`Barnes et al.
`
`[11]
`
`[45]
`
`4,172,213
`Oct. 23, 1979
`
`[75]
`
`[54] BYTE STREAM SELECITVE
`ENCRYPTION/DECRYPTION DEVICE
`Inventors: Vera L. Barnes, Wayne; Thomas J.
`Dodds, Jr., Drexel Hill; Harold F.
`Gibson, Downingtown; Carl M.
`Campbell, Jr., Newtown Square, all
`ofPa.
`[73] Assignee: Burroughs Corporation, Detroit,
`Mich.
`[21] Appl. No.: 852,444
`[22] Filed:
`Nov. 17, 1977
`Int. C1.2 ............................................... H04L 9/00
`[51]
`[52] U.S. CI •............................. 178/22; 340/146.1 AL
`[58] Field of Search ................. 178/22; 340/146.1 AL
`References Cited
`U.S. PATENT DOCUMENTS
`Rocher et al. ......................... 178/22
`4/1972
`Ehrat ................ ...................... 178/22
`6/1973
`Feistel .................................. 364/200
`3/1974
`Ehrsam et al. ......................... 178/22
`6/1976
`Zetterberg et a!. .................... 178/22
`10/1976
`
`[56]
`
`3,657,699
`3,740,475
`3,798,605
`3,962,539
`3,984,668
`
`Primary Examiner-S. C. Buczinski
`Attorney, Agent, or Firm-Mark T. Starr
`ABSTRACf
`[57]
`An apparatus for insertion in a communications line for
`providing message secrecy within a significant portion
`of existing communications networks. At the transmit(cid:173)
`ter end, the apparatus receives messages from the com(cid:173)
`munications line, enciphers them and retransmits them
`onto the communications line. At the receiver end, the
`apparatus receives messages from the communications
`line, deciphers them and retransmits them onto the
`communications line. The apparatus contains both a
`transmitter and receiver and is capable of full duplex
`operation in a bidirectional communications line. Ac(cid:173)
`cording to the invention, data is enciphered by combin(cid:173)
`ing the data received with the output of an algorithm,
`the algorithm output being dependent on the data previ(cid:173)
`ously enciphered and a unique key entered by the user.
`As data is received it is combined with the output of the
`algorithm, transmitted and using cipher feedback tech(cid:173)
`niques fed back as an input to the algorithm to be used
`to encipher subsequently received data. Data is deci(cid:173)
`phered using equivalent elements as used for encipher(cid:173)
`ing, the basic difference in the apparatus operation
`being the point from which data fed back into the algo(cid:173)
`rithm is taken. The apparatus operates on a byte-by-byte
`basis, and contains provisions for responding to control
`characters and ignoring messages intended for a differ(cid:173)
`ent apparatus.
`
`49 Claims, 17 Drawing Figures
`
`OTHER PUBLICATIONS
`C. M. Campbell, Jr.; Conf. on Computer Security and
`the Data Encryption Standard; NBS (Preprint of Pa(cid:173)
`pers); Feb. 15, 1977.
`B. Morgan; Conf. on Computer Security and the Data
`Encryption Standard; NBS (Preprint of Papers); Feb.
`15, 1977.
`
`DATA
`IN
`
`DATA
`OUT
`
`KEY
`IN
`
`I
`! _________ - .
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 1
`
`
`
`U.S. Patent Oct. 23, 1979
`
`Sheet 1 of 15
`
`4,172,213
`
`DATA
`IN
`
`DATA
`OUT
`
`KEY
`IN
`
`8 X 8 BIT
`INPUT & OUTPUT
`SERIES/PARALLEL
`PERMUTE AUTOMATICALLY
`UP)
`,.-------'1f----""t 1-2
`
`. . - - - - - - - - '
`~----~--~----~
`
`-----,
`I
`I
`I
`I
`{48-EXCLUSIVE OR'S) I
`I
`I
`I
`I
`I
`I
`____________________ t8-6~~ROM~--~
`
`PERMUTE {P)
`
`Fiq.l
`
`{32-EXCLUSIVE OR'S)
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 2
`
`
`
`Fiq.2
`
`CONTROL
`
`DES
`ALGORITHM
`(ENCRYPT MODE)
`
`KEY
`YARIABLE
`INPUT
`
`TRANSMIT
`
`RECEIVE
`
`rL- L-I._:t:- .l'_L....Y....,...Y..,
`2-6 ---t
`
`OUTPUT
`REGISTER
`
`INPUT---~>--~------------~
`
`2-8
`
`,---
`-,--1
`
`1 CONTROL T--2-12
`
`I
`I
`I
`I
`
`PLAINTEXT
`- - - - - - - - - - -
`
`u
`- - - - - - - - - -o 2-10
`
`~oUTPUT
`
`~ en .
`
`t-0
`~
`
`(!) s
`0 (")
`!"""
`N
`
`~w -\0
`
`......:1
`\0
`
`t:l)
`::r
`('1)
`('1)
`......
`N
`0
`~ ......
`Ul
`
`~
`"' ,.......
`-.....)
`"'N
`N
`~ w
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 3
`
`
`
`I CPU H EN~mzJoN H DATASET I·
`
`,
`
`POINT-TO-POINT CONFIGURATION
`
`DATASET
`
`ENCRYPTION
`DEVICE
`
`TERMINAL
`
`CPU
`
`ENCRYPTION
`DEVICE
`
`DATASET ~ ~ DATASET
`I
`L__
`
`ENCRYPTION
`DEVICE
`
`TERMINAL
`
`C! . en .
`
`~
`~
`(1)
`::s
`
`f""'t"
`
`Fiq4
`
`ENCRYPTION
`DEVICE
`
`MULTIPOINT CONFIGURATION
`
`/, :(
`
`,\
`CIPHER FEEDBACK REGISTER
`
`Ollj2j3j415J6j7
`
`I
`8
`
`Fiq.3
`
`~-2
`
`I
`
`I
`41
`
`lr_
`
`56
`
`I
`63
`
`0
`(")
`!"'""
`N
`
`~w -\CI
`
`-.1
`\CI
`
`Vl
`::r
`('!)
`~
`w
`0
`
`~ -VI
`
`+;:..
`'" ~
`.......:&
`N
`'N
`~ w
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 4
`
`
`
`I TERMINAL H SEIAD H DATASET ~
`
`~
`en .
`
`MESSAGE
`SWITCH
`B6700
`
`~ DATASET ~
`
`"[ TERMINAL I
`
`~
`~
`("D a
`0 p.
`
`N
`
`~w -\0
`
`-.1
`\0
`
`SEIAD- SELECTIVE ENCRYPTION/AUTHENTICATION DEVICE
`
`C.fl
`:::1"'
`0
`0 .......
`*"" 0
`'"""'"~ -Ul
`
`~
`"' ~
`..........
`N
`'N
`~ w
`
`_Fjg.5
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 5
`
`
`
`INPUT
`TO/FROM .__, RS-232-C
`TERMINAL
`INTERFACE
`
`6-22
`
`I
`
`I
`
`TRANSMIT
`STORAGE
`REGISTER
`ll BIT)
`
`RECEIVE
`STORAGE
`REGISTER
`UBITI
`
`6-20
`
`Fiq.6
`
`------,
`
`6-10---1
`
`I
`
`I
`HEXADECIMAL
`KEYLOADING
`I
`DEVICE
`I
`____ _j
`
`TRANSMIT INPUT
`CONTROL AND
`CIPHER FEEDBACK
`REGISTER
`
`I I
`
`6-2
`
`6-4
`
`RECEIVE INPUT
`CONTROL AND
`CIPHER FEEDBACK
`REGISTER
`
`1
`ALGORITHM
`CONTROL
`
`v--6-8
`
`r 1
`
`~6-6
`
`DES
`ALGORITHM
`~
`
`I
`
`-.
`
`l
`
`"KEY BIT'
`STORAGE
`REGISTER
`
`L.o
`
`~
`
`"KEY BIT"
`I STORAGE
`I REGISTER
`
`XMIT CIPHER
`
`6-14
`
`OUTPUT
`RS-232 -C
`INTERFACE
`
`TO/FROM
`DATASET
`
`6-16
`
`RCV.
`~ CIPHER
`
`c
`.
`.
`en
`a
`~
`0
`::s
`
`~
`
`N
`~
`
`0
`0 ...
`-10
`
`-.....1
`10
`
`en
`::r
`(!)
`.....
`(!)
`Vl
`0
`>-+)
`
`-
`
`Vl
`
`~
`"'
`1--1-
`.......:1
`N
`"'
`N
`1--A
`UJ
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 6
`
`
`
`U.S. Patent Oct. 23, 1979
`
`Sheet 6 of 15
`
`4,172,213
`
`ONE BIT SHIFT
`PER BIT
`
`1- --DES ALGORITHM-------~
`i 8 TRANSFERS/BIT
`·--~~~
`I
`II
`
`ACTIVATE
`ONCE PER
`BIT
`
`I
`
`I
`I
`I
`
`:
`I
`I
`I
`I
`I
`I
`I
`I
`
`LH
`
`!
`I ______________ j
`
`I I I I I I I
`
`TRANSMIT
`
`RECEIVE
`
`KEY BIT
`
`IN
`
`OUT
`
`7-32
`
`Fiq.7
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 7
`
`
`
`---.PLAIN
`HOST
`DATA
`
`CIPHER/PLAIN
`rl TEXT CONTROL
`
`CIPHER
`
`FROMDES ~~
`ALGORITHM --+---L/
`
`MODEM 1-z._
`
`TERMINAL
`RTS
`
`RTS
`CONTROL
`
`•
`
`16 ONES
`COUNTER
`
`TRANSMITTER
`
`CIPHER
`,-------
`
`I
`I
`I
`I
`I
`I
`I
`I r - - - - - -
`
`1
`
`I FROM DES
`I ALGORITHM_J_____
`I
`I
`I
`I
`I
`I
`I
`I
`
`32 ONES
`COUNTER
`
`RECEIVER
`
`Fiq.B
`
`~ CIPHER/PLAIN I PLAIN
`
`, DATA
`
`TEXT CONTROL
`l
`
`...
`
`~
`
`CARRIER
`DETECT
`
`I
`
`16 ONES
`COUNTER
`
`~
`
`HOST
`
`I
`
`~
`
`~ en .
`;f
`G
`:::s
`"'""
`0
`(") r
`N w
`.......
`\0
`.....:J
`\0
`
`Cl:l
`:::T
`('1)
`~
`.....:J
`
`0 ....., -Ul
`
`~ ,..
`
`~
`.......:)
`N
`'N
`~
`V.l
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 8
`
`
`
`9-42
`I
`
`RS-232-C
`INTERFACE
`
`14-----
`
`.
`
`DTE
`
`1+--i
`
`TRANSMIT
`PROCESSING
`
`9-2/
`
`1---
`
`I
`
`_...,
`I+-- RS-232-C 14----
`INTERFACE
`
`DCE
`
`c .
`Cl.l .
`~
`~
`~
`:::::s
`f"'1"
`
`CHARACTER ~
`MATRIX
`RECEIVE
`PROCESSING
`
`)
`9-36
`
`.---
`
`1-9-4
`
`..--
`
`9-8
`~~
`
`1
`
`,
`
`+
`
`0
`(")
`!""'"
`N
`
`~Vol -\0
`
`.......:1
`\0
`
`I __ ___L
`
`K
`VAR
`MEM
`STO
`(OP
`
`________ f
`l
`I
`9-34-+
`I
`I
`I
`I
`I ra----
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I --~---1
`L
`
`HEXA-
`DECIMAL
`KEYLOADING
`DEVICE
`
`9{10
`
`..................... ......
`
`I
`
`9~6
`
`'-----
`
`l-....-J-
`9-38
`
`················ SEAD WITH SINGLE KEY
`-----SEAD WITH KEY STORAGE OPTION
`
`ALGORITHM
`CONTROL
`~
`DES
`ALGORITHM
`
`l
`
`"KEY BIT"
`STORAGE
`REGISTER
`
`1---
`
`____ _J
`
`Fig.9
`
`c.n
`::r
`('1)
`('1)
`......
`00
`
`0 ......, -Vt
`
`~
`"' ~
`-.....)
`.... N
`N
`p....l. w
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 9
`
`
`
`U.S. Patent Oct. 23, 1979
`
`Sheet 9 of 15
`
`4,172,213
`
`Fiq./3
`
`v-13-4
`
`PARITY
`CHECK
`
`,------
`1
`AF
`I GENERATION 1----1
`I ______ _J
`I
`I
`I
`
`INPUT DATA FROM DTE
`
`l
`
`DATA
`INPUT
`REGISTER
`
`v-13-2
`
`__..
`
`KEY MEMORY
`STORAGE
`
`CHARACTER
`STORAGE
`DELAY
`
`!----'13-10
`
`I
`
`SELECT
`
`13-8
`
`~
`
`EXCLUSIVE-OR
`AND
`TRANSFORMATION
`
`DATA FROM ALGOR ITHM
`
`IF
`GENERATION
`
`I
`
`CHARACTER
`MATRIX
`)
`13-10
`
`-------
`AUTHENTICATION
`DEVICE
`
`DATA TO ALGORITHM
`CONTR
`OUCIPHER
`FEEDS ACK REGISTER)
`
`_..
`
`PARITY
`GENERATION
`
`v13-6
`
`II'
`
`I
`
`SELECT
`
`lr +
`
`~
`OUTPUT
`CHARACTER
`BUFFER
`~
`OUTPUT DATA TO DCE
`
`I
`I
`I
`
`"KEY BITS" (6 H)
`II
`00
`01
`10
`00 "'oO' "'-o 1
`10
`II
`10
`01 oi',Oo'-JI
`INPUT
`BITS
`(6 & 7) 10
`10
`11'"'o1J"' 01
`', "'-
`II
`10
`01 "'00"'-J
`II
`EXCLUSIVE -OR"-~
`(A)
`
`I
`
`1
`
`INPUT
`BITS
`(6&7)
`
`00
`01
`10
`II
`
`"KEY BITS" (6&7)
`01
`10
`II
`00
`00
`00
`00 00-CONTROL CHARACTER
`II
`01
`01
`II
`10
`10
`10
`01
`II
`OUTPUT
`(8)
`
`I]
`Ol
`NON-CONTROL
`CHARACTER
`II
`
`/--iq./0
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 10
`
`
`
`U.S. Patent Oct. 23, 1979
`
`Sheet 10 of 15
`
`4,172,213
`
`1-38
`
`IN
`
`TRANSMIT
`
`RECEIVE
`
`KEY BITS
`
`r------------L----1/ 11-32
`XOR AND
`TRANSFORMATION
`
`Fiq./1
`
`11-12
`
`~ I
`
`I
`
`11-10
`
`PLAIN TEXT
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 11
`
`
`
`U.S. Patent Oct. 23, 1979
`
`Sheet 11 of 15
`
`4,172,213
`
`TRANSMITTING
`DTE
`+
`s PLAIN
`s A A
`0 D D • • • T
`TEXT
`X
`H I 2
`
`Fiq./2
`
`s PLAIN
`E
`TEXT
`F
`
`E
`E
`F
`
`PLAIN
`TEXT
`
`E B
`T c
`X co
`
`12-4
`
`TRANSMITTING
`SELECTIVE ENCRYPTION/
`AUTHENTICATION DEVICE
`
`IDENTIFICATION FIELD (If)
`
`s
`E
`E CIPHER E PLAIN
`TEXT
`TEXT
`F
`F
`
`E B
`T c
`X Cl
`
`s CIPHER
`E
`TEXT
`F
`
`E
`E
`F
`
`PLAIN
`TEXT
`
`E B
`T c
`X C2
`
`s PLAIN
`E
`TEXT
`F
`
`E
`E
`F
`
`PLAIN
`TEXT
`
`E B
`T c
`X C3
`
`s A A
`s s A A V
`v PLAIN
`0 ·D D • • • T
`I D D F • • • F
`TEXT
`X c 3 4
`I
`8
`H I 2
`
`ctJ
`c$S12-2
`
`E
`
`PLAIN
`TEXT
`
`s s A A V
`s A A
`v
`I D D F • • • F
`0 D D • • • T
`X c 3 4
`H I 2
`I
`8
`~
`RECEIVING
`SELECTIVE ENCRYPTION/
`AUTHENTICATION DEVICE
`t
`s PLAIN
`s A A
`0 D D • • • T
`TEXT
`H I 2
`X
`t
`RECEIVING DTE
`
`ADI,AD2 INDICATE RECEIVING DTE
`SIC = SELECTIVE IDENTIFICATION CHARACTER= IIIII 01
`AD3, AD4 INDICATE TRANSMITTING DTE
`VFI-VF8 =VARIABLE FILL CHARACTERS
`SEF =START ENCRYPT FIELD
`EEF =END ENCRYPT FIELD
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 12
`
`
`
`U.S. Patent Oct. 23, 1979
`
`Sheet 12 of 15
`
`4,172,213
`
`DATA FROM DCE
`
`l
`
`DATA
`INPUT
`REGISTER
`
`~ 14-2
`
`PARITY
`CHECK
`
`..___ __ ......
`
`KEY MEMORY
`STORAGE
`
`CHARACTER
`MATRIX
`
`14-t... ----~-------+
`
`f-----.
`
`~----1
`
`1
`
`1
`
`II
`
`1
`
`FOUR
`1
`1- -AF --1
`14----------.---------.---1 CHARACTER 11
`I _ _ DEL~ _I I
`VERIFICATION
`I
`t-~
`AND
`I
`I_ STR~~ _J
`IF VERl~~ATION
`STRIPPING
`I
`I
`r---+------..
`I
`I
`I
`_I
`LOADING
`I 1--
`OF VARIABLE
`I I
`FILL
`t - - - - - - - - - -_ j I
`I
`I
`.... _I---_____ _.J.L4--- DATA FROM
`~
`ALGORITHM
`.---
`~ s
`E
`L
`E
`c
`T -
`
`EXCLUSIVE
`OR AND
`TRANSFORMATION
`
`DATA TO
`---- ALGORITHM
`{CIPHER FEEDBACK
`REGISTER)
`
`PARITY
`GENERATION
`
`-f--14-4
`
`SELECT
`
`CHARACTER
`STORAGE
`REGISTER
`
`l
`
`DATA TO DTE
`
`F/q./4
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 13
`
`
`
`U.S. Patent Oct. 23, 1979
`
`Sheet 13 of 15
`
`4,172,213
`
`~---- DESALGORITHM --------1
`
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I vls-s
`
`- ____ j
`
`8
`
`PLAIN .
`TEXT
`
`KEY
`BITS
`
`AF
`GENERATOR
`
`RECEIVE
`COMPARATOR
`
`XOR
`TRANSFORMATION
`
`INTERCHANGE
`STATUS
`
`15-8
`
`.P--____.QUTPUT
`
`_Ejg./5
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 14
`
`
`
`U.S. Patent Oct. 23, 1979
`
`Sheet 14 of 15
`
`4,172,213
`
`16-8
`
`TRANSMITTING
`DTE
`
`s A A
`s
`0 D 0 • • • T
`H I 2
`X
`
`PLAIN
`TEXT
`
`E B
`T c
`X co
`
`TRANSMITTING
`SELECTIVE ENCRYPTION/
`AUTHENTICATION DEVICE
`
`s A A
`v
`S S A A V
`0 D D • • • T
`I D D F • • • F
`H I 2
`X C 3 4
`I
`8
`
`IDENTIFICATION FIELD (If)
`AUTHENTICATOR FIELD (Af)
`/
`lA A A AlE B
`F F F F T c
`I 2 3 4 X C1
`
`PLAIN
`TEXT
`
`16 - 4$
`16-~
`16-6
`DCE
`
`s A A
`v
`S S A A V
`0 D D • • • T
`I D D F • • • F
`H I 2
`X C 3 4
`8
`
`RECEIVING
`SELECTIVE ENCRYPTION/
`AUTHENTICATION DEVICE
`
`I •
`•
`s PLAIN []
`
`s A A
`0 D D • • • T
`H I 2
`X
`
`TEXT
`
`16-10-f
`
`~
`RECEIVING DTE
`
`PLAIN u A A
`
`TEXT
`
`B
`F F F T c
`Ar
`I 2 3 4 X c2
`
`E
`T
`X
`
`B
`c
`c3
`
`Fiq./6
`
`ADI,AD2 INDICATE RECEIVING DTE
`SIC= SELECTIVE IDENTIFICATION CHARACTER= 1111101
`AD3,AD4 INDICATE TRANSMITTING DTE
`[] =OPTIONAL CHARACTER THAT INDICATES THE STATE OF AUTHENTICITY OF THE MESSAGE
`VFI-VF8 =VARIABLE FILL CHARACTERS
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 15
`
`
`
`U.S. Patent Oct. 23, 1979
`
`Sheet 15 of 15
`
`4,172,213
`
`TRANSMITTING
`DTE
`+
`s
`PLAIN E PLAIN
`TEXT
`TEXT
`F
`
`s A A
`s
`0 D D • • • T
`H I 2
`X
`
`Fiq./7
`
`E
`E PLAIN
`TEXT
`F
`
`E B
`T c
`
`" . X co
`
`TRANSMITTING
`SELECTIVE ENCRYPTION/
`AUTHENTICATION
`DEVICE
`s S A A V
`v
`S A A
`0 D O···TIDDF···F
`H I 2
`X C 3 4 I
`8
`
`IDENTIFICATION FIELD (IF)
`
`PLAIN
`TEXT
`
`s CIPHER E
`E
`E
`TEXT
`F
`F
`
`PLAIN
`TEXT
`
`OPTIONAL
`AUTHENTICATOR FIELD (AF)
`I
`IAAAAJE B
`F F F F T c
`I 2 3 4 X Cl
`
`Db
`cP
`
`E
`E
`F
`
`PLAIN
`TEXT
`
`[AA AT B
`
`F F F F T c
`I 2 3 4 X C2
`
`PLAIN s CIPHER
`v
`S A A
`S S A A V
`0 D D···TIOOF···F TEXT
`E TEXT
`H I 2
`X C 3 4 I
`8
`F
`+
`RECEIVING
`SELECTIVE ENCRYPTION/
`AUTHENTICATION
`
`DEVICE •
`s PLAIN
`S A A
`0 D D • • • T
`TEXT
`H I 2
`X
`
`s PLAIN
`E
`TEXT
`F
`
`E
`E
`F
`
`PLAIN [] E B
`
`T c
`X c3
`
`TEXT
`
`*
`
`RECEIVING DTE
`
`ADI 1 AD2 INDICATE RECEIVING DTE
`SIC =SELECTIVE IDENIFICATION CHARACTER= 1111101
`AD3 1 AD4 INDICATE TRANSMITTING DTE
`[J =OPTIONAL CHARACTER THAT INDICATES THE STATE OF AUTHENTICITY OF THE MESSAGE
`VFI-VFB =VARIABLE FILL CHARACTERS
`SEF =START ENCRYPT FIELD
`EEF =END ENCRYPT FIELD
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 16
`
`
`
`1
`
`4,172,213
`
`2
`not intended for, a first terminal to a second terminal
`which is intended to receive the message. Second, the
`system enciphers all data and hence is not capable of
`selective encryption. Third, communications must be
`initiated by the terminal, and may not be initiated by the
`central processor. Fourth, the system is not designed for
`insertion in previously existing communications sys(cid:173)
`tems.
`Another cryptographic technique to achieve data
`security is presented in U.S. Pat. No. 3, 798,360, issued
`Mar. 19, 1974, which system provides multiple level
`encipherment of a block of data by means of a stepped
`block cipher process. This system suffers from the same
`drawbacks as previously discussed for U.S. Pat. No.
`3,798,605. Further, this system is restricted to operation
`onblocks of data and is not capable of bit-by-bit encryp(cid:173)
`tion.
`
`BYTE STREAM SELECI'IVE
`ENCRYPTION/DECRYPTION DEVICE
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`Reference is hereby made to two utility applications
`entitled LINK ENCRYPTION DEVICE, Ser. No.
`452,443, and COMMUNICATIONS LINE AU(cid:173)
`THENTICATION DEVICE, Ser. No. 852,446, by the 10
`same inventors as the instant invention and filed concur(cid:173)
`rently with the instant application, and to a design appli(cid:173)
`cation entitled DATA ENTRY KEYBOARD, by
`Jerry Joseph Sims et al., Ser. No. 835,840, filed Sept. 22,
`1977.
`
`15
`
`BACKGROUND OF THE INVENTION
`The present invention relates generally to the art of
`cryptography and more specifically to hardware and
`OBJECTS OF THE INVENTION
`techniques for achieving data communicating security. 20
`It is the general object of this invention to provide a
`With the growing use of remote communications
`cryptographic system to provide communications secu-
`lines to transfer data between processing systems, be-
`rity for communications links in point-to-point or multi-
`tween terminals and remote data banks, and between
`point networks without changes to existing hardware or
`terminals connected to the same or different computers,
`the need to safeguard the data being transferred has 25 software configurations.
`~~o;~~!:tt~~~a;:~~~~:~~~:~d~~~~~~a ;;~~~~r~':~
`It is another object of this invention to provide link
`money" in electronic funds transfer. Similar needs exist
`encryption on a byte-by-byte basis in common carrier or
`in business to prevent the disclosure of sensitive data. In
`direct connect circuit environments.
`the government sector, present and/or future privacy 30
`It is a further object of this invention to provide a
`acts place restrictions on the ability to access sensitive
`cryptographic system, for insertion between a data set
`information. This need to safeguard sensitive informa-
`and a terminal or central processing unit, which enci-
`tion is likely to grow as future privacy legislation will
`phers and deciphers binary data on a byte-by-byte basis.
`It is a further object of this invention to provide a
`most probably impose data communications security
`requirements on the private sector.
`.
`35 self-contained cryptographic system, for insertion be-
`Previous efforts to safeguard data communications
`tween a data set and a terminal or central processing
`have been made, for example, in U.S. Pat. No.
`unit, which enciphers and deciphers data on a byte-by-
`3,798,605, issued Mar. 19, 1974, which pertains to a
`byte basis without modifying control commands and
`multi-terminal data processing system having means
`communications protocols.
`and process for verifying the identiy of subscribers to 40
`It is another object of this invention to provide a
`the system. Validity of a terminal request for communi-
`cryptographic system, for insertion in communications
`cations with the data processing system are determined
`on the basis of a centralized verification system. Each
`links, which can selectively encrypt binary data.
`subscriber to the system is identified by a unique key
`It is still another object of the present invention to
`binary signal pattern. The central data processing unit 45 provide a system which maintains message secrecy as a
`contains a listing of all valid keys for subscribers to the
`message is transmitted from a first terminal or processor
`system. Two embodiments of the centralized verifica-
`until the message reaches its ultimate destination point
`tion system are presented, a password system and a
`after passing through terminals or processors for which
`handshaking system. In the password system, all data or
`the message is not intended.
`information originating at the terminal under use of the 50
`It is a further object of the present invention to pro-
`subscriber is enciphered in combination with the unique
`vide a system to maintain privacy between selected
`subscriber key. Upon proper deciphering of the key or
`terminals in a data communications network having a
`plurality of terminals.
`password at the central processing unit and arriving at
`a match with one of the keys in the processor's listing,
`It is another object of the present invention to pro-
`the subscriber may communicate with the processing 55 vide a cryptographic system which enciphers binary
`system. In the handshaking system embodiment the user
`data into an enciphered data that is not susceptible to
`and the central processor exchange a plurality of mes-
`successful cryptoanalysis.
`sages each formed by a combination of new and prior
`It is still another object of the present invention to
`received data. Received data messages are also main-
`provide a cryptographic system that enciphers and
`tained within the registers at both the terminal and the 60
`deciphers data and which is dependent on a key stored
`central processor for further verification upon the re-
`turn of the portion of the message that was previously
`in the cryptographic system and data previously re-
`transmitted. The techniques described in the latter pa-
`ceived by the cryptographic system.
`These and other objects, features and advantages of
`tent have several drawbacks. First, the techniques are
`restricted to communications between a central proces- 65 the present invention will become apparent from the
`sor and terminals attached to the central processor. No
`description of the preferred embodiments of the inven-
`provision is available for communications between ter-
`tion when read in conjunction with the drawings con-
`minals or for transmitting a message received by, but
`tained herewith.
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 17
`
`
`
`4,172,213
`
`3
`SUMMARY OF THE INVENTION
`The foregoing objects of the present invention are
`achieved by providing an apparatus for insertion in an
`existing communications line for providing message
`secrecy within a significant portion of existing commu(cid:173)
`nications lines.
`The apparatus has both encryption and decryption
`capabilities and can function in a full duplex environ(cid:173)
`ment to encipher and transmit data received from a first 10
`direction, and decipher and transmit data received from
`a second direction. Data received from the first direc(cid:173)
`tion is enciphered by combining the data received with
`the output of an algorithm, the algorithm output being
`dependent on the data previously enciphered and a 15
`unique key entered in the apparatus by the user. As data
`is received from the first direction, it is combined with
`the output of the algorithm and the resulting enciphered
`data is transmitted back onto the communications line in
`the first direction and fed back to a cipher feedback 20
`register which provides input data to the algorithm for
`use in enciphering data subsequently received by the
`apparatus.
`Data received from the second direction is deci(cid:173)
`phered using equivalent elements and the same algo- 25
`rithm as used for enciphering, the basic difference in the
`operation of the apparatus being the point from which
`data fed back to a cipher feedback register is taken.
`The apparatus operates on a byte-by-byte basis and is
`sensitive to control character sequences. In response to 30
`the receipt of specified control characters, the apparatus
`has provisions for selectively encrypting or decrypting
`data received, and provisions for transmitting the data
`received from the first direction without enciphering it.
`In an alternate embodiment, the apparatus contains 35
`provisions for storing a plurality of unique keys, each
`key having associated with it a unique address. When
`the apparatus receives a message from its second direc(cid:173)
`tion it uses the address contained in the message to load
`the key, corresponding to the address received, into its 40
`algorithm. The apparatus then deciphers the data re(cid:173)
`ceived based on the key that was loaded into its algo(cid:173)
`rithm. If the address contained in the message is not one
`of the ones stored in the apparatus, the apparatus will
`transmit the message received without alteration, as it 45
`was not intended for that apparatus.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`FIG. 1 is a block diagram of the data encryption
`standard used in the preferred embodiment of this in- 50
`vention.
`FIG. 2 is a functional diagram of the cryptographic
`technique utilized in the selective encryption/authenti(cid:173)
`cation device.
`FIG. 3 is a functional diagram showing the transmit- 55
`ter cipher feedback register run as a shift code counter.
`FIG. 4 illustrates typical point-to-point and multi(cid:173)
`point networks utilizing the SE/ AD in link encryption
`mode.
`FIG. 5 shows a typical end-to-end mode communica- 60
`tion network configuration with multiple nodes and a
`variety of links containing a mixture of terminals and
`processors.
`FIG. 6 is a functional block diagram of an SE/ AD in
`the link encryption mode of operation.
`FIG. 7 illustrates the SE/ AD as a bit-stream encryp(cid:173)
`tion/decryption device operating in the link encryption
`mode.
`
`65
`
`4
`FIG. 8 illustrates the modem delay compensation
`circuitry utilized in both the transmit and receive opera(cid:173)
`tions.
`FIG. 9 is a functional block diagram of theSE/ AD in
`the end-to-end selective encryption mode of operation.
`FIG. 10 illustrates the translation performed on con(cid:173)
`trol characters.
`FIG. 11 is a functional block diagram of the SE/ AD
`as a byte stream encryption/decryption device operat(cid:173)
`ing in any end-to-end mode.
`FIG. 12 shows the message flow in a communication
`network that utilizes the SE/ AD in the end-to-end
`selective encryption mode.
`FIG. 13 is a simplified block diagram of the transmit
`processing operation.
`FIG. 14 is a simplified block diagram of the receive
`processing operation.
`FIG. 15 illustrates the SE/ AD utilized as just an
`authentication device which serves as both a transmitter
`and a receiver.
`FIG. 16 shows the message flow in a communication
`network that utilizes end-to-end authentication mode
`devices.
`FIG. 17 shows the message flow in a communication
`network which combines the selective encryption mes(cid:173)
`sage flow and the authentication message flow into a
`system containing both modes of operation.
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENT
`Throughout this description and in the accompany(cid:173)
`ing drawings, the following terms and expressions will
`be utilized in accordance with the following definitions:
`
`Algorithm: A prescribed set of well-defined rules or
`processes for the solution of a problem in a finite num(cid:173)
`ber of steps.
`Authentication: The process of appending crypto
`check digits to a plain text message by means of a
`Crypto System where the Crypto check digits are gen(cid:173)
`erated by Encryption of the entire plain text message.
`Cipher Feedback: A technique in which the key gen(cid:173)
`erated is a function of the preceding cipher.
`Cipher Text: The unintelligible form of information
`resulting from Encryption of plain text by a Cryptosys(cid:173)
`tem.
`Cryptographic System (Cryptosystem): The associ(cid:173)
`ated items of documents, devices, or equipment that are
`used as a unit, and provide a single means of encryption.
`(The term "Encryption" used in this specification im(cid:173)
`plies the capability of the inverse function, i.e., "De(cid:173)
`cryption".)
`Crypto Unit: That portion of a Cryptosystem where
`the actual Encryption and Decryption takes place.
`Decryption (Decipherment): The process of convert(cid:173)
`ing encrypted text into its equivalent plain text by
`means of a Cryptosystem.
`Encryption (Encipherment): The process of convert(cid:173)
`ing plain text into unintelligible form by means of a
`Cryptosystem.
`End-To-End Selective Encryption/ Authentication:
`Encryption of authentication in point-to-point multi(cid:173)
`point networks to provide protection of data on the data
`communication line and within interspersed message
`switches or concentrators.
`Garble: Unintelligible information caused by a modi(cid:173)
`fication to a cipher bit(s).
`
`APPLE EXHIBIT 1049
`APPLE v. PMC
`IPR2016-00754
`Page 18
`
`
`
`4,172,213
`
`5
`
`5
`6
`operates on the principle that "plain text" exclusive-
`Key: Bits generated by a crypto unit under control of
`ORed with "key" produces cipher, and conversely that
`the key variable which are logically combined with
`"cipher" exclusive-ORed with "key" produces the orig-
`plain text to form unintelligible information i.e., cipher
`inal plain text.
`text, or inversely, logically combined with cipher text
`The algorithm was designed to operate on 64-bit
`to produce the original plain text.
`blocks of input data; however, it can be operated (i.e.,
`Key Variable: A symbol, or sequence of symbols (or
`cycled through the required 16 iterations) on any num-
`electrical or mechanical correlates to symbols) which
`her of input bits up to this maximum of 64 bits. As
`control the operations of encryption and decryption
`shown in FIG. 2, the algorithm 2-2 is being cycled once
`(e.g., a finite length bit pattern).
`Link Encryption: Encryption in point-to-point or 10 for each data input bit. Each time a data input bit is
`multipoint networks to provide protection of data on
`transferred into the 64-bit input register 2-4, the entire
`the data communications line.
`contents of this register 2-2 are transferred into the
`Message Integrity: A message in which the data is
`algorithm 2-2. Although 64 key bits are produced each
`received at the proper destination exactly as sent by the
`cycle and are available at the output, only a single key
`originator, i.e., without any changes or tampering.
`IS bit is utilized and the other 63 key bits are ignored. Also
`Message Secrecy: A message in which the data is
`shown in FIG. 2 within the dotted lines is an 8-bit out-
`put register 2-6. If the input to the algorithm is provided
`incomprehensible to any viewer or listener from the
`as a single character, or 8-bit byte, and then cycled, and
`time it leaves the source until it arrives at the proper
`8-bit byte of key bits can be provided as the output. It is
`destination.
`Plain Text: Intelligible text or signals which have 20 important to note that with a fixed key variable, for a
`given pattern of 64 algorithm input bits, a given pattern
`meaning and which can be read or acted upon without
`the application of any decryption.
`of 64 output, or key bits is always generated.
`Selective Encryption: The process of converting
`Shown at the top of FIG. 2 is a 64-bit shift register
`portions of plain text which are delineated by selected
`called the cipher feedback register 2-4. In the transmit
`character(s) into unintelligible form by means of a 25 mode as each input plain text bit is exclusive-ORed with
`a key bit by exclusive-OR 2-8, the resultant cipher bit is
`Cryptosystem.
`Variable Fill: A random bit pattern provided as the
`sent as the output bit and simultaneously entered into
`input to the algorithms of both transmit and receive
`the cipher feedback register 2-4. Thus the input to the
`algorithm unit 2-2 which produces key bits is the last 64
`crypto units during initialization.
`Data Encryption Standard: The Data Encryption 30 bits of the output cipher bit stream.
`In the receive mode, the system operates in a similar
`Standard (DES) is an algorithm released by the Na-
`tiona! Bureau of Standards in the Federal information
`manner. In this instance the input to the unit is the same
`Processing Standards Publication (FIPS Pub) 46-Jan.
`cipher bit stream produced at the transmitter output.
`15, 1977, and is intended for use as an industry standard.
`Since this information must be decrypted, the cipher bit
`It was designed for 64-bit block data operation. The key 35 stream is entered directly into the cipher feedback regis-
`ter 2-4 as shown. Hence, the input to the algorithm 2-2
`variable is 56 bits in length and·is loaded into the algo-
`rithm before the encryption/decryption. process is initi-
`is the last 64 input cipher bits. By performing the in-
`ated. In the encrypt mode the algorithm produces 64
`verse operation of exclusive-ORing the cipher bits with
`bits of cipher text for each 64 bits of input plain text.
`the identical key bits as were generated in the transmit-
`Conversely, in the decrypt mode if these 64 bits of ci- 40 ter, the original plain text is provided as the receiver
`pher text are provided as the input, the algorithm will
`output.
`produce the original64 bits of input plain text. The Data
`In order for the encryption/decryption process to
`Encryption Standard is incorporated by reference in
`proceed without error, or garble, the bit patterns in the
`this specification. Additional description of the Data
`cipher feedback registers 2-4 of both transmitter and
`Encryption Standard is also presented in U.S. Pat. Nos. 45 receiver must be identical when generating the key bit
`3,796,830 and 3,798,359, issued Mar. 12, 1974 and Mar.
`to
`19, 1974, respectively.
`produce the cipher bit from the incoming plain text
`bit in the transmitter, and
`to produce the original plain text bit from the incom(cid:173)
`ing cipher text in the receiver.
`The method of ensuring that the transmitter and re(cid:173)
`ceiver are in synchronization is to randomly preset the
`cipher feedback register 2-4 in the transmitter to some
`bit pattern and precede the output cipher text message
`with these 64 preset bits. The receiver would place the
`first 64 bits received into its cipher feedback register 2-4
`as the initial preset before running the algorithm to
`produce the same key bits which are then processed
`with the incoming data. This initialization technique is
`called variable fill.
`Variable fill refers to the bit pattern, or fill, to which
`both the transmitter and receiver cipher feedback regis(cid:173)
`ters 2-4 are set before processing input plain text in the
`transmitter and cipher text in the receiver.
`When not in the transmit mode, the transmitter cipher
`feedback register 2-4 is run as a 49-bit shift code counter
`driven by the recursion Xs=X41E9Xs6shown iri FIG. 3.
`The preset to the shift code counter is the cipher residue
`
`FIG. 1 is a block diagram of the data encryption
`standard. As shown, the implementation of the data 50
`input and data output is provided in 8-bit bytes. The key
`input is entered