1. Field of the Invention
The present invention relates to communication over data links that utilize binary synchronous protocol and more particularly to a new and improved message format for encrypted messages in binary synchronous protocol type data link communication systems.
Description of the Prior Art
Date communication systems utilizing the data link concept are well known in the prior art. A data link comprises the communication lines, modems and other communication equipment which is used in the transmission of data information between two or more stations or terminals. The terminal equipment making up a station can vary from the basic send/receive reader and a printer to a control unit with several input/output devices attached. The communication lines and other facilities are usually supplied by communication common carriers, or equivalent facilities may be provided by the individual establishing the data link. The specific modem or data set equipment used at each station of the data link is determined by the type of communication channels used and the operational speed of the terminal equipment located at each station.
All transmission of data is over the communication line as a sequence of binary coded signals. Control of the data link is accomplished by the transmission and recognition of special line control characters.
The binary synchronous communication protocol (BSC) provides a set of rules for synchronous transmission of binary coded data. All data in BSC is transmitted as a serial stream of binary digits (0 and 1 bits). Synchronous communication means that the active receiving station on a communication channel operates in step with the transmitting station through the recognition of a specific bit pattern (synch pattern) at the beginning of each transmission block.
The BSC protocol can accommodate three specific transmission code sets. Each of these code sets consist of graphic characters (numeric, alphabetic, special), functional characters, (horizontal, tab, delete) and data link characters (start of heading, start of text, etc.). Each code provides different capacities for total graphic and functional assignments and these capacities reflect the flexibility of each of these codes. These codes are well known in the art as extended binary coded decimal interchange code (EBCDIC), United States of America Standard Code for Information Interchange (USASCII), and six-bit transcode.
The data link can be designed to operate either point to point (two stations), or multipoint (two or more stations). For point to point operation, a contention situation exists whereby both stations can attempt to use the communication lines simutaneously. To minimize this possibility, a station bids for the line using certain control characters such as the inquiry character (ENQ). Thus, a series of characters such as synchronize (SYN) and inquiry (ENQ) provide the signalling scheme for requesting control of the line and leaves a maximum amount of time for line monitoring. If simultaneous bidding for the line occurs, one station persists in its bidding attempt to break the contention condition. Once the station gains control of the line, the message transmission can start.
In a multi-point system, one station in a network is designated as the central or master station. The remaining stations are designated as tributary stations. The central station controls all transmission within the multi-point data link by either polling or selecting the tributary stations. Polling is an invitation from the central station to a specific tributary to send data from the tributary station to the central. Selection is a request from the central station to one of the tributary stations instructing it to receive a data message from central. These polling and selection operation capabilities permit the central station to specify the transmitting station and to control the direction of transmission in the system. Each station in a multi-point data link is assigned a unique station address which is used to acquire a station's attention during either polling or selection. Each station address consists of from one to seven characters depending on the specific station requirements.
Once a station's attention is acquired and it responds affirmatively, message transmission can start. The message consists of one or more blocks of text data. The message is transmitted in text blocks to provide more accurate and efficient error control. The data in a text block is identified by a start of text character (STX). In addition, the data of each text block, except the last, is immediately followed by an end of transmission block character (ETB) or an intermediate block character (ITB). The data in the last block of text in a message is immediatley followed by an end of text character (ETX).
Because of the proliferation throughout modern society of high-speed, highly accurate diminished cost data link systems, serious problems concerning the security of the text data transmitted has come to the fore. The ordinary transactions that were once conducted in person, by telephone or by written correspondence are increasingly being conducted by way of the new data link transmission systems. These systems are susceptible to eavesdropping and forgery. One way to prevent tampering with data text transmitted over data links is by resorting to cryptography systems. Cryptography systems provide methods for encrypting or transforming information so that it is unintelligible and therefore useless to those who are not meant to have access to it.
The Nation Bureau of Standards, as a result of its responsibility for developing federal information processing standards, has suggested to the public a data encryption standard (DES) which utilizes a specific algorithm that performs a specific and unambiguous set of instructions. The DES algorithm designated by the National Bureau of Standards utilizes a unique parameter which is called a key. The algorithm was developed by the International Business Machines Corporation (IBM). IBM made the algorithm available to the National Bureau of Standards as a federal information processing standard. IBM has provided licensing procedures for building electronic devices that implement this algorithm. The algorithm itself was published in the Federal Register in March, 1975 (40 FR 12067).
The purpose of the DES is to provide a cryptographic method which would protect sensitive or valuable text data transmitted over computer systems and data link networks. The use of a myriad of different encryption algorithms would result in a fundamental incompatibily of data communication equipment. By providing a single data encryption standard, the DES, the needed basic compatibility of the communication network is assured.
The DES algorithm is basically a recirculating block product cipher of block size 64 which is based on a key length of 64 bits, eight bits of parity being included. The algorithm is completely specified in the National Bureau of Standards Federal Information Processing Standard publication. All details of the algorithm are publically known. The security of the text data in a system that utilizes the encryption-decryption algorithm is provided through the use of the key which is generated by each group of authorized users of a particular communication data link. This key is randomly generated and only distributed to each authorized user. The key must be protected and kept confidential. Any compromise of the key will compromise all data and resources that are encrypted by the use of that key.
Basically, the National Bureau of Standards data encryption standard algorithm specifies the encryption of 64 bits of data into a 64-bit cipher based on a 64-bit key, and the decryption of a 64-bit cipher into a 64-bit data block based on the same 64-bit key. Steps and the tables of the algorithm are completely specified and no options are left in the algorithm itself. Variations in implementing and using the algorithm provide flexibility as to its application in various places in a computer system or in a transmission network. Such variations include how the input is formulated, whether the data itself or some other source of input is used for the algorithm, how the key is generated and distributed, how often the key is changed, etc.
Basic implementation of the algorithm is most easily done by special purpose electronic devices. However, it can also be implemented by programming the execution of the algorithm into a microprocessor. Either way, the implementation of the algorithm is well within the purview of a person of skill in the art. The overall security provided by the algorithm is based on two primary requirements: secrecy of the encryption key, and reliable functioning of the algorithm.
The National Bureau of Standards, by way of publication of proposed Federal Standard No. 1026 and No. 1027 describes minimum security requirements which are to be satisfied in implementing the DES in a telecommunications environment. The Federal publication and Federal Standard No. 1026 and No. 1027 provide for three approved modes of implementation of the DES.
The cipher feedback mode is the one intended for the encryption and decryption of data for transmission over communication channels. Basically, the cipher feedback mode operation of the DES algorithm provides that the input to the algorithm is not the data itself but rather a string of output data that was previously generated by the cipher algorithm. The cipher feedback mode of operation has a memory system inherent in its design. At any time (t), the output depends on previous outputs of the algorithm. The operation of the algorithm is considered to be a link or chain mode operation. The transmitted cipher text is chained together in such a way that each cipher at any time (t) depends on all previous ciphers transmitted since the operation was initialized.
Initialization means that a 64-bit input (input vector) is generated at t.sub.1 and put into the transmitter's (cipher algorithm) input register. From that time on, all the cipher text will depend on this initial input register fill.
In order to fill the receiver's input register, one of two events must occur at the initialization. One, the receiver must independently generate the identical initial fill, or, the transmitter must transmit sufficient cipher text to fill the receiver's input register with the same cipher text as was in the transmitter's input register at initialization.
In Federal Standard No. 1027, the National Bureau of Standards has defined the operation of initialization as the use of an initializing vector which is a minimum of 48-bits long. This initialization vector is supplied to the transmitter and transmitted to the receiver, as plain text, immediately before each message cipher text. When using synchronous communication protocol, a typical data message structure would be: EQU SYN, STX, [TEXT] ETX, BCC
An encrypted data message as described in Federal Information Processing Standard (FIPS) No. 46 would be as follows: EQU SYN, STX, [IV] [TEXT] ETX, BCC
The initialization vector [IV] would be a 8 bytes long (each byte being 8 bits) transmitted in the clear. The text is encrypted. The end of text character (ETX) is also encrypted. The block check character (BCC) is optionally encrypted.
The end of text character (ETX) is encrypted because the receiver, once it begins to decipher the cipher text received, cannot determine when to stop the deciphering process until it deciphers the end of text character. If the end of text character were transmitted in the clear, it is possible that the decipher processer could be triggered by cipher characters which could imitate the end of text character sent in the clear.
With the message format suggested by the NBS standard, should an error occur during transmission of the cipher text, the receiver would fail to decrypt properly because the transmitter and receiver would lose cryptographic synchronization. When that occurs, the receiver cannot detect the end of text character and will decrypt forever as long as characters are transmitted.
In certain data link networks, all transmissions are checked for errors using the block check character (BCC). These checks are done at intermediate nodes of the data link which do not have access to the secret key. Because in the message format suggested by the NBS, the ETX character and optionally the BCC character are encrypted, it becomes very cumbersome for the intermediate nodes to check for errors using the BCC character.
The NBS proposed standard format introduces the initialization vector [IV] to the bit stream of the data message following the STX character. The introduction of the initialization vector in the message format causes a delay equal to the length of the vector, 6 bytes. This delay causes a reduction in through-put for a two-way communication on the data link.