1. Field of the Invention
The present invention relates generally to a crypto system, and in particular, to a random keystream generation apparatus and method for encrypting input information using an LFSR (Linear Feedback Shift Register).
2. Description of the Related Art
Along with the recent rapid development of communication networks, text/voice data has given place to multimedia data for video conferencing, moving pictures, etc. in data processing. Accordingly, communication systems require encryption algorithms that ensure high-level security, high speed and high reliability.
For encryption, there are stream ciphers, block ciphers, and public-key ciphers. The block ciphers operate in four modes: ECB (Electronic CodeBook), CFB (Cipher FeedBack), CBC (Cipher Block Chaining), and OFB (Output FeedBack). The ECB mode takes a block of plaintext and outputs a block of ciphertext using a secret key and a DES (Data Encryption Standard) function. In the CFB mode, an output ciphertext is fed back to the input. In the CBC mode, each ciphertext block is XORed with the next plaintext block to be encrypted for authentication of transmission/reception data, and then input to a block cipher. The resulting new output is XORed with the next input. After repeating this operation, a final authentication value is achieved. With the final authentication value, unauthorized data manipulation can be detected. In the OFB mode, a block cipher becomes a random stream generator, serving as a stream cipher.
No block cipher in the above four modes of operation is practically applicable for real encrypted communications because the block ciphers are mostly vulnerable to channel errors or have other problems. In the ECB mode, one or more bit errors in a single ciphertext block affects the deciphering of that block only. In the CFB mode, a single bit error in a ciphertext block affects deciphering of that block and the next block. In the CBC mode, a bit error in a ciphertext block affects all subsequent ciphertext blocks. The OFB mode is used for applications in which error propagation of block ciphers must be avoided. The OFB mode reduces error propagation by the number of input feedback bits less than a block size. In the best case, it can radically prevent error propagation by feeding back one bit. However, the one-bit OFB mode is slower in data processing than the ECB mode by one block size, thereby decreasing the throughput of a communication network.
The public-key ciphers are not suited for high-speed data processing because they are slow and are similar to the ECB mode in that errors are propagated in a whole block. Meanwhile, the stream ciphers have the advantages of no channel error propagation, mathematically assured security in several aspects, and high speed processing. However, the capability of the stream ciphers to reliably encrypt information for ultrahigh speed communication service is questionable.
The basic components of implementing a stream cipher are LFSRs, logical combination circuits implemented in the form of non-linear combining functions, full adders, multiplexers, etc. In particular, LFSRs are essential to encryption systems because they are implemented in diverse sizes and determine a security factor, the period of a keystream. FIG. 1 depicts an LFSR 10. Referring to FIG. 1, the LFSR 10 generates a binary keystream, moving data by one bit at a time in synchronization to an external system clock signal. Also shown is feedback connection 20. The keystream is applied to the input of an encryption combiner (not shown) for use in encrypting plaintext to ciphertext. The speed at which the keystream is generated depends on the system clock signal and the delay time of an internal circuit.
The LFSR 10 as shown in FIG. 1 is a basic component needed for PN (Pseudo Noise) code generation or encryption. Especially as multimedia data has emerged as an object to be encrypted, high-speed LFSR implementation is necessary. However, since existing LFSR structures allow only one-bit data shift at one time in response to a system clock signal, they are ill-suited to high-speed LFSR implementation.