Methods of encrypting a message are known. Methods of authenticating an encrypted message are known. However, the two methods are typically done separately. That is, a message is encrypted using one method. Then, a cryptographic hash of the message is generated using a second method. The hash is commonly referred to as a message authentication code (MAC). The encrypted message and the hash of the unencrypted message are sent to a recipient. The recipient decrypts the message, hashes the decrypted message using the same cryptographic hashing method used by the sender to hash the unencrypted message, and compares the hash received to the hash generated by the recipient. If the two hashes are identical then the recipient is assured that the message is as intended by the sender and was not modified by anyone else.
Since performing two methods is more time consuming than performing one method, people have attempted to create one method that accomplishes the goals of both encryption and authentication. Such methods are referred to as authenticated encryption methods.
U.S. Pat. No. 6,963,976, entitled “SYMMETRIC KEY AUTHENTICATED ENCRYPTION SCHEMES,” is the first known authenticated encryption method. It discloses a device for and method of combining encryption and authentication by generating a random number; generating pseudo-random numbers from the random number using an encryption method and a first cryptographic key; generating a checksum from a message; encrypting the random number, the message, and the checksum using an encryption method and a second cryptographic key; combining the pseudo-random numbers with the encrypted message; and transmitting the combination of the pseudo-random numbers and the encrypted message. The present invention does not require the generation of a random number; the use of two encryption keys, the generation of pseudo-random numbers from a random number; the generation of a checksum from a message; the encryption of a random number, a message, and a checksum from the message; and the combining of pseudo-random numbers generated from a random number with an encrypted message. U.S. Pat. No. 6,963,976 is hereby incorporated by reference into the specification of the present invention.
U.S. Pat. Nos. 7,046,802 and 7,200,227, each entitled “METHOD AND APPARATUS FOR FACILITATING EFFICIENT AUTHENTICATED ENCRYPTION,” each disclose a device for and method of combining encryption and authentication by generating two numbers; encrypting the two numbers to generate a series of numbers; generating a checksum from a message and encrypting it; combining the message with the series of numbers using an Exclusive-Or function (XOR); encrypting the combination of the message and the series of numbers; combining (i.e., XOR) the series of numbers with the encrypted message, and transmitting the result of the combination of the series of numbers and the encrypted message and the encrypted checksum. The present invention does not use separate encryption methods to encrypt two numbers and the message or generate a checksum from a message and encrypt it. U.S. Pat. Nos. 7,046,802 and 7,200,227 are hereby incorporated by reference into the specification of the present invention.
U.S. Pat. Appl. No. 20040059572, entitled “APPARATUS AND METHOD FOR QUANTITATIVE MEASUREMENT OF VOICE QUALITY IN PACKET NETWORK ENVIRONMENTS,” discloses a device for and method of measuring voice quality by introducing noise into the voice signal, performing speech recognition on the signal containing noise. More noise is added to the signal until the signal is no longer recognized. The point at which the signal is no longer recognized is a measure of the suitability of the transmission channel. The present invention does not introduce noise into a voice signal as does U.S. Pat. Appl. No. 20040059572. U.S. Pat. Appl. No. 20040059572 is hereby incorporated by reference into the specification of the present invention.
National Institute of Standards and Technology (NIST) Special Publication 800-38C, entitled Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality,” is based on a method developed by Russ Housley, Doug Whiting, and Niels Ferguson. CCM uses the Advanced Encryption Standard (AES) in Cipher Block Chaining mode with a cryptographic key to generate a MAC from the message to be encrypted (i.e., the plaintext). The MAC is concatenated with the plaintext, divided into blocks, and combined with the outputs of an AES configured in counter mode, where the AES is under the influence of the cryptographic key and additional data. The additional data is data that is required to be authenticated but not encrypted. The combination function is an exclusive-or (XOR) function. The resulting encrypted message (i.e., ciphertext) and MAC are concatenated with the additional data and sent to a recipient. The recipient, who must have the same cryptographic key as the sender, separates the additional data from the ciphertext and uses the additional data to recover the plaintext and the MAC using the same scheme used to encrypt the plaintext. With the plaintext, the recipient generates a MAC using the same scheme as the sender. The generated MAC is compared to the received MAC. If they are the same then the recipient is assured that the plaintext is as the sender intended. The present invention does not require Cipher Block Chaining to generate a MAC.
In an article entitled “The Galois/Counter Mode of Operation (GCM),” dated May 31, 2005, authors David A. McGrew and John Viega disclose a method of authenticated encryption that generates a MAC using multiplication in a Galois Field. The present invention does not generate a MAC using multiplication in a Galois Field.