1. Field of the Invention
The present invention relates generally to a method for rendering it difficult to break a computer object code which has been enciphered and stored in an external memory, and more specifically to such a method for transforming the enciphered computer object code into the original one while executing the same.
2. Description of the Related Art
In digital data processing systems, it is a common practice to utilize cryptographic techniques in order to prevent an unauthorized access to proprietary secret data. Data to be protected is transformed into the corresponding ciphertext. The ciphertext, when it is to be used, is subject to the reverse process via which the ciphertext is transformed into the original data (viz., plaintext).
A cipher is a secret method of writing whereby plaintext (or cleartext) is transformed into the corresponding ciphertext (sometimes called a cryptogram). The process is called encipherment or encryption, while the reverse process of transforming ciphertext into the corresponding plaintext is called decipherment or decryption.
Before turning to the present invention it is deemed preferable to discuss, with reference to FIGS. 1-6, a cryptographic technique relevant to the present invention.
FIG. 1 is a block diagram schematically showing a data transmission system wherein data to be transmitted is subject to encipherment and the data received is transformed into the original data.
The system shown in FIG. 1 generally includes two transceivers 10a and 10b which are interconnected via a transmission channel 12. It is to be noted that the transceivers 10a and 10b are not shown in a complete manner for the sake of simplifying the disclosure. The transceiver 10a includes an encipherment circuit 14a, a decipherment circuit 16a, and a duplexer 18a. Similarly, the transceiver 10b includes an encipherment circuit 14b, a decipherment circuit 16b, and a duplexer 18b.
The encipherment circuit 14a transforms the data to be transmitted into the corresponding ciphertext. The enciphered data is then forwarded to the transceiver 10b whereat the transmitted data is reverse processed for obtaining the corresponding plaintext at the decipherment circuit 16b.
Similarly, the encipherment circuit 14b enciphers the data to be transmitted. The enciphered data is sent to the transceiver 10a wherein the transmitted data is subject to decipherment and thus transformed into the corresponding plaintext at the decipherment circuit 16a.
FIG. 2 is a block diagram schematically showing one example of the encipherment circuit 14a. The other encipherment circuit 14b is configured in exactly the same manner as the circuit 14a.
As shown in FIG. 2, the encipherment circuit 14a includes a memory 20 in which a lookup table is stored, a selector 22, a memory 24 in which an initial value (code) is stored, a controller 26, a latch 28, and an exclusive-OR gate 30. The memory 20 typically takes the form of ROM (read only memory) in which a lookup table such as depicted in FIG. 3 is stored.
In order to simplify the instant disclosure, each data to be transmitted has a bit length of 4.
FIG. 4 is an illustration showing encipherment being implemented at the encipherment circuit 14a of FIG. 2, using the lookup table of FIG. 3.
It is assumed that a data sequence applied in series to the encipherment circuit 14a is depicted by "1001", "1110", "0011", "1001", "0101", "0000", "1000", "0111", . . . as shown in FIG. 4. Further, it is assumed that the initial value is set to "1101".
When the first original data "1001" is applied to the exclusive-OR gate 30, the controller 26 issues selector and latch control signals each of which assumes a logic level "1" (for example). The selector 22, in response to a logic level "1" of the selector control signal, selects the initial value "1101". Thus, the latch 28 keeps the initial value "1101" and applies same to the exclusive-OR gate 30 in response to the latch control signal assuming a logic level "1". Therefore, the exclusive-OR gate 30 outputs a transformed data (viz., enciphered data) "0100". The above mentioned operations are implemented within one time slot.
During the above operations, the first data is applied to the lookup table 20 from which the corresponding data "1101" is outputted as shown in FIG. 4.
When the second original data "1110" is fed to the exclusive-OR gate 30, the controller 26 issues the selector control signal which in turn assumes a logic level "0". The selector 22, in response to the selector control signal, selects the output of the memory 20 (viz., "1101") which is latched and then applied to the exclusive-OR gate 30. The second original data "1110" is thus transformed into "0011" at the exclusive-OR gate 30 as shown in FIG. 4. These operations are implemented within one time slot. Encipherment of the incoming data are repeated until one data sequence is terminated.
FIG. 5 shows the decipherment circuit 16b in schematic block diagram form. Since decipherment is a reverse process of encipherment, the arrangement of FIG. 5 is similar to that of FIG. 2. Therefore, each of the function blocks of FIG. 5, which corresponds to the counterpart of FIG. 2, is designated by the same numeral with a prime.
The operation of FIG. 5 arrangement is discussed with reference to FIG. 6. The data sequence enciphered at the transceiver 10a is applied to the decipherment circuit 16b. That is, the data sequence is comprised of "0100", "0011", "1011", "1110", "1000", "1110", "0010", "1100", . . . as shown.
When the first enciphered data "0100" is applied to the exclusive-OR gate 30' during a given time slot, the controller 26' issues a selector control signal and a latch control signal each of which assumes a logic level "1" (for example). The selector 22', in response to a logic level "1" of the selector control signal, selects the initial value which is identical to the initial value used in the encipherment (viz., "1101"). The latch 28 latches the initial value "1101" in response to the latch control signal assuming a logic level "1". Thus, the initial value "1101" is applied to the exclusive-OR gate 30' which in turn outputs the corresponding original data "1001". These operations are carried out during one time slot.
Subsequently, at the next time slot, the original data deciphered is applied to the memory 20' which has previously stored the same lookup table as shown in FIG. 3. Thus, the data "1101" is obtained from the memory 20'. During the same time slot, the second deciphered data "0011" is applied to the exclusive-OR gate 30'. The controller 26' issues the selector control signal assuming a logic level "0". The selector 22' responds thereto and selects the output of the memory 20' (viz., "1101") which is latched and applied to the exclusive-OR gate 30'. Accordingly, the second enciphered data "0011" is transformed into the corresponding original data "1110" at the exclusive-OR gate 30'. The above mentioned operations are implemented during one time slot. Following this, the decipherment circuit 16b continues to decipher the incoming deciphered data up to the completion of the decipherment of one data sequence.
With the above mentioned related art, each data of the sequence, except for the initial one, is enciphered or deciphered using the immediately preceding one. Therefore, even if the initial value is known an unauthorized person(s), breaking the cipher is extremely difficult as long as the content of the lookup table is kept secret.
However, even though decipherment of the transmitted data is efficient if implemented sequentially (viz., using the immediately preceding data), the above mentioned related art does not lead to the decipherment of computer object code while concurrently executing the object code because almost every computer program involves one or more branch (or jump) instructions. As a result, there has been no proposal thus far for deciphering computer object code during the execution thereof.