`Booneet al.
`
`115
`
`(11)
`[45]
`
`4,352,952
`Oct. 5, 1982
`
`[54] DATA SECURITY MODULE
`Charles A. Boone, Mesa; Robert F,
`Pfeifer, Phoenix, both of Ariz.
`
`Inventors:
`
`[75]
`
`[73] Assignee: Motorola Inc., Schaumburg,IIl.
`[21] Appl. No.: 126,808
`
`(22) Filed:
`
`Mar.3, 1980
`
`Related U.S. Application Data
`
`[63]
`
`Continuation of Ser. No. 914,832, Jun. 12, 1978, aban-
`doned.
`
`[SU] Ut, C03 ecccsccccsscssssccscssesssscssscsecssstsense HO4L 9/00
`[$2] US. CD. eececcccesscsssessssssseeessesees 178/22.09; 364/200
`[58] Field of Search .....csscccessscccssssssseens 178/22, 22.09;
`340/149 A, 149 R, 152 R; 364/200
`
`[56]
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`1/1967 Lynch etal. 0... ene 178/22.09
`3,3 02,182
`
`5/1976 Anderson etal.
`- 178/22.09
`3,956,615
`4,120,030 10/1978 Johnstone.........
`-» 178/22.09
`4,168,396 9/1979 Best oe
`we 178/22.09
`
`4,203,166 5/1980 Ehrsam et al... 178/22.09
`OTHER PUBLICATIONS
`
`Cryptography”, Computation Planning, Inc., Bethesda,
`Md. 20014; 3/28/77.
`“System Implications of Information Privacy’, Peter-
`sen et al., Spring Joint Computer Conference 1967, pp.
`291-300.
`in a Multi-Programmed
`“Security Considerations
`Computer System”, Peters, Spring Joint Computer Con-
`ference 1967, pp. 283-286.
`“Some Cryptographic Techniques for Machine to Ma-
`chine Data Communications”, Feistel, Proceedings ofthe
`IEEE, vol. 63, No. 11, Nov. 1975, pp. 1545-1554.
`
`Primary Examiner—HowardA.Birmiel
`Attorney, Agent, or Firm—M. David Shapiro; Eugene A.
`Parsons
`
`ABSTRACT
`[57]
`A data security module for encrypting and decrypting
`computer data contains, in addition to the encryption
`logic, interface logic to allow direct memory access to
`a computer. The security module sits as a computer
`peripheral device and after being instructed as to the
`location and quantity of data by the computer, accesses
`the data directly from the computer memory without
`disturbing the processor to provide parallel encryption
`or decryption of computer memorydata.
`
`“Hard Node-Hardened Protection for Computational
`
`1 Claim, 13 Drawing Figures
`
`84
`
`62
`
` DATA
`
`
`
`
`CENTRAL
`PROCESSOR
`PROCESSOR
`78
`MEMORY
`60
`
`
`
`MEMORY
`
`UNIBUS
`
`SAMSUNG 1075
`SAMSUNG1075
`SAMSUNG v. SMART MOBILE
`SAMSUNG v. SMART MOBILE
`IPR2022-01004
`IPR2022-01004
`
`1
`
`
`
`U.S. Patent
`
`oct. 5, 1982
`
`Sheet 1 of 10
`
`4,352,952
`
`62
`
`RAM
`
`DES
`ALGORITHM
`
`60 58,
`BUFFER PT
`
`74.1
`
`ct
`
`f2
`
`RAM
`BUFFER
`
`DES
`ALGORITHM
`
`
`
`
`50
`
`54
`
`56
`
`PRIOR ART
`
`Fazq.tA
`
`PRIOR ART
`
`Fazgq.ta
`
`
`
`
`
`80
`
`
`
`PROCESSOR
`MEMORY
`
`2
`
`
`
`Sheet 2 of 10
`
`4,352,952
`
`U.S. Patent
`
`Oct. 5, 1982
`
`uveLaas
`
`
`
`
`
`HSINISLdAYOSdYOLdAYON]zor
`
`99
`@Xx8z!
`
`QvdHOIVHOS}}—8b/
`toYOUNSALINVdA’yGSC;
`
`
`96/7.9!|snaviva[*“9_HSINI41dANO30Zol
`nd"NID698o/
` sn@ ssayqav
`
`saninssayaayvwaYOLdAYONSZrn,£O/LieS!OO/
`
`
`JON¥LNODNMOOuveOSIQ3HSINISY3Hd!9
`
`
`y4OuusALIYVdAaaSaS/ssayaav
`
`
`YV8WIDOT;4300930
`
`99souINodsnaviva
`“va12070
`NMOGvaTVNYBLNIugaine
`
`
`v6ssauadySnINNZi
`idNyyain!13s
`
`waqo23aceaudcy
`
`
`LdA¥O30° CczDNASSAIS@HSINI4
`
`3G;HOLdAMONA
`
` og/TSTTTTCSCSCSCSCSCTOULNOOTTRaeLdNY¥yZLN|YOLISA
`
`NdOLgaz
`
`iasne|&/
`
`»ovu
`
`3
`
`
`
`
`
`
`
`
`
`U.S. Patent—oct. 5, 1982 Sheet 3 of 10 4,352,952
`
`
`
`UNBUSADDRESS
`
`l BUFFER 06,-— tvVorarrrrrirsyL
`
`56 Farg.GA
`seETAT
`Prt)
`
`|
`
`4
`
`
`
`U.S. Patent
`
`Oct. 5
`
`, 1982
`
`352,952
`
`_———I _IIIn——Het}Ldr—
`iw|3g4xaONmMPrFMmTFTwD|
`ogzie[@JasSle
`leeJESItHHe»L.S{/U.
`Te1dTv~l=3plats“IoaTHe§«OTH«Sf-|=erifs
`|
`aa|!
`
`Sheet 4 of 10
`
`4
`
`?
`
`4 2 3
`
`=_
`
`4 5
`
`5
`
`
`
`
`Sheet 5 of 10
`
`4,352,952
`
`U.S. Patent
`
`oct. 5, 1982
`
`FaEG.4C
`ee|
`
`ryINPUT/OUTPUT REGISTER (TOR)
`
`6
`
`
`
`
`
`U.S. Patent—oct. 5, 1982 Sheet 6 of 10 4,352,952
`
`
`
`Qo5 5)
`
`DEVICE SELECT
`? 6 tol 12 13 14 15]
`o
`O
`
`ia
`
`7
`
`
`
`U.S. Patent
`
`oct. 5, 1982
`
`Sheet 7 of 10
`
`4,352,952
`
`}
`
`|
`
`
`
`BG7———_, ° a
`
` | rocr—o} ,
`
`__ot
`-
`INTERRUPT CONTROL LOGIC 124
`er BG5——r{
`|
`BG4——o4
`WoLs 52 ae ae
`
`INTR
`|
`(PRT
`Buss) BRE——e}|
`u
`REQ.) aR5-——o|
`L_
`!
`BR4-——-o1_ g
`|
`IN)B65——o-}a
`BG4——04
`
`|
`
`|
`|
`|
`
`8
`
`
`
`oct. 5, 1982
`
`Sheet 8 of 10
`
`4,352,952
`
`U.S. Patent
`
`(212D-12)
`
`CSR STATUS.
`REGISTER {10
`
`4
`(212C-15)
`
`(212C~12)
`
`(212C— 4)
`
`(212C- 1)
`
`(212D-15)
`
`9
`
`
`
`U.S. Patent
`
`Oct. 5, 1982
`
`Sheet 9 of 10
`
`4,352,952
`
`F==G.4G
`
`DECODER
`
`Lo)
`
`on
`
`oe
`
`be=oOoO
`
`ec
`
`reaOo
`
`Soil
`
`bewn
`
`WW
`
`xr
`
`ADDRESS
`
`10
`
`
`
`U.S. Patent
`
`oct. 5, 1982
`
`Sheet 10 of 10
`
`4,352,952
`
`th
`
`HY
`ht1
`
`ZaaG. FH
`
`11
`
`11
`
`
`
`1
`
`4,352,952
`
`2
`
`DATA SECURITY MODULE
`
`This is a continuation of application Ser. No. 914,832,
`filed June 12, 1978, now abandoned.
`
`BACKGROUNDOF THE INVENTION
`
`This invention relates to data security systems, and
`more particularly, to data security systems interfacing
`with computers.
`The encryption ofdigital data has been widely recog-
`nized as a need in the computer industry in order to
`protect data which is transmitted over unsecure data
`transmission paths. A standard data encryption algo-
`rithm has been proposed by the National Bureau of
`Standards as described in the Federal Information Pro-
`cessing Standard Publication 46 and available through
`the National Technical Information Service.
`Various systems have been used in the past to imple-
`ment this or similar algorithms. The principle methods
`being either software implementation of the algorithm
`whichutilizes the central processor of the computer, or
`a serial encryption device which encrypts or decrypts
`data either just before it enters the computer or just
`after it exits from the computer. Howeverthese systems
`have several undesirable effects in that they reduce the
`data transfertime in the case of the serial devices andtie
`up the central processor in the case of the software
`implementation. Moreover the software implementa-
`tion is relatively time consuming.
`Thereforeit can be appreciated that a data encryption
`system which does not interfere with the direct flow of
`data and does not tie up the central processor for an
`extended period oftime is highly desirable.
`SUMMARYOF THE INVENTION
`
`15
`
`25
`
`30
`
`35
`
`Thereforeit is an object of this invention to provide
`a data encryption module which encrypts data in a
`parallel rather than serial flow.
`It is also an object of this invention to provide a data
`encryption module which operates with minimum cen-
`tral processor attention.
`it is still another object of this invention to provide a
`data security module which operatesin a peripheral slot
`of a standard computer.
`It is an object of this invention to provide a data
`security module which is capable of direct access to the
`memory of a computer.
`Anillustrated embodimentof the invention provides
`a data security module for use as a computer peripheral
`which comprisescircuitry for encrypting and decrypt-
`ing data words in response to a computer command,
`and computer interaction means for accessing directly
`memory words of a computer for encrypting and de-
`crypting data in a memoryof said computer while per-
`mitting a central processor of said computer to perform
`other functions.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIGS. 1a and 6 are a block diagram of cipher feed-
`back (CFB) data flow.
`FIG. 2 is a block diagram of a computer with a data
`security module in place.
`FIG. 3 is a block diagram of a data security module.
`FIGS. 4 and 4a-4h are a detailed schematic of the
`data security module.
`
`50
`
`60
`
`65
`
`12
`
`DESCRIPTION OF THE PREFERRED
`EMBODIMENT
`
`Nowreferring to FIG. 1, the cipher feedback (CFB)
`encryption and decryption data flow is shown for refer-
`ence to provide a better understanding of the function
`performed by the data security module. FIG. 1¢ shows
`a CFBencipherdata flow wherein plain text data enters
`on line 50, and is combined with the key text appearing
`on line 52 at an exclusive OR gate 54. The output on line
`56 is a ciphered text data. The key on line 52 is gener-
`ated using the National Bureau of Standards Data En-
`cryption Standard (DES) algorithm embodied in block
`58. The DESalgorithm utilizes a key of 64 bits of which
`56 are actually used, the other eight bits are used for
`parity, and 64 bits of input data are stored in a RAM
`buffer 62. The 64 bits of input data are transferred into
`the DES algorithm 58 cn a data line 60 from RAM
`buffer 62.
`In FIG. 18 the ciphered text is deciphered. The ci-
`phered text appears at line 64 and is exclusive ORed
`with the key test on line 66 by exclusive OR gate 68 to
`producea plain text output on line 70. The key used by
`the DES algorithm device 72 must be identical to the
`key used in DES algorithm device 58 of FIG. 1a. Also
`the RAM buffer 74 of FIG. 15 is identical to RAM
`buffer 62 of FIG. 1a. Thus the encipher and decipher
`flow diagrams of FIG. 1a and FIG. 18 are essentially
`mirror images of each other. Information on cipher
`feedback can be found in Federal Standard 1026, writ-
`ten by the Federal Telecommunications Standards
`Committee and available from the General Services
`Administration, Building 197, Washington, D.C.
`A typical memory block diagram of a computerin-
`corporating the data security module is shown in FIG.
`2. In a preferred embodimentof the invention the data
`security module is used in conjunction with a PDP-11
`computer and connects directly to the Unibus of the
`PDP-11. PDP 11 and Unibus are trade marks of Digital
`Equipment Corporation. In FIG. 2 the Unibus 76 has
`the main computer elements connected to it. Among
`these elements is a central processor 78, a processor
`memory 80 generally used for holding instructions for
`the memory, and a data memory 82 for holding general
`computer data. Added to the Unibusis a data security
`module shown as block 84. As is well known by those
`skilled in the art the PDP-11 and the Unibus concept
`allows peripheral devices (undera priority structure) to
`operate in a direct memory access mode wherein a
`peripheral may take control of the Unibus and talk
`directly with any other device situated on the Unibus
`and thus allow direct contact between devices on the
`Unibus. Thus the Unibusis time shared allowing several
`parallel operations to occurin the peripheral elementat
`the same time and each gaining control and use of the
`Unibus as necessary.
`FIG.3 is a block diagram of the data security module
`84 of FIG. 2. The major interconnections between each
`of the blocks is shown in FIG.4, but some connections
`considered to be less important and obvious are not
`included in orderto simplify the drawing. Connected to
`the Unibus 76 is a Unibus address buffer 86 by seventeen
`address lines 88. Seventeen address lines out of the
`address buffer 86 are shown as line 90 and enter an
`address decoder 92 which provides three single output
`lines, a select BAR line 94, a select IOR line 96 and a
`select CSR line 98. Sixteen address lines, shown asline
`100, in turn enter the address buffer 86. Also connected
`
`12
`
`
`
`4,352,952
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`4
`into and out of the microprocessor from and to the
`scratch pad RAM 178, from and to the RAM buffer
`190, from the program ROM 174,from and to the data
`security device 170, and from the CSR controlregister
`110. Sixteen address lines, shown as line 194, provide
`address data to the scratch pad RAM 178, the RAM
`buffer 190, the program ROM 174, the data security
`device 170, CSR control register 110, and the address
`decoder 130.
`In use and in operation of the data security module,
`the PDP-11 computer must befirst modified slightly by
`cutting the non-processed grant (NPG) line near the
`peripheral slot where the DSMis to be inserted. The
`cuttings are then in turn connected to pins CA1 and
`CB1 ofthe peripheral connector. This allows the data
`security module to utilize the non-process grant feature
`of the PDP-11. After this modification the board is
`slipped into the small peripheral controller (SPU) slot
`and normal computer operations can commence. The
`DSM hasthree registers for use in communicating with
`the PDP-11. The bus address register 146 keeps track of
`the address location of the data in the PDP-11 memory
`to be encrypted or decrypted. The IOR register 108 is
`used to hold data which is transferred between the
`PDP-11 and the encryption circuitry of the DSM. The
`control status registers CSR comprise a set of registers
`112 and control register 110 and are used to signal con-
`trol functions to the DSM by the PDP-11 and also to
`indicate the status of the DSM back to the PDP-11.
`When the computer wishes to perform an encryption
`or decryption function, the processorfirst divides the
`data into 1 K by 16 bit blocks, and sets up memory
`locations forinitial fill and major key. These locations
`may be used by the computer after the data has been
`loaded into the DSM.Notethat the bus address register
`146 and the input/output register (IOR) 108 and the
`CSR status register 112 each have a unique address
`whichis selectable on the DSM board by wired jumpers
`and which will be described in connection with the
`detailed schematic of FIG. 4. The PDP-11 then using
`standard master slave techniques loads the address of
`the major key into the bus address register 146. The
`computer then loads bits 0 through 4 into the CSR
`status register 112 which tells the DSM the function to
`be performed. The functions available to the computer
`are shownin the table below:
`
`3
`to the Unibus 76 are sixteen data lines 102 which are in
`turn connected to a data bus buffer 104. Sixteen bidirec-
`tional lines shownas line 106 couple the data bus buffer
`to an input/output register 108. Five of the lines of bus
`106 are inputs to a CSR control register 110, fourof the
`data lines carrying data to the data bus buffer 104 come
`from a CSR status register 112 and 15 of the lines 106
`are inputs to the BAR. Sia lines, shown as line 114,
`connect the Unibus 76 to a Unibus control logic 116.
`The Unibus control logic 116, which performs DMA
`transfers, is in turn connected to the CSRstatus register
`112 by line 118 whichis a slave sync time-outline. Line
`120 also connects the Unibus control logic 116 to the
`CSR control register 110. 13 lines, shown as line 122,
`couple the Unibus 76 to an interrupt control logic 124.
`The interrupt control
`logic 124 is connected to the
`Unibus control logic 116 by data lines 126 and 128. The
`interrupt control logic 124 is also connected to an ad-
`dress decoder 130 by line 132, the set interrupt DMA
`finished or error line, and to an interrupt vector logic
`134 by an enable vector line 136. The interrupt vector
`logic 134 has four output lines shown as line 137 which
`connect directly with the Unibus data lines. The CSR
`control register 110 is also connected to the interrupt
`control logic 134 by line 138 and is also connected to
`the interrupt control logic 124 by line 140. The CSR
`status register 112 is connected to the interrupt vector
`logic 134 by line 142, and is connected to the interrupt
`control logic 124 by line 144. A bus address register 146
`is connected to the address decoder 92 through the
`select BARline 94 and also to the Unibus address buffer
`86 by the DMAaddress lines 100. The bus address
`register 146 is also connected to the Unibus control
`logic 116 by the D1line (broken forclarity and conve-
`nience) 148. The bus address register 146 is connected
`to the address decoder 130 by the clock BAR line 149
`(broken for clarity) and a BAR down control line 150
`(broken for clarity), and the encrypt or decrypt finish
`line 152 (again broken for clarity). Encrypt or decrypt
`finish line 152 is also connected to the CSR status regis-
`ter 112 and to the CSR controlregister 110. A DSD key
`parity error appears at line 154 and connects the address
`decoder 130 to the CSR status register 112. A set DMA
`line 156 connects address decoder 130 to the Unibus
`control logic 116.
`All of the logic circuits and interconnections de-
`scribed so far with regard to FIG. 3 are involved essen-
`tially with communicating with the PDP-11 Unibus.
`CONTROL FUNCTIONS
`The rest of the circuits to be described below are pri-
`marily concerned with providing the data encryption
`Transfer Major Key
`to Active Key Reg.
`standard algorithm function.
`Load Major Key
`The heart of the data security module is a Motorola
`Load Secondary Key
`6800 microprocessor 158 which is driven by clock gen-
`Load Initial Fill
`erator 159 and in turn provides control and data trans-
`*Encrypt w/Initial Fill
`fers, and the exclusive OR function 54 and 68 of FIG. 1.
`Decrypt w/o Initial
`Fill
`Connected to the 6800 microprocessor 158 is a device
`Decrypt w/Initial Fill
`selector 160 which is connected to the microprocessor
`*Decrypt w/o Initial
`by VMAline 162 and three address lines shown asline
`Fill
`164. Six lines going out from the device select 160 con-
`0.0041
`0
`1
`Encrypt Secondary Key
`60
`
`
`
`punthateiseeliacheirisiienets.SenshiSonCTEET
`Decrypt Secondary Key
`1
`0
`o 11
`nect in turn to the CSR control register 110 via line 166,
`*Will be used after the first block of data, if more than one blockis to be encrypted
`to the address decoder 130 via line 168, to a data secu-
`or decrypted.
`rity device 170 via line 172, toa program ROM 174 via
`line 176, to a scratch pad RAM 178via line 180, and two
`lines 182 and 184 connect to the RAM storage 190. Line
`182 addresses the upper section of RAM storage 1990,
`and line 184 addresses the lower section of RAM stor-
`age 190. Also connected to the microprocessor 180 are
`eight data lines, shown as line 192, which couple data
`
`D4
`0
`
`D3 D2 D1 DO (Go Bit)
`0
`o
`0
`1
`
`0
`0
`oO
`0
`0
`
`0
`0
`
`0
`0
`0
`1
`1
`
`1
`1
`
`o
`t
`1
`o
`Oo
`
`1
`
`1
`o
`1
`0
`f
`
`$1
`
`1
`1
`ot
`l
`ft
`
`1
`1
`
`65
`
`The Dpbit is a go bit which tells the DSM to perform
`the function set in the status register. At this point mi-
`croprocessor 158 takes over andinitiates a direct mem-
`ory access (DMA)routine using the Non-Process Grant
`line to request control of the Unibus. This signalis fed
`
`13
`
`13
`
`
`
`5
`to the Unibus control logic 116 from the microproces-
`sor 158 through the device select 160 via lines 168 and
`194 to the address decoder 130 which in turn impresses
`a DMAsignal on the line 156to initiate the DMA rou-
`tine. The Cy bit of line 148 in the bus address register
`146 is sent to the unibus control logic 116 to indicate
`that a data in function is to occur during the DMA
`cycle. Note that since the DSM operates only with full
`16 bit words, the Co line as defined in the PDP-11
`literature is not used by the DSM andso floats to high
`voltage or PDP-11 logic “0” level. After the first two
`bytes addressed by the first DMA cycle and received in
`the input/output register 108, the DSM releases control
`of the Unibus, increments the bus address register 146
`using the clock BAR line 148, and again performs a
`DMAto bring in two more bytes of the major key.
`Since the major key requires four memory addresses to
`provide the 56 bits, the 6800 performs four DMA opera-
`tions incrementing the bus address register 146 between
`each operation. Each of the two bytes that are brought
`into the input/output register 108 are transferred di-
`rectly to the data security device 170, and the data
`security device 170 is programmedby the microproces-
`sor to accept these bits as major key bits. The operation
`of the data security device 170 is described in copending
`application entitled “Data Security Device”, filed on
`even date herewith and bearing Ser. No. 914,831. It
`should be understood that the keyed data entering into
`the DSMis placed directly into the data security device
`170 andis not accessable, after it is entered in the DSD
`170, to any outside intrusion other than physical prob-
`ing of the die. The DSMretains the key for use in encry-
`tion and is for all practical purposes inaccessible to
`anyone. After the last data of the major key has been
`loaded,
`the microprocessor sets bit 7 of the control
`status register 112 to indicate to the computerthat the
`DSMis ready for further commands.
`During the loading of the key into the data security
`device, the DSD 170 checks parity of the key. If a
`parity error is detected, a flag is set which the micro-
`processor detects and in turns transmitts through the
`device select 160 and the address decoder 130 onto the
`DSDkeyparity line 154 and into the CSR status regis-
`ter 112 where bits 13 and 15 are set to indicate a parity
`error in loading the key has occurred. Bit 13 of the CSR
`indicates a parity error has occurred and bit 15 is a
`logical OR of bit 13 and bit 14. Bit 14 is used to indicate
`that a time-out error has occurred when the DSM has
`assumed master control of the Unibus. This slave sync
`time outerror originates in the Unibuscontrollogic 116
`and is transferred via line 118 to the CSR status register
`112.
`Next the computer will load theinitial fill buffer of
`the DSM byplacing the address ofthe first word of the
`initial fill into the bus address register 146 and then
`commanding the CSR controlregister 110 to read in the
`initial fill. Again since theinitialfill is 64 bits long, the
`6800 microprocessor 158 reads four memory addresses
`using the DAM format, places the initial fill on the
`scratch pad RAM 178andsets the readybit in the CSR
`status register 112 to a logical 1. Next the computerwill
`load the bus address register 146 with the addressofthe
`first word of the block of data to be enciphered, place
`the word countof the block of data to be enciphered
`into the input/output register 108 and then write into
`the CSR control register 110 the code for encrypt with
`initial fill control word. At this point the MC6800 mi-
`croprocessor 158 will take control. The microprocessor
`
`6
`will use a DMA operation to bring the first block of
`data the RAM storage 190, transfer the first 64 bits of
`the initial fill from the scratch pad RAM 178 into the
`data security device 170, and perform an encryption of
`the initial
`fill. Microprocessor 158 then performs an
`Exclusive-OR operation onthe first 8 bits from the data
`security device with the first 8 bits from the first mem-
`ory location using software techniques to provide the
`first 8 bits (1 byte) of ciphered text. These first byte of
`ciphered test is loaded into the RAM storage 190 and
`also into the bottom of the scratch pad RAM 178. The
`8 bits at the top (oldest byte) of the RAM storage 190 is
`discarded. The newinitial fill in the scratch pad RAM
`178 is loaded into the data security device 170 for enci-
`phering andthefirst 8 bits out of the DSD 170 are used
`to exclusive-OR with the next 8 bits from the data mem-
`ory. The microprocessor 158 keeps track of the address
`in bus address register 146 as it is being incremented by
`referring to the word count which in turn has been
`stored along with theinitial fill in the scratch pad RAM
`178. The microprocessor 158 continues encrypting until
`all the data block has been encrypted. After the last data
`byte has been encrypted, stored in the RAM storage
`150, and a read data commandis received, the micro-
`processor 158 then sets the BAR down control and
`proceeds to replace the data back into the computer
`memory by placing the bus address register contents
`onto the Unibus address line and using the IOR 108 to
`place the most recently enciphered data bytes onto the
`data bus line during a DMA cycle to place the last two
`encrypted data bytes into the upper most memory loca-
`tion of the PDP-11. After each DMAcycle, the bus
`address register 146 is decremented using the clock
`BARsignal on line 148 to enter the nextto last crypted
`data bytes into the PDP-11 memory, The PDP-1 1 mem-
`ory now contains the exact contents prior to the encryp-
`tion but in an encrypted form rather than in plain text.
`Thenin the conventional mannertheinterrupt logicis
`read by the processor and is thereby informed that a
`encryption has been completed. At this point the micro-
`processor via the device select 160 and the address
`decoder 130 sends a set interrupt signal via line 132 to
`the interrupt control logic 124. The interrupt control
`logic 124 sets an enable vector 136 into the interrupt
`vector logic 134 whichin turn selects the vector appro-
`priate to this interrupt and onto the data lines via line
`135 once bus grant has been received from the PDP-11.
`The vector locations are programmable on the board
`using wire jumpers in a manner similar to the address
`decoderselection as will be further discussed with re-
`gard to FIG.5. The interrupt control logic 124 senses a
`slave sync clear from the Unibus control logic 116 via
`lines 128 and sends a bus grant request via one line of
`bus 122. Uponreceipt of the bus grant from the PDP-11,
`interrupt control logic 124 sends a command to the
`Unibus control logic 116 via line 126 to assert the bus
`busy signal onto the Unibus.
`Atthis point the processor may continue the second
`block of data to be encrypted without initial fill by
`choosing the appropriate control bits to be fed into the
`CSR control register 110. The decryption operation is
`performed in analogous manner.It should also be noted
`that although the term encryption is used generally to
`refer to encrypting plain text or ciphered text and de-
`cryption used for converting ciphered text or plain text,
`the alogrithmsare interchangeable and one could use a
`decryption alogrithm to perform an encryption of data
`
`4,352,952
`
`0
`
`20
`
`25
`
`35
`
`45
`
`35
`
`60
`
`65
`
`14
`
`14
`
`
`
`4,352,952
`
`7
`which in turn would have to be returned ‘to plain text
`using the encryption alogrithm.
`The data security device 170 also has the capability of
`storing a major key while utilizing an active key which
`can be different than the major key. When the major
`key is loaded into the data security device 170 as in the
`example above,
`it
`is loaded into both the active key
`register and the major key register. Another command
`can be given to the DSM which will load the active key
`only and not affect the major key. Another command
`can be given which will
`transfer the content of the
`major key to the active key register. Another capability
`of the data security module is the ability to encrypt 64
`bits of data and place encrypted data directly into the
`active key register as is more fully explained in the
`aforementioned co-pending application. It is also possi-
`ble to perform a decrypt operation on this data and
`placeit in the active key register. The advantage ofthis
`operation is more fully described in the aforementioned
`co-pending application.
`The MC6800 microprocessor 158 is controlled by a
`program ROM 174.
`FIG. 4 is a detailed schematic of the data security
`module. No attempt will be made to describe in detail
`the operation of each logic element as logic presented
`together with a discussion of the block diagram will
`make the operation of the circuitry readily understand-
`able to those skilled in the art. The control circuitry and
`logic pertains almost exclusively to interfacing with the
`PDP-11 computer and such circuitry is believed com-
`monin the art. The blocks of FIG. 3 have been identi-
`fied in FIG. 4 with corresponding reference numbers as
`have the interconnectlines of FIG. 3 been identified in
`FIG. 4. The address decode logic on boardselection is
`shown in areas 196, 198, 200, 202, 204, 206, 208, 210,
`212, and 214. Selection of the proper jumper forits
`desired address location is readily apparent from the
`schematic diagram. Also the selection of the interrupt
`vectors as shown in area 216 is accomplished with
`wired jumpers and again readily apparent from the
`schematic. The selection of bus request, bus-grant-in,
`and bus-grant-out is by wire jumper in area 220. The
`nonselected bus-grant-in lines must be jumpered to the
`corresponding bus-grant-outlines to provide continuity
`in the Unibus. All of the devices with exception of the
`data security device 170 are common commercial de-
`vices. The common AND gates are 54SLS00, the in-
`verters are 54LS04’s,
`the two input NOR gates are
`54LS02’s, the four input AND gates are 54L821’s. The
`other device types are shown in the table below.
`
`Manufacturer
`Part No.
`Device
`Motorola
`158
`M6800
`
`— 0
`
`oo 5
`
`w5
`
`45
`
`55
`
`65
`
`8
`-continued
`Manufacturer
`Device
`Part No.
`Motorola
`159.
`MC6875
`Motorola
`160
`74LS138
`Motorola
`170
`MGD68NE
`Intel
`174
`B2716
`Motorola
`MCM68i04
`178
`Intel
`C2114
`190 A-D
`Motorola
`MC3438
`200 A-H
`Motorola
`202 A-N
`MC74LS74
`204
`MC74LS123
`Motorola
`Motorola
`206 A&B
`MC74LS139
`Motorola
`208 A-C
`MC74LS8368
`Motorola
`MC74LS191
`210 A-D
`National
`212 A-D
`DS8s35
`National
`DM8542
`214 A-D
`
`216 A-D Motorola
`MCT4LS175
`
`While the invention has been particularly shown and
`described with reference to the preferred embodiment
`shown,it will be understood by those skilled in the art
`that various changes may be made therein without de-
`parting from the teaching of the invention. Therefore,it
`is intended in the appended claims to cover all such
`equivalent variations that come within the scope and
`spirit of the invention.
`Whatis claimed is:
`1. A data security module comprising:
`(a) address buffer means connected to addresslines of
`a computer for transmitting and receiving ad-
`dresses from and to said computer;
`(b) address decoder means connected to said address
`buffer means for decoding an address received by
`said address buffer and providing command words
`in response thereto;
`(c) data buffer means connected to data lines ofsaid
`computer for receiving and transmitting data from
`and to said computer;
`(d) microprocessor means for providing control of
`data flow in and out of the data security module
`and for performing a portion ofthe data-encryption
`alogrithm, and operating in response to said com-
`mand words;
`(e) memory means coupled to said microprocessor
`meansfor holding data words used in the encryp-
`tion process;
`(f) data security device means connected to said mi-
`croprocessor means for performing a basic cipher
`alogrithm;
`(g) interrupt and control means connected to control
`lines of said computer and to said microprocessor
`means for receiving control signals from said com-
`puter, decoding said control signals and returning
`appropriate control signals to said computer and
`signalling reception of said control signals to said
`microprocessor, and sending control signals to said
`computer in response to commands from said mi-
`croprocessor.
`*
`*£
`*&*
`*
`©
`
`15
`
`15
`
`