The present invention relates to enciphering and deciphering data and more particularly to enciphering and deciphering binary data used in data processing systems.
Present-day computing centers usually have elaborate procedures for maintaining physical security at the location where the central processor and data storage facilities are located. Some of the procedures which have been used are restriction of personnel within the computer center, utilization of mechanical keys for activation of equipment, and camera observation. These security procedures, while providing a measure of safety in keeping unauthorized individuals from the physical computing center itself, are not effective with respect to large remote-access computer networks which have many terminals located at distant sites connected to the computing center by either cable or telecommunication lines. Nor are these measures meant to protect the data from persons authorized to be in the computing center but not authorized to handle the particular data.
To restrict access to data as opposed to access to facilities containing the data, techniques such as "memory protection" have been employed. This type of data security technique associates various segments of memory with a unique key. Circuits internal to the processor then check this key against a key associated with all instructions accessing the protected segments of memory to see if they are the same. While this type of protection is effective, sophisticated techniques can be employed by persons with knowledge of computing system circuits to obtain unauthorized use of protected data.
Therefore to insure security, it is necessary that the data itself be encoded in such a manner to prevent its use by all unauthorized personnel. The encoding of data is basically a mapping of all n-bit words to n or more bit words such that an inverse mapping exists. If the bare data consist of n-bit words and the encoded or scrambled data of m bit words where m.gtoreq.n then there are EQU Max N.sub.c =2.sup.m !/(2.sup.m -2.sup.n)! (1)
possible codes or distinct mapping functions for the data. The magnitude of N.sub.c is an indication of the difficulty of code breaking. For instance, if the code is static, or fixed for a long duration, the key for a single one of these codes, or in other words that information necessary to decipher a given code, must contain a minimum of log.sub.2 N.sub.c bits of information.
By particularizing the above formulas for a n-bit to n-bit mapping we can see the number of digits needed to decipher a coded message. First: EQU max N.sub.c =(2.sup.n)! (1b)
and then: EQU max log.sub.2 N.sub.c .apprxeq.n2.sup.n ( 2)
Therefore, the number of bits of information about the code necessary to break an arbitrary n to n code would be: EQU n . . . 4 8 16 32 EQU bits . . . 64 2.sup.11 2.sup.20 2.sup.37
Obviously even in the simple case of n to n mappings any practical coding scheme cannot encompass all possible codes due to the impractical length of the key. Therefore, in a viable coding scheme, the number of distinct codes N.sub.c, is actually far less than the max N.sub.c given by the first equation, but large enough to defy unauthorized deciphering.
One such scheme of encoding involves arranging the digits of a block of data to be enciphered into a number of sets and placing each set of digits into a separate coding box called a substitution box because they replace binary numbers in the set with a different series of binary numbers. The outputs of these substitution boxes are fed to a single coding box called a permutation box in which the relative position of digits in the block of data are transposed so that after substitution and permutation the value and position of most of the coded digits is different from those of the original block of data. To foil any statistical attacks, the enciphered output of the permutation box is divided into sets and placed back into the substitution boxes several times to increase the total number of possible substitutions and transpositions.