`55E
`
`5
`o
`H
`
`A
`D
`I
`
`A
`D
`2
`
`5
`«I
`x
`
`5
`I
`I:
`
`A
`D
`3
`
`A
`D
`A
`
`V
`F
`I
`
`II
`F
`
`
`
`RECEIVING
`SELECTIVE ENCRYPTIUNI
`AUTHENTICATION nEIIIcE
`
`5
`0
`H
`
`A
`A
`D D_
`1
`2
`
`5
`,T
`X
`
`PLAIN
`TEXT
`
`RECEIVING DTE
`
`ADLAD2 INDICATE RECEIVING DTE
`SIC = SELECTIVE IDENTIFICATION CHARACTER = IIIIIDI
`AD3,AD4 INDICATE TRANSMITTING DTE
`I-‘Fl-I.-'F8=\I'ARIABLE FILL CHARACTERS
`
`SEE =START ENCRYPT FIELD
`
`-
`
`EEF= END ENCRYPT FIELD
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 11 (If 15
`
`4,172,213
`
`TRANSMITTING
`
`-—vFIA/2
`
`5
`
`0
`H
`
`A
`
`D
`I
`
`A
`
`D
`2
`
`5
`
`T
`II
`
`IEII”
`
`5
`
`E
`F
`
`IEII“
`
`E
`
`E
`F
`
`IEIII“
`
`E
`
`T
`x
`
`5
`
`0
`no
`
`TRANSMITTING
`SELECTIVE ENCRYPTIONI
`AUTHENTICATION DEVICE
`
`
`
`
`5
`
`5
`
`A
`
`A
`
`II
`
`II
`
`IDENTIFICATION FIELD (IF)
`
`5
`
`E
`F
`
`5
`E
`F
`
`5
`E
`F
`
`I}'EI’,IfTER
`
`PLAIN
`TEXT
`
`E
`
`E
`F
`
`E
`E
`F
`
`E
`E
`F
`
`E
`
`T
`I
`
`B
`
`G
`I3.
`
`E
`T
`x
`
`B
`5
`{)2
`
`PLAIN
`TEXT
`
`E
`T
`X
`
`5
`3
`03
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00753
`
`Page 12
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 12
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 12 of 15
`
`4,172,213
`
`RRTR FROM DCE
`
`DRTR
`INFUT
`REGISTER
`
`.
`
`I4-2
`
`J___
`I
`FOUR
`——fi
`CHARACTER
`
`I
`l—I
`
`-——_____
`
`I
`F I I
`I
`STRII$g|NG
`IF VERAEISIRTION
`l
`I
`I —~— __u
`I STRIFPING
`I
`TI
`I
`I
`LOADING
`I __ _I
`OF VARIABLE
`FILL
`I
`I I I I I |_
`
`1*‘
`
`DATA FROM
`ALGORITHM
`
`DATATO
`- RLRRRRRII
`ICIPHER FEEDBACK
`REGISTER)
`
`s E
`
`L
`E
`C
`T
`
`
`
`EXCLUSIVE
`OR AND
`TRANSFORMATION
`
`PAFIITI’
`CHECK
`
`KMEMURY
`STORAGE
`
`CHARACTER
`I-IRTRIX
`
`PARITY
`GENERATION
`
`I4‘4
`
`
`DATA TO DIE
`
`Fg./4
`I
`
`Page 13
`
`Apple v. PMC
`|PR2016-00753
`
`PMC Exhibit 2096
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 13
`
`
`
`
`
`IIIIIII
`
`PLAIN —
`TEXT
`
`
`
`xoa
`N
`
`TRANSFORMATION
`
`I5-I2
`
`AF
`
`RECEIVE
`
`'
`
`GENERATOR I COMPARATOR
`
`INTERCHANGE
`STATUS
`
`OUTPUT
`
`|5"TU
`
`PMC Exhibit 2096
`
`Apple v. PMC
`IPR2016-00753
`
`Page 14
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 13 of 15
`
`4,172,213
`
`ONE BYTE SHIFT
`PER BYTE
`
`i5_2
`
`3 BITS
`/*—-""—\
`
`mmmmml
`
`0
`
`F _ — _ ES_A@Rl_THN ______ W“
`I
`.
`
`BTHANSFERS/BYTE
`
`—
`
`J IIIIIIII
`1
`®
`35%"
`BYTE
`l
`:
`®
`'
`} IIIIIIII 9
`
`ENCRYPT MODE
`
`'
`
`-—
`I
`E
`® _
`—
`
`53
`9 VARIABLE
`
`|5-6
`
`Ir’
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 14
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 14 of 15
`
`4,172,213
`
`_
`
`TRANSMITTING
`
`
`
`
`AAAEB
`SSAAV vmm
`SA3
`FFFFTC
`OD--TIDDF-F
`HI2
`xca-'41
`ESTEXTIEBAXCI
`
`W 1
`
`5-2“:
`
`M
`
`BAA ssaavv
`AAAAEB
`ODD~T|DDF
`F%:-QITIIFFFFTC
`HI2 xcsans
`I234XCg
`
`RECEIVING
`
`
`
`SELECTIVE ENCRYPTIONI
`AUTHENTICATION DEVICE
`
`sans
`
`ODD---T
`
`HIZX
`
`EB
`
`TC
`
`xc5
`
`1640
`
`RECEIVING DTE
`
`F1916
`
`ADLAD2 INDICATE RECEIVING DTE
`SIC = SELECTIVE IDENTIFICATION CHARACTER = IIIIIOI
`AD3,AOA INDICATE TRANSMITTING DTE
`[3 =OPTIONAL CHARACTER THAT INDICATES THE STATE OF AUTHENTICITY OF THE MESSAGE
`VF|~VF8 = VARIABLE FILL CHARACTERS
`
`Page 15
`
`Apple v. PMC
`|PR2016-00753
`
`PMC Exhibit 2096
`
` TRANSMITTING
`
`SELECTIVE ENCRYPTIONZ
`AUTHENTICATION DEVICE
`
`IDENTIFICATION FIELD IIFI
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 15
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 15 0fIS
`
`4,172,213
`
`TRAN%I#IgT|NG
`
`F, _/7
`
`s
`
`ALAIN
`E
`FEX
`
`E
`
`PLAIN
`E
`FTE”,xco
`
`
`
`
`3
`
`A
`
`A
`
`PLI)’I(ITIII
`MD _T
`H|2
`xTF
`Ir
`TRANSMITTING
`
`‘UN’
`
`IDENTIFICATION FIELD IIFI
`
`OPTWL
`
`AUTHENTICATDR FIELD IAF)
`
`5*” _55‘""”
`000
`TIDDF
`HI2 X034!
`
`“A53
`SCIPHEREPLAIN
`VPLAIN
`FTEXTETEXT ETEXTFFFFTC
`3
`F
`F
`l234XC|
`
`DCE
`
`5”
`onn
`H
`I
`2
`
`
`
`RECEIVING
`SELECTIVE ENCRYPTIONI
`AUTHENTICATION
`DEVICE
`
`PLAIN “HEB
`F
`CIFHER
`5
`ETEXTETEXTFFFFTC
`F
`F
`I
`2
`3
`4
`x
`{)2
`
`5
`0
`H
`
`A
`D
`I
`
`"‘_ ,3
`D
`I
`2
`x
`
`PLAIN
`TE
`
`XT
`
`PLAIN
`TEXT
`
`3
`E
`F
`
`PLAIN
`TEXT
`
`F
`E
`F
`
`B
`F
`0
`T
`x C3
`
`RECEIVING DTE
`
`ADLAD2 INDICATE RECEIVING DTE
`SIC = SELECTIVE IDENIFICATIDN CHARACTER = IIIIIDI
`AD3,ADA INDICATE TRANSMITTING DTE
`[1 =DPT|DNAL CHARACTER THAT INDICATES THE STATE DF AUTHENTICITY OF THE MESSAGE
`NFI-‘JF8 =I.IARIABLE FILL CHARACTERS
`
`SEF = START ENCRYPT FIELD
`EEF = END ENCRYPT FIELD
`
`
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00753
`
`Page 16
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 16
`
`
`
`1
`
`4,172,213
`
`BYTE STREAM SELECI'IVE
`ENCRYP‘I'ION/DECRYPTION DEVICE
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`5
`
`Reference is hereby made to two utility applications
`entitled LINK ENCRYPTION DEVICE, Ser. No.
`4525143,
`and COMMUNICATIONS LINE ALT-
`THENTICATION DEVICE, Ser. No. 852,446, by the
`same inventors as the instant invention and filed concur-
`rently with the instant application, and to a design appli-
`cation entitled DATA ENTRY KEYBOARD, by
`Jerry Joseph Sims et 511., Ser. No. 835,840, filed Sept. 22,
`1977.
`
`BACKGROUND OF-TI-IE INVENTION
`
`The present invention relates generally to the art of
`cryptography and more specifically to hardware and
`techniques for achieving data communicating security.
`With the growing use of remote communications
`lines to transfer data between processing systems, be-
`tween terminals and remote data banks, and between
`terminals connected to the same or different computers,
`the need to safeguard the data being transferred has
`grown. In the banking industry, there is a growing need
`to prevent the fraudulent modification of “electronic
`money" in electronic funds transfer. Similar needs exist
`in business to prevent the disclosure of sensitive data. In
`the government sector, present and/or future privacy
`acts place restrictions on the ability to access sensitive
`information. This need to safeguard sensitive informa-
`tion is likely to grow as future privacy legislation will
`most probably impose data communications security
`requirements on the private sector.
`_
`Previous efforts to safeguard data communications
`have been made,
`for example.
`in U.S. Pat. No.
`3,798,605, issued Mar. 19, 1974, which pertains to a
`rnulti-tenninal data processing system having means
`and process for verifying the identiy of subscribers to
`the system. Validity of a terminal request for communi-
`cations with the data processing system are determined
`on the basis of a centralized verification system. Each
`subscriber to the system is identified by a unique key
`binary signal pattern. The central data processing unit
`contains a listing of all valid keys for subscribers to the
`system. Two embodiments of the centralized verifica-
`tion system are presented, a password system and a
`handshaking system. In the password system, all data or
`information originating at the terminal under use of the
`subscriber is enciphered in combination with the unique
`subscriber key. Upon proper deciphering of the key or
`password at the central processing unit and arriving at
`a match with one of the keys in the processor’s listing,
`the subscriber may communicate with the processing
`system. In the handshaking system embodiment the user
`and the central processor exchange a plurality of mes-
`sages each formed by a combination of new and prior
`received data. Received data messages are also main-
`tained within the registers at both the terminal and the
`central processor for further verification upon the re-
`turn of the portion of the message that was previously
`transmitted. The techniques described in the latter pa-
`tent have several drawbacks. First, the techniques are
`restricted to communications between a central proces-
`sor and terminals attached to the central processor. No
`provision is available for communications between ter-
`minals or for transmitting a message received by, but
`
`20
`
`25
`
`35
`
`45
`
`50
`
`55
`
`65
`
`2
`not intended for, a first terminal to a second terminal
`which is intended to receive the message. Second, the
`system enciphers all data and hence is not capable of
`selective encryption. Third, communications must be
`initiated by the terminal, and may not be initiated by the
`central processor. Fourth, the system is not designed for
`insertion in previously existing communications sys-
`tems.
`
`Another cryptographic technique to achieve data
`security is presented in U.S. Pat. No. 3,798,360, issued
`Mar. 19, 1974, which system provides multiple level
`encipherment of a block of data by means of a stepped
`block cipher process. This system suffers from the same
`drawbacks as previously discussed for U.S. Pat. No.
`3,798,605. Further, this system is restricted to operation
`on blocks of data and is not capable ofbit-by-bit encryp-
`tion.
`
`OBJECTS OF THE INVENTION
`
`It is the general object of this invention to provide a
`cryptographic system to provide communications secu-
`rity for communications links in point-to-point or multi-
`point networks without changes to existing hardware or
`software configurations.
`It is another object of this invention to provide link
`encryption on a byte-by-byte basis in common carrier or
`direct connect circuit environments.
`It is a further object of this invention to provide a
`cryptographic system, for insertion between a data set
`and a terminal or central processing unit, which enci-
`phers and deciphers binary data on a byte-by-byte basis.
`It is a further object of this invention to provide a
`self-contained cryptographic system, for insertion be-
`tween a data set and a terminal or central processing
`unit, which enciphers and deciphers data on a byte-by-
`byte basis without modifying control commands and
`communications protocols.
`It is another object of this invention to provide a
`cryptographic system, for insertion in communications
`links, which can selectively encrypt binary data.
`It is still another object of the present invention to
`provide a system which maintains message secrecy as a
`message is transmitted from a first terminal or processor
`until the message reaches its ultimate destination point
`after passing through terminals or processors for which
`the message is not intended.
`It is a further object of the present invention to pro-
`vide a system to maintain privacy between selected
`terminals in a data communications network having a
`plurality of terminals.
`It is another object of the present invention to pro-
`vide a cryptographic system which enciphers binary
`data into an enciphered data that is not susceptible to
`successful cryptoanalysis.
`It is still another object of the prent invention to
`provide a cryptographic system that enciphers and
`deciphers data and which is dependent on a key stored
`in the cryptographic system and data previously re-
`ceived by the cryptographic system.
`These and other objects, features and advantages of
`the present invention will become apparent from the
`description of the preferred embodiments of the inven-
`tion when read in conjunction with the drawings con-
`tained herewith.
`
`
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00753
`
`Page 17
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 17
`
`
`
`3
`
`4,172,213
`
`10
`
`25
`
`35
`
`SUMMARY OF THE INVENTION
`
`The foregoing objects of the present invention are
`achieved by providing an apparatus for insertion in an
`existing communications line for providing message
`secrecy within a significant portion of existing commu-
`nications lines.
`
`The apparatus has both encryption and decryption
`capabilities and can function in a full duplex environ-
`ment to encipher and transmit data received from a first
`direction. and decipher and transmit data received from
`a second direction. Data received from the first direc-
`tion is enciphered by combining the data received with
`the output of an algorithm, the algorithm output being
`dependent on the data previously enciphered and a
`unique key entered in the apparatus by the user. As data
`is received from the first direction, it is combined with
`the output of the algorithm and the resulting enciphered
`data is transmitted back onto the communications line in
`the first direction and fed back to a cipher feedback
`register which provides input data to the algorithm for
`use in enciphering data subsequently received by the
`apparatus.
`Data received from the second direction is deci-
`phered using equivalent elements and the same algo-
`rithm as used for enciphering, the basic difference in the
`operation of the apparatus being the point from which
`data fed back to a cipher feedback register is taken.
`The apparatus operates on a byte-by-byte basis and is
`sensitive to control character sequences. In response to
`the receipt of specified control characters, the apparatus
`has provisions for selectively encrypting or decrypting
`data received, and provisions for transmitting the data
`received from the first direction without enciphering it.
`In an alternate embodiment, the apparatus contains
`provisions for storing a plurality of unique keys, each
`key having associated with it a unique address. When
`the apparatus receives a message from its second direc-
`tion it uses the address contained in the message to load
`the key, corresponding to the address received. into its
`algorithm. The apparatus then deciphers the data re-
`ceived based on the key that was loaded into its algo-
`rithm. If the address contained in the message is not one
`of the ones stored in the apparatus, the apparatus will
`transmit the message received without alteration, as it
`was not intended for that apparatus.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a block diagram of the data encryption
`standard used in the preferred embodiment of this in-
`vention.
`FIG. 2 is a functional diagram of the cryptographic
`technique utilized in the selective encryption/authenth
`cation device.
`FIG. 3 is a functional diagram showing the transmit-
`ter cipher feedback register run as a shift code counter.
`FIG. 4 illustrates typical point-to~point and multi-
`point networks utilizing the SE/AD in link encryption
`mode.
`FIG. 5 shows a typical end-to-end mode communica-
`tion network configuration with multiple nodes and a
`variety of links containing a mixture of terminals and
`processors.
`FIG. 6 is a functional block diagram of an SE/‘AD in
`the link encryption mode of operation.
`FIG. 7 illustrates the SE/AD as a bit-stream encryp-
`tion/decryption device operating in the link encryption
`mode.
`
`4-
`FIG. 8 illustrates the modem delay compensation
`circuitry utilized in both the transmit and receive opera-
`tions.
`FIG. 9 is a functional block diagram of the SE/AD in
`the end-to-end selective encryption mode of operation.
`FIG. ll] illustrates the translation performed on con-
`trol characters.
`FIG. 11 is a functional block diagram of the SE/AD
`as a byte stream encryption/decryption device operat-
`ing in any end-to-end mode.
`FIG. 12 shows the message flow in a communication
`network that utilizes the SE/AD in the end-to-end
`selective encryption mode.
`FIG. 13 is a simplified block diagram of the transmit
`processing operation.
`FIG. 14 is a simplified block diagram of the receive
`processing operation.
`FIG. 15 illustrates the SE/AD utilized as just an
`authentication device which serves as both a transmitter
`and a receiver.
`FIG. 16 shows the message flow in a communication
`network that utilizes end-to-end authentication mode
`devices.
`FIG. 1'.-' shows the message flow in a communication
`network which combines the selective encryption mes-
`sage flow and the authentication message flow into a
`system containing both modes of operation.
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENT
`
`Throughout this description and in the accompany-
`ing drawings, the following terms and expressions will
`be utilized in accordance with the following definitions:
`
`Algorithm: A prescribed set of well-defined rules or
`processes for the solution of a problem in a finite num-
`ber of steps.
`Authentication: The process of appending crypto
`check digits to a plain text message by means of a
`Crypto System where the Crypto check digits are gen-
`etatecl by Encryption of the entire plain text message.
`Cipher Feedback: A technique in which the key gen-
`erated is a function of the preceding cipher.
`_
`Cipher Text: The unintelligible form of information
`resulting from Encryption of plain text by a Cryptosys-
`tem.
`
`Cryptographic System (Cryptcsystem): The associ-
`ated items of documents, devices, or equipment that are
`used as a unit, and provide a single means of encryption.
`(The term “Encryption” used in this specification im-
`plies the capability of the inverse function, i.e., “De-
`cryption".)
`Crypto Unit: That portion of a Cryptosystem where
`the actual Encryption and Decryption takes place.
`Decryption (Decipherment): The process of convert-
`ing encrypted text
`into its equivalent plain text by
`means of a Cryptosystem.
`Encryption (Encipherment): The process of convert-
`ing plain text into unintelligible fcnn by means of a
`Cryptosystem.
`End-To-End Selective Encryption/Authentication:
`Encryption of authentication in point-to-point multi-
`point networks to provide protection of data on the data
`communication line and within interspersed message
`switches or concentrators.
`Garble: Unintelligible information caused by a modi-
`fication to a cipher bit(s).
`
`45
`
`50
`
`55
`
`65
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00753
`
`Page 18
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 18
`
`
`
`5
`Key: Bits generated by a crypto unit under control of
`the key variable which are logically combined with
`plain text to form unintelligible information i.e., cipher
`text, or inversely, logically combined with cipher text
`to produce the original plain text.
`Key Variable: A symbol, or sequence of symbols (or
`electrical or mechanical correlates to symbols) which
`control the operations of encryption and decryption
`(e.g., a finite length bit pattern).
`Link Encryption: Encryption in point-to-point or
`multipoint networks to provide protection of data on
`the data communications line.
`
`Message Integrity: A message in which the data is
`received at the proper destination exactly as sent by the
`originator, i.e., without any changes or tampering.
`Message Secrecy: A message in which the data is
`incomprehensible to any viewer or listener from the
`time it leaves the source until it arrives at the proper
`destination.
`Plain Text: Intelligible text or signals which have
`meaning and which can be read or acted upon without
`the application of any decryption.
`Selective Encryption: The process of converting
`portions of plain text which are delineated by selected
`character(s) into unintelligible form by means of a
`Cryptosystern.
`Variable Fill: A random bit pattern provided as the
`input to the algorithms of both transmit and receive
`crypto units during initialization.
`Data Encryption Standard: The Data Encryption
`Standard (DES) is an algorithm released by the Na-
`tional Bureau of Standards in the Federal information
`Processing Standards Publication (FIPS Pub) 46-Jan.
`15, 1977, and is intended for use as an industry standard.
`It was designed for 64-bit block data operation. The key
`variable is 56 bits in length and -is loaded into the algo-
`rithm before the encryption!decryption process is initi-
`ated. In the encrypt mode the algorithm produces 64
`bits of cipher text for each 64 bits of input plain text.
`Conversely, in the decrypt mode if these 64 bits of ci-
`pher text are provided as the input, the algorithm will
`produce the original 64 bits of input plain text. The Data
`Encryption Standard is incorporated by reference in
`this specification. Additional description of the Data
`Encryption Standard is also presented in U.S. Pat. Nos.
`3,796,830 and 3,798,359. issued Mar. 12, 1914 and Mar.
`19, 1974. respectively.
`
`FIG. 1 is a block diagram of the data encryption
`standard. As shown, the implementation of the data
`input and data output is provided in 8-bit bytes. The key
`input is entered in 8-bit bytes: 7 bits plus parity. Parity is
`not stored in the key storage register.
`Twenty-four clock periods are required to load the
`data input. Data output is simultaneously available dur-
`ing this period. Sixteen iterations of the algorithm at
`two clock periods per iteration, require an additional 32
`clock periods, giving a total of 56 clock periods needed
`for a complete algorithm load and run cycle. At the
`system clock of 1.2238 MHz. the algorithm is cycled in
`4-5.6;; seconds.
`FIG. 2 is a functional diagram of the cryptographic
`technique utilized in the Selective Encryption/Anthem
`tication Device (SE./AD}. Operation of the algorithm
`unit (DES) 2-2 is described, supra. and is shown only to
`indicate the required interconnections. In this discus-
`sion, the algorithm is only operated in the encrypt mode
`and is being utilized as a key generator. This technique
`
`15
`
`20
`
`25
`
`35
`
`45
`
`50
`
`55
`
`65
`
`4,172,213
`
`6
`operates on the principle that “plain text" exclusive-
`0Red with "key" produces cipher, and conversely that
`“cipher” exclusive—0Red with ‘‘key’' produces the orig-
`inal plain text.
`The algorithm was designed to operate on 64-bit
`blocks of input data; however, it can be operated (i.e.,
`cycled through the required 16 iterations) on any num-
`ber of input bits up to this maximum of 64 bits. As
`shown in FIG. 2. the algorithm 2-2 is being cycled once
`for each data input bit. Each time a data input bit is
`transferred into the 64-bit input register 2-4, the entire
`contents of this register 2-2 are transferred into the
`algorithm 2-2. Although 64 key bits are produced each
`cycle and are available at the output. only a single key
`bit is utilized and the other 63 key bits are ignored. Also
`shown in FIG. 2 within the dotted lines is an 8-bit out-
`
`put register 2-6. If the input to the algorithm is provided
`as a single character, or B-bit byte, and then cycled, and
`8-bit byte of key bits can be provided as the output. It is
`important to note that with a fixed key variable. for a
`given pattern of 64 algorithm input hits. a given pattern
`of 64 output, or key bits is always generated.
`Shown at the top of FIG. 2 is a 64-bit shift register
`called the cipher feedback register 2-4. In the transmit
`mode as each input plain text bit is exclusive-0Red with
`a ltey bit by exclusive-OR 2-8, the resultant cipher bit is
`sent as the output bit and simultaneously entered into
`the cipher feedback register 24. Thus the input to the
`algorithm unit 2-2 which produces key bits is the last 64
`bits of the output cipher bit stream.
`In the receive mode, the system operates in a similar
`manner. In this instance the input to the unit is the same
`cipher bit stream produced at the transmitter output.
`Since this information must be decrypted, the cipher bit
`stream is entered directly into the cipher feedback regis-
`ter 2-4 as shown. Hence, the input to the algorithm 2-2
`is the last 64 input cipher bits. By performing the in-
`verse operation of exclusive-Olting the cipher bits with
`the identical key bits as were generated in the transmit-
`ter, the original plain text is provided as the receiver
`output.
`In order for the encryption/decryption process to
`proceed without error, or garble, the bit patterns in the
`cipher feedback registers 2-4 of both transmitter and
`receiver must be identical when generating the key bit
`to
`
`produce the cipher bit from the incoming plain text
`bit in the transmitter, and
`to produce the original plain text bit from the incom-
`ing cipher text in the receiver.
`The method of ensuring that the transmitter and re-
`ceiver are in synchronization is to randomly preset the
`cipher feedback register 2-4 in the transmitter to some
`bit pattern and precede the output cipher text message
`with these 64 preset bits. The receiver would place the
`first 64 bits received into its cipher feedback register 2-4
`as the initial preset before running the algorithm to
`produce the same key bits which are then processed
`with the incoming data. This initialization technique is
`called variable fill.
`Variable fill refers to the bit pattern, or fill, to which
`both the transmitter and receiver cipher feedback regis-
`ters 2-4 are set before processing input plain text in the
`transmitter and cipher text in the receiver.
`When not in the transmit mode, the transmitter cipher
`feedback register 2-4 is run as a 49-bit shift code counter
`driven by the recursion X3 =X41€BX55 shown in‘ FIG. 3.
`The preset to the shift code counter is the cipher residue
`
`
`
`PMC Exhibit 2096
`
`Apple v. PMC
`IPRZO16-00753
`
`Page 19
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00753
`Page 19
`
`
`
`4,172,213
`
`7
`remaining from the last transmission. This assures that
`the preset to the counter is also random in nature.
`Whenever a variable fill is required, the transmitter
`cipher feedback register 24 is returned to its normal
`operation: the shift code counting is inhibited; the algo-
`rithm unit 2-2 is re-enabled; and the register 2-4 is oper-
`ated at the selected input data rate. The input plain text
`data line is held in the mark condition and is exclusive-
`ORed with the key bits which are being generated as a
`result of the random bit pattern contained in the cipher
`storage register 2-4. A space is placed on the output data
`line and the operation proceeds as described, supra. for
`a predetermined number of bit times, i.e., cipher text is
`generated and sent as a variable full as the transmitter
`output and simultaneously fed back as the input to the
`cipher feedback register 2-4. After the selected number
`of bits have been transmitted, the remainder of the bit
`positions in the cipher feedback register 2-4 are reset to
`zero, and the unit starts to process incoming plain text
`data as described previously.
`Operation of the receive unit is triggered by the de-
`tection of a mark-to-space transition. Following this
`transition, the incoming data is processed as described
`previously. However, the output data is inhibited. The
`incoming variable fill is entered into the cipher feedback
`register 2-4 for the predetermined number of bits and
`when completed, the remainder of the cipher feedback
`register 2-4 is reset to zero.
`At this point, the receiver cipher feedback register
`2-4 contains the identical bit pattern as that contained in
`the transmitter cipher feedback register 2-4 when it
`started to process the incoming plain text data. Hence
`the receiver will at this point in time beg