Cryptography is a security mechanism for protecting information from unintended disclosure. The cryptographic transformation is performed on data that is to be transmitted. The transformation process performed on the original data is referred to as encryption. The process of reversing the transformation, i.e., to restore the original data, is referred to as decryption. The terms encipher and decipher are also used to describe these processes. A mechanism that can both encipher and decipher may be referred to as a block cipher device.
Cryptographically secured digital communication systems are well known. In general, such systems operate by performing an encryption operation on a plaintext input data block using an encryption key to produce a ciphertext output data block. Plaintext refers to the fact that the data is in plain, unencrypted form. Ciphertext indicates that the data is in enciphered or encrypted form. The receiver of an encrypted message performs a corresponding decryption operation using a decryption key to recover the original plaintext input data block.
A block cipher device can be implemented in hardware, software or a combination of hardware and software. However, hardware typically provides better protection against popular cryptoanalysis or cracking techniques.
One example of a block cipher device is disclosed in U.S. Pat. No. 6,108,421 to Kurdziel et al., which is hereby incorporated in its entirety by reference and which is assigned to the current assignee of the present invention. The block cipher device in the '421 patent includes a first stage, a key scheduler and a second stage.
In particular, the first stage includes a plurality of serially connected units for generating an output signal based upon an input data block and a control data block. The key scheduler generates a random key data block based upon a received key data block. The second stage also includes a plurality of serially connected units, and generates an output data block for the block cipher device based upon the output signal from the first stage, the random key data block and a subset of the control data block.
Recent changes in U.S. export laws now allow more secure cryptography systems operating with longer key lengths to be offered to international customers. The '421 patent discloses that the various cipher operations performed in the block cipher device can be scaled to accommodate a larger number of bits, i.e., with respect to the input data block and the key data block. However, there is a practical limit in terms of the number of bits to which the various cipher operations can be scaled to accommodate. For example, the first and second stages each comprise modulo operation units for performing modulo operations, and these modulo operation units are limited in their range of being scaled.
The block cipher device in the '421 patent is thus limited in the size of an input data block and a key data block that it can receive and process. This causes cryptography systems incorporating the block cipher device to be undesirable to international customers desiring a more secure cryptography system. While there is a demand for more secure cryptography systems, there is also a demand that these systems be compatible with current cryptography systems that are not as secure, such as the block cipher device disclosed in the '421 patent.