`
`[19]
`
`[11]
`
`4,172,213
`
`
`
` Barnes et al. [45] Oct. 23, 1979
`
`
`
`[54] BYTE STREAM SELECTIVE
`ENCRYPTION/DECRYPTION DEVICE
`
`Primary Examiner—S. C. Buczinski
`Attorney, Agent, or Firm—Mark T. Starr
`
`[75]
`
`Inventors: Vera L. Barnes, Wayne; Thomas J.
`Dodds, Jr., Drexel Hill; Harold F.
`Gibson, Downingtown; Carl M.
`Campbell, Jr., Newtmvn Square. all
`0f Pa'
`[73] Assignee: Burroughs Corporation, Detroit,
`Mich.
`
`[21] Appl' No': 852’“
`[22] Filed:
`Nov. 17, 1977
`[51]
`Int. Ct.z ............................................. .. HML 9/00
`[52] U5. CL ___________________________" 173/22; 340/!46‘1 AL
`[53] Field of Search _______________“ 178/22, 340/1464 AL
`’
`[56]
`“defences Citfli
`U‘S‘ pATEN-r DOCUMENTS
`
`3,651,699
`3.740.415
`3 793 605
`3:962:539
`3.934.663
`
`......................... ITS/22
`4!1912 Rocher et a].
`. . . .. ITS/22
`6/1973
`Ehrat . . . . . . . . . .
`
`3/1914
`Feistel ......t.
`364/200
`
`6/1976 Ehrsametal.
`its/22
`
`10/1976
`Zetterberg et a].
`173/22
`
`OTHER PUBLICATIONS
`C. M. Campbell, Jr.; Conf. on Computer Security and
`the Data Encryption Standard; NBS (Preprint of Pa—
`pets); Feb 15, 1971
`13. Morgan; Conf. on Computer Security and the Data
`Encryption Standard; NBS (Preprint of Papers); Feb.
`15, 197?.
`
`ABSTRACT
`[5?]
`An apparatus for insertion in a communications line for
`providing message secrecy within a significant portion
`of existing communications networks. At the transmit-
`ter end, the apparatus receives messages from the come
`munications line, enciphers them and retransmits them
`onto the communications line. At the receiver end, the
`apparatus receives messages from the communications
`line, deciphers them and retransmits them onto the
`communications line. The apparatus contains both a
`‘ra“5“1_itter_ and regain?! and is capable of full duplex
`operation In a-bidtre-cuonal communications lute. A}:-
`cording to the invention, data :5 enctphered by combin-
`ing the data received with the output of an algorithm,
`the algorithm output being dependent on the data previ-
`ously enciphered and a unique key entered by the user.
`As data is received it is combined with the output of the
`algorithm, transmitted and using cipher feedback web
`.
`.
`.
`mquesfed “Wk 35 an “‘9‘” ‘0 F115 aigomhm to P8 “5351
`‘0 enmpher subsgquenfly received data- Data Is deer
`phered using equivalent elements as used for encipher-
`ing,
`the basic difference in the apparatus operation
`being the point from which data fed back into the algo-
`rithm is taken. The apparatus operates onabyte-by-byte
`basis, and contains provisions for responding to control
`characters and ignoring messages intended for a differ-
`an! apparatus.
`
`49 Claims, 17 Drawing Figures
`
`BET
`IN
`
`
`
`Will i EIUIFIIT
`PERMUTE AJJTUMTIULU
`{IP}
`
`B r a an
`(a) SERIEStFtthLLEL
`
`I-E’
`
`
`
`Ettttiswt at
`
`ia-ea it runs:
`
`'.
`
`FEW-UTE m
`
`
`6i)— -—-
`Eli ELLISWE UR
`
`lR-{XCLUSWE MS]
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 1
`
`
`
`
`
`
`L r— -—"_._;7..
`
`
`
`
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 1
`
`
`
`
`
`US. Patent
`
`Oct. 23, 1979
`
`Sheet 1 of 15
`
`4,172,213
`
`DATA
`IN
`
`0
`
`m Rn
`
`[iJATA
`U
`
`AH
`
`£9
`
`(a
`
`INPUT I OUTPUT
`PERMUTEAUTUMATICALLY
`IIP)
`
`3” 3”
`0 SERIES/PARALLEL
`I-2
`
`IIEI SIORAGE
`
`-I.
`
`6
`
`PERMUTE
`(902)
`
`________ __ ____j
`
`III
`
`I III I
`
`III I | II
`
`EXCLUSIVE (III
`
`(AB-EXCLUSIVE UR‘S}
`
`66666666
`
`SUBSTITUTION
`
`69
`
`PERMUTE (P)
`
`R
`
`EXCLUSIVE 0R
`
`Hg. I
`
`(SE-EXCLUSIVE OR'S}
`
`DATA STORAGE
`
`Ln
`
`Rn
`
`TRANSFORM
`(E)
`
`III
`
`I
`I
`I
`
`I
`
`I I | I II I II
`
`I
`
`III II I I
`
`Page 2
`
`Apple v. PMC
`|PR2016-01520
`
`PMC Exhibit 2146
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 2
`
`
`
`S.
`
`tnma
`
`8%
`
`
`U.E5%:age:Erma
`pEEEEEEEE
`
`
`
`
`95%H$325:25w52:;.5558:
`
`a,.m.NQR
`
`2NTN_SE28_all1]i_
`
`cm.1ITJ.SE5
`w_55am.
`
`12
`
`.,9;olllllllllllllllllll1|_m5&3:922:__.,_.;5%4_fl
`
`:2ng
`
`3P
`
`
`
`2P1wmwmpmmmmAm
`mmmw
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 3
`
`
`
`
`t.:22
`
`memem.Saga
`
`
`
`m222%:chE253:mSam:
`
`gag
`
`
`
`:ZEE223505:23Egg
`
`225.55%
`
`55%
`
`
`
`222mg:onEamépézsl
`
`
`
`
`
`
`
`
`
`mequo
`
`
`
`3Mat
`
`
`
`US. Patent
`
`cnu
`
`wm,
`
`5
`
`w
`
`.l._,4
`
`1.12,2n.1,.
`
`205505
`
`magma
`
` E7:sz Ewfig
`
`295.555
`
`.5an
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 4
`
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 4
`
`
`
`
`
`
`
`
`
`
`US. Patent
`
`Oct. 23, 1979
`
`Sheet 4 of 15
`
`4,172,213
`
`325%:
`
`Ewfig
`
`.32“sz..
`
`_EEG
`
`.222me
`
`Emfié
`
`E53
`
`558:
`
`5:3
`
`Sam
`
`52%
`
`.323me
`
`ESE
`
`52%
`
`5255
`
`._
`
`3:sz
`
`.2253
`
`Emfig.93m$2513
`
`
`
`
`
`
`
`
`
`magma20:3:EISEZOEEQEmasmdmJaémm
`
`m.
`
`.UNNI
`
`$.2ng
`
`.EZEEH
`
`EEG
`
`EmEE
`
`$22528
`
`Em.
`
`.1
`
`
`
`$255Emfig
`
`
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 5
`
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 5
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`:8me
`
`SEE
`
`
`MQEEE,ESE:o-Nmmwm
`5:31:EEE
`MES22”."8555
`
`Em:
`
`MERE
`
`mimEm
`
`Em:Emamm
`
`mean—fig
`
`Nab
`
`5%:
`
`
`
`mag:25
`
`ézfimfi
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 5 of 15
`
`4,172,213
`
`
`
`
`
`
`
`5%:955%5%:22m2¢E
`
`9235283:.SE28
`
`godmamflEESmagma$55
`
`$5meEEEm
`
`EmEv...
`
`MQEQG
`
`E555
`
`muégw
`
`$5me
`
`EEESE
`
`SE282I:18:.
`
`mug-
`
`$25365:
`
`“255.5%
`
`magma
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 6
`
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 6
`
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 6 of 15
`
`4,172,213
`
`ONE BIT SHIFT
`PER BIT
`
`7’2
`
`B BITS
`
`
`mmmm
`
`m
`
`
`
`_
`
`— — — — — ———i
`-
`
`VARIABLE
`
`ADTWATE
`ONCE PER
`0 an
`
`
`
`
`I
`l
`l
`
`o
`
`m
`
` I III-III. 9
`
`
`m
`I
`O
`TRANSMIT
`
`C
`RECEIVE
`
`\
`
`|
`
`l
`
`|
`
`“EV 3"
`
`7-32
`
`Fig.7
`
`Page 7
`
`Apple v. PMC
`|PR2016-01520
`
`PMC Exhibit 2146
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 7
`
`
`
`
`
`a
`
`9
`
`7..
`
`1
`
`$538_mgmmm_,m_
`
`2.,@7587$202_
`31|._1|m55%_$22?
`4“,$538_$22:
`
`_£8m21:13:.as.I322:_225$_
`
`
`
`
`
`
`
`wEmafig:532M5%;I_a_size:a_32%o_t535528:E_m22:23555Ema_
`
`P_3528;:
`
`
`
`SH5%_zigzag55U.22:
`
`$0:
`
`
`
`mm0WmP
` COMflP1
`
`V.n_v
`8egaP
`
`
`..mhXECMP
`
`6412u.“
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 8
`
`
`
`
`
`U.S. Patent
`
`a.
`
`m,
`
`4,172,213
`
`0$2385@2585
`
`
`
`mgEgg,MES:22:35%;,E.
`is:$5525in:
`
`
`._:2ng
`
`
`
`-53:EM”;_m_s__isEzg+I_2:582_9_IIIIIW_
`_|_____#__55%
`"Viewa_2::ngegg:WEE:"Mm.o|.m\_a:
`
`"I
`
`I I I | I I I
`
`I I | I
`
`I I I I I
`
`I I I
`
`_I
`
`22%EggEEaEwIIIE52%1%,9E................
`
`3.2on
`
`555%
`
`LE5..
`
`2952
`
`PMC Exhibit 2146
`
`
`
`Apple v. PMC
`|PR2016-01520
`
`Page 9
`
`
`
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 9
`
`
`
`
`
`
`
`
`
`DD
`00
`1
`II
`00 \OO\Q A)
`||
`0|
`‘
`ID
`DI
`0I\\DD\II
`IO
`II
`A
`ID
`ID
`II\\OO OI
`\\ T
`III
`IO
`II
`Ii
`ID DI\QII\I
`EXCLUSIVE-0R D
`OUTPUT
`(A)
`(RI
`
`Fig/0
`
`INPUT
`BUS
`‘6“)
`
`00
`0|
`IO
`II
`
`OO
`0|
`IO
`II
`
`DD—DDNIRDLCRARRDTER
`ID
`DI
`II
`
`“PNPUNTRPL
`CHARACTER
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 10
`
`Oct. 23, 1979
`
`Sheet 9 of 15
`
`4,172,213
`
`INPUT DATA FROM DTE
`
`DATA
`INPUT
`REGISTER
`
`I3'2
`
`KEY MEMORY
`STORAGE
`
`CHARACTER
`STORAGE
`DELAY
`
`lS-IO
`
`SELECT
`
`I EXCLUSIVE-OR
`TRANSFORMATION
`
`AND
`
`5‘3
`
`DATA FROMALGORITHM
`
`DATA TO ALGORITHM
`RDNIRDLICIRHER
`FEEDBAOK REGISTER)
`
`SELECT
`
`IETETTTTII
`
`OUTPUT
`CHARACTER
`BUFFER
`
`5'5
`
`OUTPUT DATA TO DOE
`
`"KEY BITS" (6 AT)
`
`DD
`
`DI
`
`ID
`
`||
`
`US. Patent
`
`F19 I3
`
`I5-4
`
`PARITY
`CHECK
`
`AF
`
`GENERATION EH“—
`
`i
`
`
`
`|5-|0
`
`“LOWER
`
`TUTTIE'NTIfiITDN"
`DENIDE
`
`"KEY BITS" {6 AT)
`DD
`DI
`[0
`
`II
`
`I
`I
`
`INPUT
`EATER)
`
`
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 10
`
`
`
`U.S. Patent
`
`Oct. 23, 1979
`
`Sheet 10 of 15
`
`4,172,213
`
`9'51? 311% 5”“
`
`ll-2
`
`sans
`I—Afi
`
`“WWW” “mm
`
`
`
`0
`
`|
`|
`
`DES ALGORITHM
`STRANSFERS/BYTE
`IIIIIIII
`®
`
`l
`|
`ACTIVATE
`0NCEFE
`m 1
`l
`A»
`E
`| III-III. (B
`
`ENGRYPT MODE
`
`®
`
`0
`
`m
`
`KEY
`VARIABLE
`
`fl 9
`- T
`- T
`- |
`= |
`- ‘
`- LAW
`I I
`T
`I
`
`
`
`m m Ha
`
`-
`
`-
`RECEIVE
`
`KEYBITS
`
`"‘1
`
`IIIIIIII
`
`9
`
`11-12
`
`CONTROL
`
`- xon AND a ‘
`
`TRANSFORMATION
`
`|
`
`|
`
`A
`
`'
`
`ll-l0
`
`A
`
`=
`
`PLAINTEXT
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 11
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 11
`
`
`
`
`
`
`
`
`
`
`US. Patent
`
`Oct. 23, 1979
`
`Sheet 1] (If 15
`
`4,172,213
`
`TRANSMITTING
`
`-fl
`
`5
`U
`H
`
`A
`D
`I
`
`A
`D
`2
`
`,5
`T
`X
`
`PLAIN
`TEXT
`
`5
`E
`F
`
`PLAIN
`TEXT
`
`PLAIN
`TEXT
`
`E
`T
`F
`
`E
`T
`X
`
`E
`T
`Co
`
`'2'“
`
`TRANSMITTING
`
`SELECTIVE ENCAIPTICN/
`AUTHENTICATION CENICE
`
`
`IDENTIFICATION FIELD (IF)
`
`S
`C
`H
`
`.E
`II
`I
`
`E
`D
`2
`
`E
`T
`X
`
`E
`I
`C
`
`E
`D
`3
`
`A
`I]
`A
`
`T
`F
`I
`
`.T
`T
`8
`
`PLAIN
`TEXT
`
`E
`E
`F
`
`5
`
`E
`
`F
`
`5
`E
`F
`
`CIPHER
`TEXT
`
`E
`PLAIN
`E
`E W T
`F
`X
`
`E
`C
`CI
`
`E
`
`F
`
`E
`E
`F
`
`PLAIN
`TEXT
`
`E
`
`T
`
`X
`
`B
`
`C
`
`C2
`
`PLAIN
`TEXT
`
`E
`T
`X
`
`E
`C
`C3
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 12
`
`"HIE-Z
`
`[ICE
`
`3
`
`A
`
`T
`
`II
`
`E
`
`3
`
`A
`
`I
`
`3
`
`H
`
`A
`
`D
`
`I
`
`A
`
`2
`
`5
`
`s
`
`'T I
`
`X
`
`NECEIXINC
`SELECTINE ENCNXPTICN/
`AUTHENTICATION IIEIIICE
`
`5
`0
`H
`
`E E.
`D
`D
`I
`2
`
`,5
`T
`X
`
`PLAIN
`TEXT
`
`RECEIVING DTE
`
`ADI,AD2 INDICATE RECEIVING DTE
`SIC = SELECTIVE IDENTIFICATION CHARACTER = IIIIIDI
`AD3,AD4 INDICATE TRANSMITTING DTE
`IIFI-IIFII=\IARIADLE FILL CHARACTERS
`
`SEE =START ENCRYPT FIELD
`
`EEF= END ENCRYPT FIELD
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 12
`
`
`
`
`
`US. Patent
`
`Oct. 23, 1979
`
`Sheet 12 of 15
`
`4,172,213
`
`DATA FROM DCE
`
`DATA
`INPUT
`REGISTER
`
`I4'2
`
`——
`
`
`
`PARITT
`
`CHARACTER
`
`CHECK F T__CELAT
`KEY MEMORY
`IF VERIW‘T'ON
`STORAGE
`I STRIFPING
`HATRIA
`LCATHHC
`
`J._____
`TOUR
`CHARACTER
`
`I
`
`|
`
`— — —
`
`__ — —~
`
`f
`
`'7'
`
`I I I I
`
`1»— el
`|
`l
`
`I
`AF
`HERIFICATICH
`AND
`I
`STRIPPING
`|
`“*_T h _'
`I
`I
`I _ L _I
`0F 1H'ARIABLE
`FILL
`|
`I I I I I |_
`
`DATA FROM
`ALCCRITHH
`
`DATA T0
`_ ALCCRITHR
`(GIPHER FEEDBACK
`REGISTER)
`
`s E
`
`L
`E
`C
`T
`
`EXCLUSIVE
`OR AND
`TRANSFORMATION
`
`PARITY
`CERERATICH
`
`
`
`CHARACTER
`STORAGE
`REGISTER
`
`"4‘4
`
`DATA T0 DTE
`
`F['97. /4
`
`Page 13
`
`Apple v. PMC
`|PR2016-01520
`
`PMC Exhibit 2146
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 13
`
`
`
`
`
`
`
`
`
`W
`I
`
`
`
`
`
`
`I5-6
`
`Ir”
`
`PLAIN .
`TEXT
`
`IIIIIII
`
`l5-I2
`
`GENERATOR
`
`COMPARATOR
`
`TRANSFORMATION
`
`INTERORANSE
`
`STATUS
`
`OUTPUT
`
`|540
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 14
`
`US. Patent
`
`Oct. 23, 1979
`
`Sheet 13 01°15
`
`4,172,213
`
`WEBHESHWT
`PER BYTE
`
`64
`
`SBHS
`/—'—/\'—\
`
`m
`VARIABLE
`
`o
`
`E‘“RsTO;—OATRR —————— T—
`I
`l
`
`STRANSFERS/RTTE
`
`-
`
`J IIIIIIII
`I
`<3
`33% '
`BYTE
`I
`I
`
`ENCRYPT NOOE
`
`'
`
`--
`-
`E
`® -
`I
`
`@
`l
`} IIIIIIII 9
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 14
`
`
`
`US. Patent
`
`Oct. 23, 1979
`
`Sheet 14 of 15
`
`4,172,213
`
`_
`
`TRANSMITTING
`
`PLAIN
`TEXT
`
`>C—Ql'l'1
`
`Dada:
`
`I I O
`
`:Inz—Im
`
`misin-
`
`3
`I
`
`S D H
`
`
`
`
` TRANSMITTING
`
`SELECTIVE ENCRYPTION/
`AUTHENTICATION DEVICE
`
`
`
`SAA
`
`SSAAV VFWN
`
`IDENTIFICATION FIELD IIFI
`
`AUTHENTICATDR FIELD (AF)
`
`AAAEB
`
`
`
`HIE XG54I8
`
`|23AXC|
`
`“*4
`IB'ZJ
`
`5AA
`SSAAV V
`AAAAEB
`IIIIII~IIIIDF-F§%§'T”FFFFTC
`HIexcsqls
`1234xcg
`
`RECEIVING
`
`
`
`SELECTIVE ENCRYPTION/
`AUTHENTICATION DEVICE
`
`S
`
`H
`
`A
`
`I
`
`A
`
`2
`
`5
`
`x
`
`PLAIN
`
`EB
`
`x05
`
`16-10
`
`RECEIVING DTE
`
`Fig/6
`
`ADI.A02 INDICATE RECEIVING DTE
`SIC = SELECTIVE IDENTIFICATION CHARACTER = IIIIIDI
`AD3,ADA INDICATE TRANSMITTING DTE
`E] =DPTIDNAL CHARACTER THAT INDICATES THE STATE OF AUTHENTICITY OF THE MESSAGE
`VFI~VFII = VARIABLE FILL CHARACTERS
`
`Page 15
`
`Apple v. PMC
`|PR2016-01520
`
`PMC Exhibit 2146
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 15
`
`
`
`US. Patent
`
`Oct. 23, 1979
`
`Sheet 15 of 15
`
`4,172,213
`
`TRANSDIIIETTINC
`
`F]. I]?
`
`5
`0
`H
`
`A
`9
`I
`
`A
`D
`2
`
`PLAIN
`TEXT
`
`T
`x
`
`PLAIN
`TEXT
`
`5
`E
`F
`
`E
`E
`F
`
`PLAIN
`TEXT
`.
`,
`
`E
`T
`x
`
`B
`C
`so
`
`I
`sELEIIII‘EA'II'AImNT
`AUTHENTICATION
`
`IDENTIFICATION FIELD IIFI
`
`OPTIQNAL
`
`5AA .SSAAV ‘V PLAIN
`000
`TIDDF
`ETD”
`HI2
`XCSAI
`8
`
`AAAEB
`SCIPHEREPLAW
`ETEXT Em FFFFTC
`F
`F
`I234XC|
`
`DCE
`
`VmeSCIPHEREPUMN AAAAEB
`SSAAV
`5AA
`ODD-“TIDDF-HF TEXT
`E W E
`TEXT FFFFTC
`HI2XC341 8.
`F
`|234XC2
`
`RECEIVING
`SELECTIVE ENCRYPTICN/
`AUTHENTICATION
`DEVICE
`
`
`
`
`
` AUTHENTICATDR FIELD IAF)
`
`
`III-I AA A
`TEN FAA [III
`
`H12
`
`x
`
`F
`
`F
`
`’
`
`XC3
`
`RECEIVING DTE
`
`ADI,AD2 INDICATE RECEIVING DTE
`SIC = SELECTIVE IDENIFICATIDN CHARACTER = ||II|0|
`AD3,ADA INDICATE TRANSMITTING DTE
`[1 =DPTIDNAL CHARACTER THAT INDICATES THE STATE OF AUTHENTICITY OF THE MESSAGE
`VFI-VFB =VARIABLE FILL CHARACTERS
`
`SEF = START ENCRYPT FIELD
`EEF = END ENCRYPT FIELD
`
`
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 16
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 16
`
`
`
`4,172,213
`
`I
`
`BYTE STREAM SELECTIVE
`ENCRYPTION/DECRYPTION DEVICE
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`Reference is hereby made to two utility applications
`entitled LINK ENCRYPTION DEVICE, Ser. No.
`452.443.
`and COMMUNICATIONS LINE AU-
`THENTICATION DEVICE, Ser. No. 852,446, by the
`same inventors as the instant invention and filed concur-
`rently with the instant application, and to a design appli-
`cation entitled DATA ENTRY KEYBOARD, by
`Jerry Joseph Sims et 511., Ser. No. 835,840, filed Sept. 22,
`1977.
`
`BACKGROUND OF- THE INVENTION
`
`The present invention relates generally to the art of
`cryptography and more specifically to hardware and
`techniques for achieving data communicating security.
`With the growing use of remote communications
`lines to transfer data between prooessing systems. be-
`tween terminals and remote data banks, and between
`terminals connected to the same or different computers,
`the need to safeguard the data being transferred has
`grown. In the banking industry, there is a growing need
`to prevent the fraudulent modification of “electronic
`money" in electronic funds transfer. Similar needs exist
`in business to prevent the disclosure of sensitive data. In
`the government sector, present and/or future privacy
`acts place restrictions on the ability to access sensitive
`information. This need to safeguard sensitive informa-
`tion is likely to grow as future privacy legislation will
`most probably impose data communications security
`requirements on the private sector.
`_
`Previous efforts to safeguard data communications
`have been made,
`for example.
`in 1.1.5. Pat. No.
`3,798,605, issued Mar. 19, 1974, which pertains to a
`multi-terminal data processing system having means
`and process for verifying the identiy of subscribers to
`the system. Validity of a terminal request for communi-
`cations with the data processing system are determined
`on the basis of a centralized verification system. Each
`subscriber to the system is identified by a unique key
`binary signal pattern. The central data processing unit
`contains a listing of all valid keys for subscribers to the
`system. Two embodiments of the centralized verifica-
`tion system are presented, a password system and a
`handshaking system. In the password system, all data or
`information originating at the terminal under use of the
`subscriber is enciphered in combination with the unique
`subscriber key. Upon proper deciphering of the key or
`password at the central processing unit and arriving at
`a match with one of the keys in the processor’s listing,
`the subscriber may communicate with the processing
`system. In the handshaking system embodiment the user
`and the central processor exchange a plurality of mes-
`sages each formed by a combination of new and prior
`received data. Received data messages are also main-
`tained within the registers at both the terminal and the
`central processor for further verification upon the re-
`turn of the portion of the message that was previously
`transmitted. The techniques described in the latter pa-
`tent have several drawbacks. First, the techniques are
`restricted to communications between a central proces-
`sor and terminals attached to the central processor. No
`provision is available for communications between ter-
`minals or for transmitting a message received by, but
`
`5
`
`10
`
`15
`
`20
`
`25
`
`35
`
`4s
`
`50
`
`55
`
`65
`
`2
`not intended for, a first terminal to a second terminal
`which is intended to receive the message. Second, the
`system enciphers all data and hence is not capable of
`selective encryption Third, communications must be
`initiated by the terminal, and may not be initiated by the
`central processor. Fourth, the system is not designed for
`insertion in previously existing communications sys-
`tems.
`
`Another cryptographic technique to achieve data
`security is presented in U.S. Pat. No. 3,798,360, issued
`Mar. 19, 1974, which system provides multiple level
`encipherrnent of a block of data by means of a stepped
`block cipher process. This system suffers from the same
`drawbacks as previously discussed for U.S. Pat. No.
`3,798,605. Further, this system is restricted to operation
`on blocks of data and is not capable ofbit-by—bit encryp-
`tion.
`
`OBJECTS OF THE INVENTION
`
`It is the general object of this invention to provide a
`cryptographic system to provide communications secu»
`rity for communications links in point-to—point or multi-
`point networks without changes to existing hardware or
`software configurations.
`It is another object of this invention to provide link
`encryption on a byte-by—byte basis in common carrier or
`direct connect circuit environments.
`It is a further object of this invention to provide a
`cryptographic system, for insertion between a data set
`and a terminal or central processing unit, which enci-
`phers and deciphers binary data on a byte-by—byte basis.
`It is a further object of this invention to provide a
`self-contained cryptographic system, for insertion be-
`tween a data set and a terminal or central processing
`unit, which enciphers and deciphers data on a byte-by-
`byte basis without modifying control commands and
`communications protocols.
`It is another object of this invention to provide a
`cryptographic system, for insertion in communications
`links, which can selectively encrypt binary data.
`It is still another object of the present invention to
`provide a system which maintains message secrecy as a
`message is transmitted from a first terminal or processor
`until the message reaches its ultimate destination point
`after passing through terminals or processors for which
`the message is not intended.
`It is a further object of the present invention to pro-
`vide a system to maintain privacy between selected
`terminals in a data communications network having a
`plurality of terminals.
`It is another object of the present invention to pro-
`vide a cryptographic system which enciphers binary
`data into an enciphered data that is not susceptible to
`successful cryptoanalysis.
`It is still another object of the prent invention to
`provide a cryptographic system that enciphers and
`deciphers data and which is dependent on a key stored
`in the cryptographic system and data previously re-
`ceived by the cryptographic system.
`These and other objects, features and advantages of
`the present invention will become apparent from the
`description of the preferred embodiments of the inven-
`tion when read in conjunction with the drawings con—
`tained herewith.
`
`
`
`
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 17
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 17
`
`
`
`3
`
`4,172,213
`
`4
`FIG. 8 illustrates the modem delay compensation
`circuitry utilized in both the transmit and receive opera-
`tions.
`FIG. 9 is a functional block diagram of the SE/AD in
`the end-to-end selective encryption mode of operation.
`FIG. ll] illustrates the translation performed on con-
`trol characters.
`FIG. 11 is a functional block diagram of the SE/AD
`as a byte stream encryption/decryption device operat-
`ing in any end-to-end mode.
`FIG. 12 shows the message flow in a communication
`network that utilizes the SE/AD in the end-to-end
`selective encryption mode.
`FIG. 13 is a simplified block diagram of the transmit
`processing operation.
`FIG. 14 is a simplified block diagram of the receive
`processing Operation.
`FIG. 15 illustrates the SE/AD utilized as just an
`authentication device which serves as both a transmitter
`and a receiver.
`FIG. 16 shows the message flow in a communication
`network that utilizes end-twnd authentication mode
`devices.
`FIG. 17 shows the message flow in a communication
`network which combines the selective encryption mes-
`sage flow and the authentication message flow into a
`system containing both modes of operation.
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENT
`
`SUMMARY OF THE INVENTION
`
`The foregoing objects of the present invention are
`achieved by providing an apparatus for insertion in an
`existing communications line for providing message
`secrecy within a significant portion of existing commu-
`nications lines.
`
`The apparatus has both encryption and decryption
`capabilities and can function in a full duplex environ-
`ment to encipher and transmit data received from a first
`direction. and decipher and transmit data received from
`a second direction. Data received from the first direc-
`tion is enciphered by combining the data received with
`the output of an algorithm, the algorithm output being
`dependent on the data previously enciphered and a
`unique key entered in the apparatus by the user. As data
`is received from the first direction, it is combined with
`the output of the algorithm and the resulting enciphered
`data is transmitted back onto the communications line in
`the first direction and fed back to a cipher feedback
`register which provides input data to the algorithm for
`use in enciphering data subsequently received by the
`apparatus.
`Data received from the second direction is deci-
`phered using equivalent elements and the same algo-
`rithm as used for enciphering, the basic difference in the
`operation of the apparatus being the point from which
`data fed back to a cipher feedback register is taken.
`The apparatus operates on a byte-by-byte basis and is
`sensitive to control character sequences. In response to
`the receipt of specified control characters, the apparatus
`has provisions for selectively encrypting or decrypting
`data received, and provisions for transmitting the data
`received from the first direction without enciphering it.
`In an alternate embodiment, the apparatus contains
`provisions for storing a plurality of unique keys, each
`key having associated with it a unique address. When
`the apparatus receives a message from its second direc-
`tion it uses the addreas contained in the message to load
`the key, corresponding to the address received. into its
`algorithm. The apparatus then deciphers the data re-
`ceived based on the key that was loaded into its algo-
`rithm. If the address contained in the message is not one
`of the ones stored in the apparatus, the apparatus will
`transmit the message received without alteration, as it
`was not intended for that apparatus.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a block diagram of the data encryption
`standard used in the preferred embodiment of this in-
`vention.
`FIG. 2 is a functional diagram of the cryptographic
`technique utilized in the selective encryption/authenti-
`cation device.
`FIG. 3 is a functional diagram showing the transmit-
`ter cipher feedback register run as a shift code counter.
`FIG. 4 illustrates typical point-to~point and multi-
`point networks utilizing the SE/AD in link encryption
`mode.
`FIG. 5 shows a typical end-to-end mode communica-
`tion network configuratiOn with multiple nodes and a
`variety of links containing a mixture of terminals and
`processors.
`FIG. 6 is a functional block diagram of an SE/‘AD in
`the link encryption mode of operation.
`FIG. ’1 illustrates the SE/AD as a bit-stream encryp-
`tion/decryption device operating in the link encryption
`mode.
`
`10
`
`15
`
`25
`
`35
`
`45
`
`50
`
`55
`
`65
`
`
`
`
`
`Throughout this description and in the accenipany—
`ing drawings, the following terms and expressions will
`be utilized in accordance with the following definitions:
`
`Algorithm: A prescribed set of well-defined rules or
`processes for the solution of a problem in a finite num-
`ber of steps.
`Authentication: The process of appending crypto
`check digits to a plain text message by means of a
`Crypto System where the Crypto check digits are gen-
`erated by Encryption of the entire plain text message.
`Cipher Feedback: A technique in which the key gen-
`erated is a function of the preceding cipher.
`_
`Cipher Text: The unintelligible form of information
`resulting from Encryption of plain text by a Cryptosys-
`tern.
`
`Cryptographic System (Cryptosystem): The associ-
`ated items of documents, deviCes, or equipment that are
`used as a unit, and provide a single means of encryption.
`(The term “Encryption” used in this specification im-
`plies the capability of the inverse function, i.e., “De-
`cryption".)
`Crypto Unit: That portion of a Cryptosystem where
`the actual Encryption and Decryption takes place.
`Decryption (Decipherment): The process of convert-
`ing encrypted text
`into its equivalent plain text by
`means of a Cryptosystem.
`Encryption (Encipherment): The process of convert-
`ing plain text into unintelligible form by means of a
`Cryptosystem.
`End-To-End Selective Encryption/Authentication:
`Encryption of authentication in pointwto-point multi-
`point networks to provide protection of data on the data
`communication line and within interSpersed message
`switches or concentrators.
`Garble: Unintelligible information caused by a modi-
`fication to a cipher bit(s).
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 18
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 18
`
`
`
`4,172,213
`
`5
`Key: Bits generated by a crypto unit under control of
`the key variable which are logically combined with
`plain text to form unintelligible information i.e., cipher
`text, or inversely, logically combined with cipher text
`to produce the original plain text.
`Key Variable: A symbol, or sequence of symbols (or
`electrical or mechanical correlates to symbols) which
`control the operations of encryption and decryption
`(e.g., a finite length bit pattern).
`Link Encryption: Encryption in point-to-point or
`multipoint networks to provide protection of data on
`the data communications line.
`
`Message Integrity: A message in which the data is
`received at the proper destination exactly as sent by the
`originator, i.e., without any changes or tampering.
`Message Secrecy: A message in which the data is
`incomprehensible to any viewer or listener from the
`time it leaves the source until it arrives at the proper
`destination.
`Plain Text: Intelligible text or signals which have
`meaning and which can be read or acted upon without
`the application of any decryption.
`Selective Encryption: The process of converting
`portions of plain text which are delineated by selected
`charactertjs) into unintelligible form by means of a
`Cryptosystem.
`Variable Fill: A random bit pattern provided as the
`input to the algorithms of both transmit and receive
`crypto units during initialization.
`Data Encryption Standard: The Data Encryption
`Standard (DES) is an algorithm released by the Na-
`tional Bureau of Standards in the Federal information
`Processing Standards Publication (FIPS Pub) 46-Jan.
`15, 1977, and is intended for use as an industry standard.
`It was designed for 64-bit block data operation. The key
`variable is 56 bits in length and -is loaded into the algo»
`rithm before the encryption!decryption process is initi-
`ated. In the encrypt mode the algorithm produces 64
`bits of cipher text for each 64 bits of input plain text.
`Conversely, in the decrypt mode if these 64 bits of ci-
`pher text are provided as the input. the algorithm will
`produce the original 64 bits of input plain text. The Data
`Encryption Standard is incorporated by reference in
`this specification. Additional description of the Data
`Encryption Standard is also presented in U.S. Pat. Nos.
`3,796,830 and 3,798,359, issued Mar. 12, 1974 and Mar.
`19, I974, respectively.
`
`FIG. 1 is a block diagram of the data encryption
`standard. As shown, the implementation of the data
`input and data output is provided in 8-bit bytes. The key
`input is entered in 8-bit bytes: 7 bits plus parity. Parity is
`not stored in the key storage register.
`Twenty-four clock periods are required to load the
`data input. Data output is simultaneously available dur-
`ing this period. Sixteen iterations of the algorithm at
`two clock periods per iteration, require an additional 32
`clock periods, giving a total of 56 clock periods needed
`for a complete algorithm load and run cycle. At the
`system clock of 1.2238 MHz, the algmithm is cycled in
`45.6p. seconds.
`FIG. 2 is a functional diagram of the cryptographic
`technique utilized in the Selective Encryption/Authen-
`tication Device (SE/AD). Operation of the algorithm
`unit (DES) 2-2 is described, supra. and is shown only to
`indicate the required interconnections. In this discus-
`sion, the algorithm is only Operated in the encrypt mode
`and is being utilized as a key generator. This technique
`
`10
`
`15
`
`20
`
`25
`
`35
`
`45
`
`50
`
`55
`
`65
`
`
`
`PMC Exhibit 2146
`
`Apple v. PMC
`|PR2016-01520
`
`Page 19
`
`6
`operates on the principle that "plain text" exclusive-
`ORed with "key" produces cipher, and conversely that
`“cipher” exclusive-ORed with “key” produces the orig-
`inal plain text.
`The algorithm was designed to operate on 64-bit
`blocks of input data; however, it can be operated (i.e.,
`cycled through the required 16 iterations) on any num-
`ber of input bits up to this maximum of 64 bits. As
`shown in FIG. 2. the algorithm L2 is being cycled once
`for each data input bit. Each time a data input bit is
`transferred into the 64-bit input register 2-4, the entire
`contents of this register 2-2 are transferred into the
`algorithm 2-2. Although 64 key bits are produced each
`cycle and are available at the output. only a single key
`bit is utilized and the other 63 key bits are ignored. Also
`shown in FIG. 2 within the dotted lines is an 8-bit out-
`
`put register 2-6. If the input to the algorithm is provided
`as a single character, or 8—bit byte, and then cycled, and
`8-bit byte of key bits can be provided as the output. It is
`important to note that with a fixed key variable, for a
`given pattern of 64 algorithm input bits, a given pattern
`of 64 output, or key bits is always generated.
`Shown at the top of FIG. 2 is a 64-bit shift register
`called the cipher feedback register 24. In the transmit
`mode as each input plain text bit is exclusive-ORed with
`a key bit by exclusive-OR 2-8, the resultant cipher bit is
`sent as the output bit and simultaneously entered into
`the cipher feedback register 24. Thus the input to the
`algorithm unit 2-2 which produces key bits is the last 64
`bits of the output cipher bit stream.
`In the receive mode, the system operates in a similar
`manner. In this instance the input to the unit is the same
`cipher bit stream produced at the transmitter output.
`Since this information must be decrypted, the cipher bit
`stream is entered directly into the cipher feedback regis-
`ter 24 as shown. Hence, the input to the algorithm 2-2
`is the last 64 input cipher bits. By performing the in-
`verse operation of exclusive-Oking the cipher bits with
`the identical key bits as were generated in the transmit—
`ter, the original plain text is prOvided as the receiver
`output.
`In order for the encryption/decryption process to
`proceed without error, or garble, the bit patterns in the
`cipher feedback registers 24 of both transmitter and
`receiver must be identical when generating the key bit
`to
`
`produce the cipher bit from the incoming plain text
`bit in the transmitter, and
`to produce the original plain text bit from the incom-
`ing cipher text in the receiver.
`The method of ensuring that the transmitter and re-
`ceiver are in synchronization is to randomly preset the
`cipher feedback register 2-4 in the transmitter to some
`bit pattern and precede the output cipher text message
`with these 64 preset bits. The receiver would place the
`first 64 bits received into its cipher feedback register 24
`as the initial preset before running the algorithm to
`produce the same key bits which are then processed
`with the incoming data. This initialization technique is
`called variable fill.
`Variable fill refers to the bit pattern, or fill, to which
`both the transmitter and receiver cipher feedback regis-
`ters 2-4 are set before processing input plain text in the
`transmitter and cipher text in the receiver.
`When not in the transmit mode, the transmitter cipher
`feedback register 24 is run as a 49-bit shift code counter
`driven by the recursion X3 =X41€BX55 shown in‘ FIG. 3.
`The preset to the shift code counter is the cipher residue
`
`
`
`PMC Exhibit 2146
`Apple v. PMC
`IPR2016-01520
`Page 19
`
`
`
`4,172,213
`
`7
`remaining from the last transmission. This assures that
`the preset to the counter is also random in nature.
`Whenever a variable fill is required, the transmitter
`cipher feedback register 24 is returned to its' normal
`operation: the shift code counting is inhibited; the algo-
`rithm unit 22 is re-enabled; and the register 24 is oper-
`ated at the selected input data rate. The input plain text
`data line is held in the mark condition and is exclusive-
`ORed with the key bits which are being generated as a
`result of the random bit pattern contained in the cipher
`storage register 24. A space is placed on the output data
`line and the operation proceeds as described, supra. for
`a predetermined number of bit times, i.e., cipher text is
`generated and sent as a variable fill as the transmitter
`output and simultaneously fed back as the input to the
`cipher feedback register 2—4. After the selected number
`of bits have been transmitted, the remainder of the bit
`positions in the cipher feedback register 24 are reset to
`zero, and the unit starts to process incoming plain text
`data as described previously.