The invention relates generally to cryptography, and deals more particularly with an encryption and decryption unit which includes circuitry to check that the encryption or decryption has been performed without error.
Private data is often encrypted or enciphered before transmission from a first site to a second site for security reasons. There are many known techniques or algorithms for encrypting data. For example, American National Standard for Information Systems (ANSI) standard X3.92-1981 defines one popular data encryption algorithm (DEA) for a data encryption standard (DES). This DES encryption/decryption algorithm is further defined in "Federal Information Processing Standard (FIPS) "Data Encryption Standard", by National Bureau of Standards, US Department of Commerce January 1977, and "Data Encryption Algorithm" by ANSI, standard #X-3.92-1981. These documents are hereby incorporated by reference as part of the present disclosure.
This algorithm provides four modes of operation (depending on the level of security required): electronic codebook (ECB) mode, cipher block chaining (CBC) mode, cipher feedback (CFB) mode and output feedback (OFB) mode. All of these modes require the DES encryption algorithm and a unique encryption/decryption key applied at the first site before transmission. Consequently, if an unauthorized party without the key (which is also required for decryption) intercepts the data, the party cannot understand the data even if the party possesses a DES decryption unit. The data is subsequently decrypted or deciphered at the second site by an authorized party using a DES decryption unit and the original key.
It is important to ensure that the encryption and decryption operations are performed accurately; errors can occur because of the many logical operations and shifts which are performed. One known technique is simply to feed the original data to two different and independent encryption units at the first site, and simply compare the final result of each unit to the other. If they are both identical then it is assumed that both encryption units performed flawlessly. If they differ, then it is assumed that at least one of the encryption units is in error and the encryption process is repeated in each encryption unit. Similarly, the encrypted data is fed to two different and independent decryption units at the second site and if the final result of each decryption unit is the same as the other, then it is assumed that both decryption units performed flawlessly. If they differ, then it is assumed that at least one of the decryption units is in error and the decryption process is repeated in each decryption unit. While this technique performs satisfactorily, it requires a doubling of the encryption and decryption hardware, and does not reveal an error until after the entire encryption or decryption algorithm has been performed.
Accordingly, a general object of the present invention is to provide an encryption/decryption unit with comprehensive error checking which requires less overall hardware than the redundant technique of the prior art and detects some errors before the entire encryption or decryption algorithm has been performed.