With the growing use of remote-access computer networks which provide a large number of subscribers with access to "data banks" for receiving, storing, processing and furnishing information of a confidential nature, the need for data security has increased significantly. Generally, present-day computing centers have elaborate procedures for maintaining physical security at the location where the central processor and data-storage facilities are located. For example, some of the procedures which have been used are: restriction of personnel within the computer center, utilization of mechanical keys for activation of equipment, and camera observation. These security procedures, while providing a measure of safety in keeping unauthorized individuals from the physical computing center itself, are not effective with respect to large remote-access computer networks which have many terminals located at distant sites, connected to the central processor by either cable or telecommunication lines.
Some digital techniques have been implemented in computing systems for the purpose of maintaining privacy of data. One such approach is the use of a device generally known as "memory protection." This type of data security technique associates a unique binary key with selected segments of the storage within the central processor. Then, internal to the processor, there are present various protection circuits that check for a match of the binary key during the operation of executable instructions and access to sections of storage. This type of security measure is generally ineffective in protecting information within the computing system from unauthorized individuals who have knowledge of the computing system circuitry, and who can devise sophisticated programming techniques for illegally obtaining unauthorized data.
In the field of communications, cryptography has long been recognized as a means for achieving security and privacy. Many systems have been developed in the prior art for encrypting messages for maintaining secrecy of communications. For example, one well-known technique which has been used for generating "ciphertext" from "cleartext" messages is of substitution. In systems which utilize substitution, letters or symbols that comprise the clear message are replaced by some other symbols in accordance with a predetermined "key." The resulting substituted message is a cipher which is expected to be secret and hopefully can not be understood without the knowledge of the secret key. A particular advantage of substitution in accordance with a prescribed key is that the deciphering operation is easily implemented by reverse application of the key. A common implementation of substitution techniques may be found in ciphering-wheel devices, for example, those disclosed in U.S. Pat. Nos. 2,964,856 and 2,984,700, filed Mar. 10, 1941 and Sept. 22, 1944 respectively.
Further teachings on the design principles of more advanced substitution techniques may be found in "Communication Theory of Secrecy Devices" by C. E. Shannon, Bell System Technical Journal, Vol. 28, Pages 656-715, October 1949. Shannon, in his paper, presents further developments in the art of cryptography for expounding the product cipher, that is, the successive application of two or more distinctly different kinds of message-symbol transformations. One example of a product cipher consists of a symbol substitution followed by a symbol transposition.
Another well-known technique for enciphering a clear message communication is the use of a stream-generator sequence which is utilized to form a modulo sum with the symbols that comprise the clear message. The cipher output message stream formed by the modulo sum would then be unintelligible to the receiver of the message, if it does not have knowledge of the stream-generator sequence. Examples of such stream-generators may be found in U.S. Pat. Nos. 3,250,855 and 3,364,308, filed May 23, 1962 and Jan. 23, 1963, respectively.
Various ciphering systems have been developed in the prior art for rearranging communication data in some ordered way to provide secrecy. For example, U.S. Pat. No. 3,522,374 filed June 12, 1967 teaches the processing of a clear message with a key-material generator that controls the number of cycles for enciphering and deciphering. Related to this patent is U.S. Pat. No. 3,506,783 filed June 12, 1967 which discloses the means for generating the key-material which gives a very long pseudo-random sequence. Another approach which has been utilized in the prior art for establishing secret communications is the coding of the messages electrical signal representations that are transmitted over the communications channel. This type of technique is usually more useful in preventing jamming rather than in preventing a cryptanalyst from understanding a cipher message. Exemplary systems of this type may be found in U.S. Pat. Nos. 3,411,089, filed June 28, 1962 and 3,188,390, filed June 8, 1965.
In the area of computer data communications, it has generally been found that product ciphers are superior to other types of ciphering schemes, as discussed in "Cryptography and Computer Privacy" by H. Fesitel, Scientific American, Volume 228, No. 5, May 1973, pp. 15-23. Examples of product ciphering systems are disclosed in co-pending patent applications Ser. Nos. 158,369; 158,174 and 194,836. These patent applications present systems for generating a product cipher under the control of the unique user key. With careful selection of the size of the data block size and the key size, the probability of ever cracking the cipher becomes extremely small. That is, a cipher becomes impractical to crack by trial of all possible combinations of the key. This is particularly true if the cipher text reveals no information with regard to the unique user key.
The systems disclosed in the above referenced copending patent applications are extremely useful in providing secure communications. However, these systems impose a requirement as to a specific message size. Generally, most product block ciphers are restricted to a specific message vector. Thus, if it is desired to transmit a small number of bits of information, it is necessary to "pad" the information with extraneous data in order to form the proper size message block.