throbber
[19]
`United States Patent
`[45]
`Oct. 23, 1979
`Barnes et all.
`
`[11]
`
`4,172,213
`
`[54] BYTE STREAM SELECTIVE
`ENCRYPTION/DECRYPTION DEVICE
`
`Primary Examr'ner—S. C. Buczinski
`Attorney, Agent, or Ft'rm—Mark T. Starr
`
`[75]
`
`3,651,699
`3.74-(1.41-TS
`3,798,605
`3_962_539
`3,984,668
`
`[ST]
`ABSTRACT
`Inventors: Vera L. Barnes, Wayne; Thomas .1.
`An apparatus for insertion in a communications line _for
`g?b1?£'JE$$§;;t]o}::ll;l g;:";:F'
`§i‘L‘,Z2si?.?g?§‘.i1?§n‘EZ§L’§.iL§L‘t'3$’5fk§‘?ifi=iZ”L§§s’§i?E
`Ce'-v'=="- Jr» Newtewn Square» all
`ter end, the apparatus receives messages from the com-
`of Pa"
`Inunications line, enciphers them and retrartsmits them
`[73] Assignee: Burroughs Corporation, Detroit.
`onto the communications line. At the receiver end, the
`Mich.
`apparatus receives messages from the communications
`21 A L N _: 852,444
`line, declphers them and retransmtts them onto the
`1
`Pp
`0
`[
`communications line. The apparatus contains both a
`Nov. 17, 1977
`[22] Filed:
`[51] um CL; _____________________________________________ __ HML 9/W transmitter and receiver and is capable of full duplex
`[52] U_S_ CL _____________________________ 173/22; 340/I461 AL
`operatlon 1n a_btd1rect1oI1al communtcattons line. An-
`[523] Field of Search ................. 178/22; 340/146.1 AL
`F°“‘"'B *0 the "“:’e"“°'=g data '5 enelphered by '=°=Pbm-
`mg the data received with the output of an algorithm,
`[55]
`Referefleee Cited
`the algorithm output being dependent on the data previ-
`U_s_ pATEN1‘ DOCUMENTS
`:.;s‘liy encipherededand a uniq:e::y en-lie? by the user.
`ata ts receiv
`it is com in wit
`t e output of the
`4/1972 Rocher et al.
`......................... 173/22
`algorithm’ transmitted and using cipher feedback mh_
`
`. . . .. I73/22
`6/19'.-'3
`Ehrat . . . . . . . . . .
`.
`red b
`k
`.
`h a}
`. 11
`3/1974
`Feistel ........
`364/200
`mques,
`3°
`35 an “'9'” ‘°F 5
`801'“ "1 "-° l_’e “Se?
`5,1975 Ehmm et a1_
`173,-22
`to encipher subsequently received data. Data IS deci~
`
`
`Zetterberg et al.
`ID/1976
`173/22
`phered usms equivalent elements as used for enCiPher-
`ing,
`the basic difference in the apparatus operation
`OTHER PUBLICATIONS
`being the point from which data fed back into the algo-
`rithm is taken. The apparatus operates on a byte-by-byte
`basis, and contains provisions for responding to control
`characters and ignoring messages intended for a differ-
`ent apparatus.
`
`C. M. Campbell, Jr.; Conf. on Computer Security and
`the Data Encryption Standard; NBS (Preprint of Pa-
`pers); Feb. 15, I9':''.!.
`B. Morgan; Conf. on Computer Security and the Data
`Encryption Standard; NBS (Preprint of Papers); Feb.
`15, 197?.
`
`
`
`49 Claims, 1‘? Drawing Figures
`
`BET
`IN
`
`lllPlJI 5 EIL|IF'|.|l
`PESIMUTE AJJTUIUHIEILLT
`
`B I B an
`
`(3 sERlEs:rmuLLEL
`
`
`
`
`
`n'« Ec::Z-=:.—n 3=2=3-___-..___-.l
`
`rxctiiswr at
`
`la—6-I :4 ms:
`
`'.
`
`I52-{ltGLUS1'u|E MS]
`
`
`Page 1
`
`Apple v. PMC
`|PR2016-00755
`
`PMC Exhibit 2096
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 1
`
`

`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 1 of 15
`
`4,172,213
`
`To Rn
`
`IIAIA
`om
`
`IIEI
`III
`
`C9
`
`(3
`
`I PUT SIOUTPUT
`PNEIIIAUIE AIIIIIIIAIICALLI
`IIP)
`
`W33”
`(9 SERIES/PARALLEL
`I-2
`
`IIAIA
`IN
`
`9
`
`L
`
`Ln
`
`I I I I II I II
`
`I
`
`III II I I
`
`DATA SIIOHAGE
`
`59
`
`R
`
`0
`
`KEY S:TORAGE
`
`D
`
`9-3anREG.) A
`
`Rn
`

`
`TRANSFORM
`In
`
`€53
`
`I
`,
`I
`
`II
`
`PERMUTE
`II=c2I
`
`GI?
`
`I III I
`
`III I I II
`
`EXCLUSIVE (III
`
`I48-EXCLUSIVE 0R‘SJ
`
`99999999
`
`SUBSTITUTIUN
`
`I32-EXCLUSIVE 0R'sI
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00755
`
`Page 2
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 2
`
`

`
`S.
`
`tn6LI»3
`
`3,
`
`cm2w%
`
`2
`
`
`
`U.i§m_§5.25%51%
`
`pEEEEEEEE
`
`
`
`9mg::_:§EW_.,_E_%§..
`
`MNQt‘.
`
`525.5:
`
`lI:.l||nJJD555:2z_§M,5%
`.,3ollllllllllllll
`
`Bm
`
`mwmpMmmCAW
`mews
`mmmm
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 3
`
`

`
`U.S. Patent
`
`CO
`
`9mm,
`
`S
`
`w
`
`.I._,4
`
`1.12,27..
`
`
`
`mzo_:§:_§:§_:§m22.2%
`
`3mat
`
`...5%..
`
`.E2_z~m:
`
`E939
`
`mega
`
`éz__.EE
`
`Ewfié
`
`§_E§m
`
`5.2
`
`
`
`zc_§§;.§E_E-E-E_on_
`
`2:2;
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00755
`
`Page 4
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 4
`
`
`
`
`
`
`
`
`

`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 4 of 15
`
`4,172,213
`
`§_§E
`
`:25
`
`$2.53
`
`mega
`
`Emfié.efim._q2_2E_
`
`._qz=#_E
`
`EQEQ
`
`$25.5
`
`Egg
`
`329
`
`.2z__.EE
`
`M...
`
`.m.W\»E
`
`_§__gE
`
`:33
`
`Emfié
`
`ééfiza
`
`Em%
`
`.1
`
`mesaE53
`
`§___._§
`
`$23
`
`._«.z_§E..
`
`%5%
`
`
`
`:533:3_E_:=§,_o_E$Em_>_5m_._mm-9;
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00755
`
`Page 5
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 5
`
`
`
`
`
`
`
`
`
`
`
`
`

`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 5 of 15
`
`4,172,213
`
`23:2
`
`
`
`EWEE_,5E§
`
`ézzéfi
`
`5%:
`
`33.
`
`§EE_,__
`
`2,:5228assszs
`
`5.2.%§5%Egg
`
`
`
`533$51%‘EB:51%
`
`EEE52$mat
`
`NE
`
`EmEv...
`
`figs
`
`ESE:
`
`§_”_Em
`
`E5_H.E
`
`2E_m8.E
`
`mug_
`
`§,__e§:=
`
`222$
`
`E2
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00755
`
`Page 6
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 6
`
`
`
`
`

`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 6 of 15
`
`4,172,213
`
`: : : : ? :——i
`
`VARIABLE
`
`ONE BIT SHIFT
`PER BIT
`
`F
`!
`
`r I I
`
`0
`
`'
`ABTWATE
`ONCE PER I
`
` __ Q-
`
`m
`'
`
`TRANSWT
`
`'
`
`RECEIVE
`
`
`
`KEY BiT
`
`
`
`
`
`\|||l||
`
`0
`
`T1’)?
`
`Fig. 7
`
`Page 7
`
`PMC Exhibit 2096
`A le v. PMC
`IPR
`6-00755
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 7
`
`

`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 7 of 15
`
`4,172,213
`
`5%
`
`E:”_§5
`
`Eng
`
`22.:
`
`E3
`
`z_5._$_.__Q
`
`.5528CE
`
`we22:
`
`§_sa3¢
`
`4omH2oQ
`
`EE:%,_E
`
`E8:
`
`fiaa
`
`Ezzgénmg22:
`
`§_=§:9
`
`
`
`,__5&$_¢sEa
`
`.59:
`
`z_§_
`
`$52
`
`$538
`
`§_§m
`
`atzazs:
`
`was2
`
`5:58
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00755
`
`Page 8
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 8
`
`
`
`
`

`
`U.S. Patent
`
`Oct. 23, 1979
`
`ob
`
`B
`
`h_S__m_+I$__
` __IHfigIpm__,__:_%34:55:wMm.o|.m\_amEmfig_
`
`
`
`n/WE:52%3:53%................
`
`
`
`27]|E||IlII|][||]IIlI1I_U_IIIFII4.,¢_
`
`_
`
`__
`
`I I
`
`| I
`
`I
`
`33.255.2%
`
`
`
`£52.32...
`
`IEas
`
`PMCExhibit
`
`
`
`22.59fig;fix:5...9%IIIII
`
`Apple v. PMC
`|PR2016-00755
`
`Page 9
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 9
`
`
`
`

`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 9 of 15
`
`4,172,213
`
`@1913
`
`I3-4
`
`PARITY
`CHECK
`
`INPUTOATA FROM DTE
`
`DATA
`INPUT
`REGISTER
`
`I3‘?
`
`KEY MEMORY
`STORAGE
`
`CHARACTER
`STORAGE
`DELAY
`
`B-W
`
`
`
`|3-|0
`
`CHLTEARTER
`
`AUTRE\T|fiT_|ON__
`
`SELECT
`
`H EXCLUSIVE-OR
`TRANSFORMATION
`
`ARR
`
`R3
`
`DATA FROMALGORTTHM
`
`DATA T0 ALGORITHM
`CONTROLTCIPHER
`FEEDBABK REGISTER)
`
`SELECT
`
`GETRLTTAR
`
`BUFFER
`
`5'5
`
`OUTPUT RATA TO DOE
`
`"KEY BiTS"(8&T)
`oo
`01
`I0
`
`,
`|||
`
`"KEY B|TS"(6&T)
`no
`OI
`I0
`
`ll
`
`INPUT
`(BATTER
`
`ll
`
`Ii
`
`J
`R
`00 \ofi\gT To
`T0:
`0: 0|\\O0\\I|
`10
`I0
`u\\o‘R\0|
`~\ \ T
`TR
`no
`oT\g9\T
`IO
`OUTPUT
`EXCLUSIVE-OR O
`(B)
`(A)
`
`F/g./0
`
`INPUT
`
`00
`0|
`I0
`
`II
`
`no
`0|
`IO
`
`II
`
`on
`0|
`ll
`
`00
`II
`I0
`
`0o—coRTRoLcRARAcTER
`10
`0|
`
`NUWNTROL
`CHARACTER
`
`ll
`
`PMC Exhibit 2096
`
`Apple v. PMC
`IPR2016-00755
`
`Page 10
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 10
`
`

`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 10 of 15
`
`4,172,213
`
`ONE BYTE SHIFT
`PER BYTE
`
`H‘?
`
`3 BTTS
`/4%
`
`mmmflflmmmm
`
`0
`
`|
`|
`
`DES ALGORITHM
`STRANSFERS/BYTE
`IIIIIIII
`(w
`
`ENBRYPT MODE
`

`
`KEY
`‘”*“'*’~BLE
`
`—' 6
`_ T
`- T
`I '
`'
`_ T
`|
`ACTIVATE
`_ T
`{JNCEPE
`_ pm;
`W .
`— |
`[
`T
`‘T’
`E
`T
`| IIIIIIII (3
`IIIITIIII
`Q
`
`0
`
`m
`
`m m
`ECEIVE
`
`-
`
`mans
`
`u—:2
`
`IN
`
`CONTROL
`
`- xon AND E I
`
`I
`
`TRANSFORMATION
`
`T
`
`ll-I0
`
`‘
`
`=
`
`PLAINTEXT
`
`Page 11
`
`PMC Exhibit 2096
`
`Apple v.PMC
`|PR2016-00755
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 11
`
`

`
`
`
`'3'“
`
`5
`
`0
`H
`
`A
`
`-D
`I
`
`A
`
`0
`2
`
`T
`x
`
`I
`c
`
`D
`3
`
`D
`4
`
`F
`I
`
`-F
`5
`
`’“--I2-2
`
`55E
`
`5
`o
`H
`
`A
`D
`I
`
`A
`D
`2
`
`5
`«I
`x
`
`5
`I
`I:
`
`A
`D
`3
`
`A
`D
`A
`
`V
`F
`I
`
`II
`F
`
`
`
`RECEIVING
`SELECTIVE ENCRYPTIUNI
`AUTHENTICATION nEIIIcE
`
`5
`0
`H
`
`A
`A
`D D_
`1
`2
`
`5
`,T
`X
`
`PLAIN
`TEXT
`
`RECEIVING DTE
`
`ADLAD2 INDICATE RECEIVING DTE
`SIC = SELECTIVE IDENTIFICATION CHARACTER = IIIIIDI
`AD3,AD4 INDICATE TRANSMITTING DTE
`I-‘Fl-I.-'F8=\I'ARIABLE FILL CHARACTERS
`
`SEE =START ENCRYPT FIELD
`
`-
`
`EEF= END ENCRYPT FIELD
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 11 (If 15
`
`4,172,213
`
`TRANSMITTING
`
`-—vFIA/2
`
`5
`
`0
`H
`
`A
`
`D
`I
`
`A
`
`D
`2
`
`5
`
`T
`II
`
`IEII”
`
`5
`
`E
`F
`
`IEII“
`
`E
`
`E
`F
`
`IEIII“
`
`E
`
`T
`x
`
`5
`
`0
`no
`
`TRANSMITTING
`SELECTIVE ENCRYPTIONI
`AUTHENTICATION DEVICE
`
`
`
`
`5
`
`5
`
`A
`
`A
`
`II
`
`II
`
`IDENTIFICATION FIELD (IF)
`
`5
`
`E
`F
`
`5
`E
`F
`
`5
`E
`F
`
`I}'EI’,IfTER
`
`PLAIN
`TEXT
`
`E
`
`E
`F
`
`E
`E
`F
`
`E
`E
`F
`
`E
`
`T
`I
`
`B
`
`G
`I3.
`
`E
`T
`x
`
`B
`5
`{)2
`
`PLAIN
`TEXT
`
`E
`T
`X
`
`5
`3
`03
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00755
`
`Page 12
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 12
`
`

`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 12 of 15
`
`4,172,213
`
`RRTR FROM DCE
`
`DRTR
`INFUT
`REGISTER
`
`.
`
`I4-2
`
`J___
`I
`FOUR
`——fi
`CHARACTER
`
`I
`l—I
`
`-——_____
`
`I
`F I I
`I
`STRII$g|NG
`IF VERAEISIRTION
`l
`I
`I —~— __u
`I STRIFPING
`I
`TI
`I
`I
`LOADING
`I __ _I
`OF VARIABLE
`FILL
`I
`I I I I I |_
`
`1*‘
`
`DATA FROM
`ALGORITHM
`
`DATATO
`- RLRRRRRII
`ICIPHER FEEDBACK
`REGISTER)
`
`s E
`
`L
`E
`C
`T
`
`
`
`EXCLUSIVE
`OR AND
`TRANSFORMATION
`
`PAFIITI’
`CHECK
`
`KMEMURY
`STORAGE
`
`CHARACTER
`I-IRTRIX
`
`PARITY
`GENERATION
`
`I4‘4
`
`
`DATA TO DIE
`
`Fg./4
`I
`
`Page 13
`
`Apple v. PMC
`|PR2016-00755
`
`PMC Exhibit 2096
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 13
`
`

`
`
`
`IIIIIII
`
`PLAIN —
`TEXT
`
`
`
`xoa
`N
`
`TRANSFORMATION
`
`I5-I2
`
`AF
`
`RECEIVE
`
`'
`
`GENERATOR I COMPARATOR
`
`INTERCHANGE
`STATUS
`
`OUTPUT
`
`|5"TU
`
`PMC Exhibit 2096
`
`Apple v. PMC
`IPR2016-00755
`
`Page 14
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 13 of 15
`
`4,172,213
`
`ONE BYTE SHIFT
`PER BYTE
`
`i5_2
`
`3 BITS
`/*—-""—\
`
`mmmmml
`
`0
`
`F _ — _ ES_A@Rl_THN ______ W“
`I
`.
`
`BTHANSFERS/BYTE
`
`—
`
`J IIIIIIII
`1

`35%"
`BYTE
`l
`:

`'
`} IIIIIIII 9
`
`ENCRYPT MODE
`
`'
`
`-—
`I
`E
`® _
`—
`
`53
`9 VARIABLE
`
`|5-6
`
`Ir’
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 14
`
`

`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 14 of 15
`
`4,172,213
`
`_
`
`TRANSMITTING
`
`
`
`
`AAAEB
`SSAAV vmm
`SA3
`FFFFTC
`OD--TIDDF-F
`HI2
`xca-'41
`ESTEXTIEBAXCI
`
`W 1
`
`5-2“:
`
`M
`
`BAA ssaavv
`AAAAEB
`ODD~T|DDF
`F%:-QITIIFFFFTC
`HI2 xcsans
`I234XCg
`
`RECEIVING
`
`
`
`SELECTIVE ENCRYPTIONI
`AUTHENTICATION DEVICE
`
`sans
`
`ODD---T
`
`HIZX
`
`EB
`
`TC
`
`xc5
`
`1640
`
`RECEIVING DTE
`
`F1916
`
`ADLAD2 INDICATE RECEIVING DTE
`SIC = SELECTIVE IDENTIFICATION CHARACTER = IIIIIOI
`AD3,AOA INDICATE TRANSMITTING DTE
`[3 =OPTIONAL CHARACTER THAT INDICATES THE STATE OF AUTHENTICITY OF THE MESSAGE
`VF|~VF8 = VARIABLE FILL CHARACTERS
`
`Page 15
`
`Apple v. PMC
`|PR2016-00755
`
`PMC Exhibit 2096
`
` TRANSMITTING
`
`SELECTIVE ENCRYPTIONZ
`AUTHENTICATION DEVICE
`
`IDENTIFICATION FIELD IIFI
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 15
`
`

`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 15 0fIS
`
`4,172,213
`
`TRAN%I#IgT|NG
`
`F, _/7
`
`s
`
`ALAIN
`E
`FEX
`
`E
`
`PLAIN
`E
`FTE”,xco
`
`
`
`
`3
`
`A
`
`A
`
`PLI)’I(ITIII
`MD _T
`H|2
`xTF
`Ir
`TRANSMITTING
`
`‘UN’
`
`IDENTIFICATION FIELD IIFI
`
`OPTWL
`
`AUTHENTICATDR FIELD IAF)
`
`5*” _55‘""”
`000
`TIDDF
`HI2 X034!
`
`“A53
`SCIPHEREPLAIN
`VPLAIN
`FTEXTETEXT ETEXTFFFFTC
`3
`F
`F
`l234XC|
`
`DCE
`
`5”
`onn
`H
`I
`2
`
`
`
`RECEIVING
`SELECTIVE ENCRYPTIONI
`AUTHENTICATION
`DEVICE
`
`PLAIN “HEB
`F
`CIFHER
`5
`ETEXTETEXTFFFFTC
`F
`F
`I
`2
`3
`4
`x
`{)2
`
`5
`0
`H
`
`A
`D
`I
`
`"‘_ ,3
`D
`I
`2
`x
`
`PLAIN
`TE
`
`XT
`
`PLAIN
`TEXT
`
`3
`E
`F
`
`PLAIN
`TEXT
`
`F
`E
`F
`
`B
`F
`0
`T
`x C3
`
`RECEIVING DTE
`
`ADLAD2 INDICATE RECEIVING DTE
`SIC = SELECTIVE IDENIFICATIDN CHARACTER = IIIIIDI
`AD3,ADA INDICATE TRANSMITTING DTE
`[1 =DPT|DNAL CHARACTER THAT INDICATES THE STATE DF AUTHENTICITY OF THE MESSAGE
`NFI-‘JF8 =I.IARIABLE FILL CHARACTERS
`
`SEF = START ENCRYPT FIELD
`EEF = END ENCRYPT FIELD
`
`
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00755
`
`Page 16
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 16
`
`

`
`1
`
`4,172,213
`
`BYTE STREAM SELECI'IVE
`ENCRYP‘I'ION/DECRYPTION DEVICE
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`5
`
`Reference is hereby made to two utility applications
`entitled LINK ENCRYPTION DEVICE, Ser. No.
`4525143,
`and COMMUNICATIONS LINE ALT-
`THENTICATION DEVICE, Ser. No. 852,446, by the
`same inventors as the instant invention and filed concur-
`rently with the instant application, and to a design appli-
`cation entitled DATA ENTRY KEYBOARD, by
`Jerry Joseph Sims et 511., Ser. No. 835,840, filed Sept. 22,
`1977.
`
`BACKGROUND OF-TI-IE INVENTION
`
`The present invention relates generally to the art of
`cryptography and more specifically to hardware and
`techniques for achieving data communicating security.
`With the growing use of remote communications
`lines to transfer data between processing systems, be-
`tween terminals and remote data banks, and between
`terminals connected to the same or different computers,
`the need to safeguard the data being transferred has
`grown. In the banking industry, there is a growing need
`to prevent the fraudulent modification of “electronic
`money" in electronic funds transfer. Similar needs exist
`in business to prevent the disclosure of sensitive data. In
`the government sector, present and/or future privacy
`acts place restrictions on the ability to access sensitive
`information. This need to safeguard sensitive informa-
`tion is likely to grow as future privacy legislation will
`most probably impose data communications security
`requirements on the private sector.
`_
`Previous efforts to safeguard data communications
`have been made,
`for example.
`in U.S. Pat. No.
`3,798,605, issued Mar. 19, 1974, which pertains to a
`rnulti-tenninal data processing system having means
`and process for verifying the identiy of subscribers to
`the system. Validity of a terminal request for communi-
`cations with the data processing system are determined
`on the basis of a centralized verification system. Each
`subscriber to the system is identified by a unique key
`binary signal pattern. The central data processing unit
`contains a listing of all valid keys for subscribers to the
`system. Two embodiments of the centralized verifica-
`tion system are presented, a password system and a
`handshaking system. In the password system, all data or
`information originating at the terminal under use of the
`subscriber is enciphered in combination with the unique
`subscriber key. Upon proper deciphering of the key or
`password at the central processing unit and arriving at
`a match with one of the keys in the processor’s listing,
`the subscriber may communicate with the processing
`system. In the handshaking system embodiment the user
`and the central processor exchange a plurality of mes-
`sages each formed by a combination of new and prior
`received data. Received data messages are also main-
`tained within the registers at both the terminal and the
`central processor for further verification upon the re-
`turn of the portion of the message that was previously
`transmitted. The techniques described in the latter pa-
`tent have several drawbacks. First, the techniques are
`restricted to communications between a central proces-
`sor and terminals attached to the central processor. No
`provision is available for communications between ter-
`minals or for transmitting a message received by, but
`
`20
`
`25
`
`35
`
`45
`
`50
`
`55
`
`65
`
`2
`not intended for, a first terminal to a second terminal
`which is intended to receive the message. Second, the
`system enciphers all data and hence is not capable of
`selective encryption. Third, communications must be
`initiated by the terminal, and may not be initiated by the
`central processor. Fourth, the system is not designed for
`insertion in previously existing communications sys-
`tems.
`
`Another cryptographic technique to achieve data
`security is presented in U.S. Pat. No. 3,798,360, issued
`Mar. 19, 1974, which system provides multiple level
`encipherment of a block of data by means of a stepped
`block cipher process. This system suffers from the same
`drawbacks as previously discussed for U.S. Pat. No.
`3,798,605. Further, this system is restricted to operation
`on blocks of data and is not capable ofbit-by-bit encryp-
`tion.
`
`OBJECTS OF THE INVENTION
`
`It is the general object of this invention to provide a
`cryptographic system to provide communications secu-
`rity for communications links in point-to-point or multi-
`point networks without changes to existing hardware or
`software configurations.
`It is another object of this invention to provide link
`encryption on a byte-by-byte basis in common carrier or
`direct connect circuit environments.
`It is a further object of this invention to provide a
`cryptographic system, for insertion between a data set
`and a terminal or central processing unit, which enci-
`phers and deciphers binary data on a byte-by-byte basis.
`It is a further object of this invention to provide a
`self-contained cryptographic system, for insertion be-
`tween a data set and a terminal or central processing
`unit, which enciphers and deciphers data on a byte-by-
`byte basis without modifying control commands and
`communications protocols.
`It is another object of this invention to provide a
`cryptographic system, for insertion in communications
`links, which can selectively encrypt binary data.
`It is still another object of the present invention to
`provide a system which maintains message secrecy as a
`message is transmitted from a first terminal or processor
`until the message reaches its ultimate destination point
`after passing through terminals or processors for which
`the message is not intended.
`It is a further object of the present invention to pro-
`vide a system to maintain privacy between selected
`terminals in a data communications network having a
`plurality of terminals.
`It is another object of the present invention to pro-
`vide a cryptographic system which enciphers binary
`data into an enciphered data that is not susceptible to
`successful cryptoanalysis.
`It is still another object of the prent invention to
`provide a cryptographic system that enciphers and
`deciphers data and which is dependent on a key stored
`in the cryptographic system and data previously re-
`ceived by the cryptographic system.
`These and other objects, features and advantages of
`the present invention will become apparent from the
`description of the preferred embodiments of the inven-
`tion when read in conjunction with the drawings con-
`tained herewith.
`
`
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00755
`
`Page 17
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 17
`
`

`
`3
`
`4,172,213
`
`10
`
`25
`
`35
`
`SUMMARY OF THE INVENTION
`
`The foregoing objects of the present invention are
`achieved by providing an apparatus for insertion in an
`existing communications line for providing message
`secrecy within a significant portion of existing commu-
`nications lines.
`
`The apparatus has both encryption and decryption
`capabilities and can function in a full duplex environ-
`ment to encipher and transmit data received from a first
`direction. and decipher and transmit data received from
`a second direction. Data received from the first direc-
`tion is enciphered by combining the data received with
`the output of an algorithm, the algorithm output being
`dependent on the data previously enciphered and a
`unique key entered in the apparatus by the user. As data
`is received from the first direction, it is combined with
`the output of the algorithm and the resulting enciphered
`data is transmitted back onto the communications line in
`the first direction and fed back to a cipher feedback
`register which provides input data to the algorithm for
`use in enciphering data subsequently received by the
`apparatus.
`Data received from the second direction is deci-
`phered using equivalent elements and the same algo-
`rithm as used for enciphering, the basic difference in the
`operation of the apparatus being the point from which
`data fed back to a cipher feedback register is taken.
`The apparatus operates on a byte-by-byte basis and is
`sensitive to control character sequences. In response to
`the receipt of specified control characters, the apparatus
`has provisions for selectively encrypting or decrypting
`data received, and provisions for transmitting the data
`received from the first direction without enciphering it.
`In an alternate embodiment, the apparatus contains
`provisions for storing a plurality of unique keys, each
`key having associated with it a unique address. When
`the apparatus receives a message from its second direc-
`tion it uses the address contained in the message to load
`the key, corresponding to the address received. into its
`algorithm. The apparatus then deciphers the data re-
`ceived based on the key that was loaded into its algo-
`rithm. If the address contained in the message is not one
`of the ones stored in the apparatus, the apparatus will
`transmit the message received without alteration, as it
`was not intended for that apparatus.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a block diagram of the data encryption
`standard used in the preferred embodiment of this in-
`vention.
`FIG. 2 is a functional diagram of the cryptographic
`technique utilized in the selective encryption/authenth
`cation device.
`FIG. 3 is a functional diagram showing the transmit-
`ter cipher feedback register run as a shift code counter.
`FIG. 4 illustrates typical point-to~point and multi-
`point networks utilizing the SE/AD in link encryption
`mode.
`FIG. 5 shows a typical end-to-end mode communica-
`tion network configuration with multiple nodes and a
`variety of links containing a mixture of terminals and
`processors.
`FIG. 6 is a functional block diagram of an SE/‘AD in
`the link encryption mode of operation.
`FIG. 7 illustrates the SE/AD as a bit-stream encryp-
`tion/decryption device operating in the link encryption
`mode.
`
`4-
`FIG. 8 illustrates the modem delay compensation
`circuitry utilized in both the transmit and receive opera-
`tions.
`FIG. 9 is a functional block diagram of the SE/AD in
`the end-to-end selective encryption mode of operation.
`FIG. ll] illustrates the translation performed on con-
`trol characters.
`FIG. 11 is a functional block diagram of the SE/AD
`as a byte stream encryption/decryption device operat-
`ing in any end-to-end mode.
`FIG. 12 shows the message flow in a communication
`network that utilizes the SE/AD in the end-to-end
`selective encryption mode.
`FIG. 13 is a simplified block diagram of the transmit
`processing operation.
`FIG. 14 is a simplified block diagram of the receive
`processing operation.
`FIG. 15 illustrates the SE/AD utilized as just an
`authentication device which serves as both a transmitter
`and a receiver.
`FIG. 16 shows the message flow in a communication
`network that utilizes end-to-end authentication mode
`devices.
`FIG. 1'.-' shows the message flow in a communication
`network which combines the selective encryption mes-
`sage flow and the authentication message flow into a
`system containing both modes of operation.
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENT
`
`Throughout this description and in the accompany-
`ing drawings, the following terms and expressions will
`be utilized in accordance with the following definitions:
`
`Algorithm: A prescribed set of well-defined rules or
`processes for the solution of a problem in a finite num-
`ber of steps.
`Authentication: The process of appending crypto
`check digits to a plain text message by means of a
`Crypto System where the Crypto check digits are gen-
`etatecl by Encryption of the entire plain text message.
`Cipher Feedback: A technique in which the key gen-
`erated is a function of the preceding cipher.
`_
`Cipher Text: The unintelligible form of information
`resulting from Encryption of plain text by a Cryptosys-
`tem.
`
`Cryptographic System (Cryptcsystem): The associ-
`ated items of documents, devices, or equipment that are
`used as a unit, and provide a single means of encryption.
`(The term “Encryption” used in this specification im-
`plies the capability of the inverse function, i.e., “De-
`cryption".)
`Crypto Unit: That portion of a Cryptosystem where
`the actual Encryption and Decryption takes place.
`Decryption (Decipherment): The process of convert-
`ing encrypted text
`into its equivalent plain text by
`means of a Cryptosystem.
`Encryption (Encipherment): The process of convert-
`ing plain text into unintelligible fcnn by means of a
`Cryptosystem.
`End-To-End Selective Encryption/Authentication:
`Encryption of authentication in point-to-point multi-
`point networks to provide protection of data on the data
`communication line and within interspersed message
`switches or concentrators.
`Garble: Unintelligible information caused by a modi-
`fication to a cipher bit(s).
`
`45
`
`50
`
`55
`
`65
`
`PMC Exhibit 2096
`
`Apple v. PMC
`|PR2016-00755
`
`Page 18
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 18
`
`

`
`5
`Key: Bits generated by a crypto unit under control of
`the key variable which are logically combined with
`plain text to form unintelligible information i.e., cipher
`text, or inversely, logically combined with cipher text
`to produce the original plain text.
`Key Variable: A symbol, or sequence of symbols (or
`electrical or mechanical correlates to symbols) which
`control the operations of encryption and decryption
`(e.g., a finite length bit pattern).
`Link Encryption: Encryption in point-to-point or
`multipoint networks to provide protection of data on
`the data communications line.
`
`Message Integrity: A message in which the data is
`received at the proper destination exactly as sent by the
`originator, i.e., without any changes or tampering.
`Message Secrecy: A message in which the data is
`incomprehensible to any viewer or listener from the
`time it leaves the source until it arrives at the proper
`destination.
`Plain Text: Intelligible text or signals which have
`meaning and which can be read or acted upon without
`the application of any decryption.
`Selective Encryption: The process of converting
`portions of plain text which are delineated by selected
`character(s) into unintelligible form by means of a
`Cryptosystern.
`Variable Fill: A random bit pattern provided as the
`input to the algorithms of both transmit and receive
`crypto units during initialization.
`Data Encryption Standard: The Data Encryption
`Standard (DES) is an algorithm released by the Na-
`tional Bureau of Standards in the Federal information
`Processing Standards Publication (FIPS Pub) 46-Jan.
`15, 1977, and is intended for use as an industry standard.
`It was designed for 64-bit block data operation. The key
`variable is 56 bits in length and -is loaded into the algo-
`rithm before the encryption!decryption process is initi-
`ated. In the encrypt mode the algorithm produces 64
`bits of cipher text for each 64 bits of input plain text.
`Conversely, in the decrypt mode if these 64 bits of ci-
`pher text are provided as the input, the algorithm will
`produce the original 64 bits of input plain text. The Data
`Encryption Standard is incorporated by reference in
`this specification. Additional description of the Data
`Encryption Standard is also presented in U.S. Pat. Nos.
`3,796,830 and 3,798,359. issued Mar. 12, 1914 and Mar.
`19, 1974. respectively.
`
`FIG. 1 is a block diagram of the data encryption
`standard. As shown, the implementation of the data
`input and data output is provided in 8-bit bytes. The key
`input is entered in 8-bit bytes: 7 bits plus parity. Parity is
`not stored in the key storage register.
`Twenty-four clock periods are required to load the
`data input. Data output is simultaneously available dur-
`ing this period. Sixteen iterations of the algorithm at
`two clock periods per iteration, require an additional 32
`clock periods, giving a total of 56 clock periods needed
`for a complete algorithm load and run cycle. At the
`system clock of 1.2238 MHz. the algorithm is cycled in
`4-5.6;; seconds.
`FIG. 2 is a functional diagram of the cryptographic
`technique utilized in the Selective Encryption/Anthem
`tication Device (SE./AD}. Operation of the algorithm
`unit (DES) 2-2 is described, supra. and is shown only to
`indicate the required interconnections. In this discus-
`sion, the algorithm is only operated in the encrypt mode
`and is being utilized as a key generator. This technique
`
`15
`
`20
`
`25
`
`35
`
`45
`
`50
`
`55
`
`65
`
`4,172,213
`
`6
`operates on the principle that “plain text" exclusive-
`0Red with "key" produces cipher, and conversely that
`“cipher” exclusive—0Red with ‘‘key’' produces the orig-
`inal plain text.
`The algorithm was designed to operate on 64-bit
`blocks of input data; however, it can be operated (i.e.,
`cycled through the required 16 iterations) on any num-
`ber of input bits up to this maximum of 64 bits. As
`shown in FIG. 2. the algorithm 2-2 is being cycled once
`for each data input bit. Each time a data input bit is
`transferred into the 64-bit input register 2-4, the entire
`contents of this register 2-2 are transferred into the
`algorithm 2-2. Although 64 key bits are produced each
`cycle and are available at the output. only a single key
`bit is utilized and the other 63 key bits are ignored. Also
`shown in FIG. 2 within the dotted lines is an 8-bit out-
`
`put register 2-6. If the input to the algorithm is provided
`as a single character, or B-bit byte, and then cycled, and
`8-bit byte of key bits can be provided as the output. It is
`important to note that with a fixed key variable. for a
`given pattern of 64 algorithm input hits. a given pattern
`of 64 output, or key bits is always generated.
`Shown at the top of FIG. 2 is a 64-bit shift register
`called the cipher feedback register 2-4. In the transmit
`mode as each input plain text bit is exclusive-0Red with
`a ltey bit by exclusive-OR 2-8, the resultant cipher bit is
`sent as the output bit and simultaneously entered into
`the cipher feedback register 24. Thus the input to the
`algorithm unit 2-2 which produces key bits is the last 64
`bits of the output cipher bit stream.
`In the receive mode, the system operates in a similar
`manner. In this instance the input to the unit is the same
`cipher bit stream produced at the transmitter output.
`Since this information must be decrypted, the cipher bit
`stream is entered directly into the cipher feedback regis-
`ter 2-4 as shown. Hence, the input to the algorithm 2-2
`is the last 64 input cipher bits. By performing the in-
`verse operation of exclusive-Olting the cipher bits with
`the identical key bits as were generated in the transmit-
`ter, the original plain text is provided as the receiver
`output.
`In order for the encryption/decryption process to
`proceed without error, or garble, the bit patterns in the
`cipher feedback registers 2-4 of both transmitter and
`receiver must be identical when generating the key bit
`to
`
`produce the cipher bit from the incoming plain text
`bit in the transmitter, and
`to produce the original plain text bit from the incom-
`ing cipher text in the receiver.
`The method of ensuring that the transmitter and re-
`ceiver are in synchronization is to randomly preset the
`cipher feedback register 2-4 in the transmitter to some
`bit pattern and precede the output cipher text message
`with these 64 preset bits. The receiver would place the
`first 64 bits received into its cipher feedback register 2-4
`as the initial preset before running the algorithm to
`produce the same key bits which are then processed
`with the incoming data. This initialization technique is
`called variable fill.
`Variable fill refers to the bit pattern, or fill, to which
`both the transmitter and receiver cipher feedback regis-
`ters 2-4 are set before processing input plain text in the
`transmitter and cipher text in the receiver.
`When not in the transmit mode, the transmitter cipher
`feedback register 2-4 is run as a 49-bit shift code counter
`driven by the recursion X3 =X41€BX55 shown in‘ FIG. 3.
`The preset to the shift code counter is the cipher residue
`
`
`
`PMC Exhibit 2096
`
`Apple v. PMC
`IPRZO16-00755
`
`Page 19
`
`PMC Exhibit 2096
`Apple v. PMC
`IPR2016-00755
`Page 19
`
`

`
`4,172,213
`
`7
`remaining from the last transmission. This assures that
`the preset to the counter is also random in nature.
`Whenever a variable fill is required, the transmitter
`cipher feedback register 24 is returned to its normal
`operation: the shift code counting is inhibited; the algo-
`rithm unit 2-2 is re-enabled; and the register 2-4 is oper-
`ated at the selected input data rate. The input plain text
`data line is held in the mark condition and is exclusive-
`ORed with the key bits which are being generated as a
`result of the random bit pattern contained in the cipher
`storage register 2-4. A space is placed on the output data
`line and the operation proceeds as described, supra. for
`a predetermined number of bit times, i.e., cipher text is
`generated and sent as a variable full as the transmitter
`output and simultaneously fed back as the input to the
`cipher feedback register 2-4. After the selected number
`of bits have been transmitted, the remainder of the bit
`positions in the cipher feedback register 2-4 are reset to
`zero, and the unit starts to process incoming plain text
`data as described previously.
`Operation of the receive unit is triggered by the de-
`tection of a mark-to-space transition. Following this
`transition, the incoming data is processed as described
`previously. However, the output data is inhibited. The
`incoming variable fill is entered into the cipher feedback
`register 2-4 for the predetermined number of bits and
`when completed, the remainder of the cipher feedback
`register 2-4 is reset to zero.
`At this point, the receiver cipher feedback register
`2-4 contains the identical bit pattern as that contained in
`the transmitter cipher feedback register 2-4 when it
`started to process the incoming plain text data. Hence
`the receiver will at this point in time beg

This document is available on Docket Alarm but you must sign up to view it.


Or .

Accessing this document will incur an additional charge of $.

After purchase, you can access this document again without charge.

Accept $ Charge
throbber

Still Working On It

This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.

Give it another minute or two to complete, and then try the refresh button.

throbber

A few More Minutes ... Still Working

It can take up to 5 minutes for us to download a document if the court servers are running slowly.

Thank you for your continued patience.

This document could not be displayed.

We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.

Your account does not support viewing this document.

You need a Paid Account to view this document. Click here to change your account type.

Your account does not support viewing this document.

Set your membership status to view this document.

With a Docket Alarm membership, you'll get a whole lot more, including:

  • Up-to-date information for this case.
  • Email alerts whenever there is an update.
  • Full text search for other cases.
  • Get email alerts whenever a new case matches your search.

Become a Member

One Moment Please

The filing “” is large (MB) and is being downloaded.

Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.

Your document is on its way!

If you do not receive the document in five minutes, contact support at support@docketalarm.com.

Sealed Document

We are unable to display this document, it may be under a court ordered seal.

If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.


Access Government Site

We are redirecting you
to a mobile optimized page.





Document Unreadable or Corrupt

Refresh this Document
Go to the Docket

We are unable to display this document.

Refresh this Document
Go to the Docket