Digital computer systems are at the very heart of today's modern lifestyle. Protecting those computers from successful attacks that disrupt communications, alter/access data, or issue false commands/data is critical because:
1. Successful attacks on their communications hampers the ability of these systems to react to changing conditions. This could affect useful reaction time and might prevent the system from altering its' operation in time to prevent a service outage or damage to the equipment.
2. Altering and accessing data allows the system to react correctly but changes the situation to one which should not exist or simply supplies the intruder with sensitive information.
3. Issuing false commands tells the system to alter its state to react the wrong way, potentially resulting in damage to the system or, loss of service or loss of life.
Hackers have developed many effective methods known as “attacks” that disrupt communications, alter/access data or issue false commands/data of modern digital computer systems. As an example, one type of attack that issues false commands is the “replay” attack in which a hacker records commands sent by the network and then replays it on the network. This attack is very effective because the hacker does not have to decrypt the message; he merely observes the effect of the traffic. Replay attacks can be used over and over until the system rejects those messages.
The present invention presents successful, single defensive countermeasure that can address all of these attributes—polymorphism, or “mutating”, which is the ability to change (perhaps an encryption to another method of encryption or key or maybe even hardware functionality) on the fly. Polymorphism has two components which when combined make up what the inventors herein call CipherLoc®. The two components are
(1) a polymorphic cipher engine (the software) and
(2) a polymorphic hardware engine.
The polymorphic cipher engine and the polymorphic hardware engine platforms are designed to work together but are mutually exclusive of each other and can be used separately in a multitude of divergent ways.
The present invention is directed to the second component—the polymorphic hardware engine.