This invention relates to general purpose, high speed encryption algorithms.
The Government requires data protection to ensure national security, and industry requires protection of that information which is vital to its success. Cryptography is the science of protecting this information from eavesdropping and interception. The two principal objectives are secrecy (to prevent unauthorized disclosure) and integrity (to prevent unauthorized modification). A number of commercial products are available to provide this protection; however, they tend to concentrate on low to medium speed file and data encryption. Products that protect high-speed data networks tend to be scarce and expensive. In addition, the mathematics underlying cryptography tends to be so complex that few individuals are capable of developing and mathematically proving the strength of new cryptographic algorithms.
This invention overcomes these problems. First, a system embodying this invention can be implemented in technologies that are much lower in cost compared to conventional high-speed technologies (i.e., CMOS vs. GaAs). Conversely, the current high-speed technologies can be used to achieve data rates previously unattainable.
Second, an encryption algorithm in accordance with this invention is based on the well understood mathematics of linear feedback shift registers and de Bruijn functions. The open literature contains numerous references to both topics, thus providing convenient access to the technical details required to fully design, implement, and use the algorithm. Due to the nonlinear nature of de Bruijn sequences, the resulting encrypted data is very robust against cryptanalytic attack.
The Data Encryption Standard (DES) and RSA cryptoalgorithms are the best known and most widely used products available for comparison. DES and an algorithm in accordance with this invention perform similar functions and can generally be used in the same applications. However, DES is a substitution-permutation cipher, which prevents it from being used in high-speed applications due to the high number of iterations that must be performed on each block of data to be encrypted. The RSA algorithm is based on complex mathematical functions, and is generally implemented in a hardware-based arithmetic logic unit. A large number of clock cycles are still required to compute the necessary functions, again limiting it to only moderate data rates.
The Chaos-based encryption algorithm described in U.S. Pat. No. 5,048,086 requires floating-point numerical operations, which limits its maximum throughput to rates inadequate for high-speed applications.
The algorithm of this invention produces multiple key-stream outputs from a single clock cycle, and can be operated continuously to achieve and sustain a very high throughput.
High-speed encryption systems have been previously designed with multiple, independent encryption devices connected in a parallel fashion. However, they are complex and expensive since entire algorithms were physically replicated a number of times, and each was uniquely keyed and initialized. In addition, extra communication channel bandwidth was required to support remote key replacement and receiver synchronization.
The algorithm of this invention only requires one key and initialization sequence for all n keystream outputs, and only the nonlinear output functions must be replicated.