1. Field of the Invention
The invention relates to a method and device for enciphering data to be transferred as well as for deciphering the enciphered data, wherein the data are transferred along a bus of a width of n-bits. More particularly, the invention relates to a device and a method wherein the data to be enciphered are intended to be written in a memory and are transferred along a data bus of a width of n-bits.
2. Description of the Related Art
Storing data in a computer memory, such as the hard disk unit of a personal computer, involves a serious risk of unauthorized persons reading out the data stored in the memory or even misappropriating the storage disk to be able to read out the data store without being disturbed. Such risks are the greater according as the use of personal computers increases and more confidential information is stored in their memories. There are software packages which aim to solve the problem described above by first enciphering the data to be written in a memory. A number of these known programs have the drawback that the user must specifically switch them on which may lead to errors, for instance when encipherment is not applied when it should be. A further even greater drawback is the fact that all existing software is slow so that encipherment may lead to undesirable waiting times for the user, which in turn may be a reason for the user to omit encipherment.
U.S. Pat. No. 4,780,905 describes a system for enciphering data to be written in a memory of a personal computer system, in which the data are invariably enciphered. For encipherment a key is used which is a small part of a very long, in particular 64 K bits, key. The key portion to be chosen for a specific encipherment can be chosen depending on the specific location where the data are written in the memory. However, this known system, too, causes a considerable delay in the speed of reading from and writing into the memory.
The object of the invention is to overcome this drawback of the existing software and to that end provides a method of the type described hereinabove, in which the successive data words of a width of n-bits are supplied to a cipher circuit wherein under the control of an m-bits key each data word is consecutively modified a plurality of times. The cipher circuit is preferably a product cipher circuit in which the data word is alternately permuted and substituted a plurality of times.
Product encipherment is a principle of encipherment known from cryptography and for a description of its principle reference can be made to "Kryptographie" by W. Fumy and H. P. Riesz; R. Oldenbourg Verlag Munchen Wien 1988, in particular Chapter 4.1. The principle of product enciphering is used inter alia in DES (Data Encryption Standard), an encryption algorithm for data communication in which the data supply to be enciphered is divided into blocks of 64 bits, which are enciphered by means of a 56-bits key. In DES, however, the blocks are enciphered one by one, i.e. periodically the user must wait until at the input of the product cipher circuit a block to be encoded is available, which makes DES relatively slow.
The principle of the DES algorithm for use in a local area network (LAN) is described in for instance GEC Journal of Research, vol. 2, no. 1, 1984 (Rugby GB) in an article by A. M. Jackson et al.: "Project Universe Encryption Experiment", pp. 30-36. This article describes the various operational modes of DES, in which, however, the principle of encrypting serial blocks of data is invariably maintained.