Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
  • H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
  • H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
  • H04L9/0662—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
  • H04L9/0668—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator producing a non-linear pseudorandom sequence
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
  • H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
  • H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
• • G—PHYSICS
  • G06—COMPUTING OR CALCULATING; COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/60—Protecting data
  • G06F21/602—Providing cryptographic facilities or services
• • G—PHYSICS
  • G06—COMPUTING OR CALCULATING; COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/60—Protecting data
  • G06F21/606—Protecting data by securing the transmission between two devices or processes
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
  • H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
  • H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption

Definitions

• the invention relates to a method and device which is used to encrypt data with apparatus and/or a software included in a device in order to, for example, send and/or store it securely.
• Encryption does not prevent the messages from being intercepted, only from being read.
• the encryption system converts the plaintext of a message or data into ciphertext using an encryption algorithm. After this, the message or data can only be read if the encryption of the ciphertext is decrypt. In principle, it is possible to decrypt the encryption without a key, but this would require significant amounts of computing power if the encryption system was executed well. An authorized recipient can easily decrypt a message with a key provided to them by the sender of the encrypted message.
• symmetric encryption both the sender and recipient have the same information pertaining to a secret key.
• the sender and recipient may use the secret key in different forms, but both parties can, if they so wish, derive the key used by the other party from their own key with an effectively computable algorithm.
• the one-time pad mechanism has been shown to be a theoretically unbreakable encryption method.
• the one-time pad encryption mechanism has so many issues in terms of practical use that it is rarely used.
• the problem with other known technical encryption algorithms is that their reliability against cracking attempts cannot be proven mathematically, and the amount of work required to decipher them is unknown.
• the intention is to produce a novel method and device for the organization of the encryption of data, using apparatus and/or software executed on a device for the storage of data or transmitting via a data link, for example.
• This embodiment may utilize a mathematical model (system of equations) which has a known solution equation, and the amount of work required for the solution is known.
• An encryption method is characterized by what is specified in the characterizing section of claim 1.
• other embodiments are mentioned under claims 2-18.
• a device according to one aspect is characterized by what is specified in the characterizing section of claim 19.
• information or data is encrypted with apparatus using a software-based solution, a hardware-based solution, or a combination of the two.
• the encrypted information is produced from the plaintext content to be encrypted one block of data with a predetermined length at a time using an encryption bit or bit set, such as an encryption byte, produced in a bit or bit set specific manner, for example byte specifically.
• the block of data processed at a time in the embodiment (such as a plaintext byte, encryption byte, and encrypted byte) may consist of a certain number of bits or bytes.
• randomly generated data bits or bit sets are included in encryption arrays, and the algorithm proceed systematically in such a manner that a sufficiently long sequence during which the encryption does not repeat itself is produced.
• the one-time encryption bit or bit set Y n used in the encryption algorithm is produced by calculating random numbers from the set such that the same sequence is repeated so infrequently that the length of the message to be encrypted is shorter than the sequence generated by the algorithm.
• the bit or bit set Y n that is used to encrypt the plaintext bit or bit set D n is produced using an encryption key, which comprises at least two encryption arrays that include differing numbers of elements such that the highest common factor of the number of elements in any two encryption arrays is 1, and the elements in which include randomly generated data, for example.
• an encryption key which comprises at least two encryption arrays that include differing numbers of elements such that the highest common factor of the number of elements in any two encryption arrays is 1, and the elements in which include randomly generated data, for example.
• One of the arrays can however be any length whatsoever.
• the elements in an encryption array are equal in length with each other, for example one byte in length.
• the encryption bit or bit set Y n is produced in the solution according to the invention by selecting one predetermined element from each encryption array and by performing an XOR operation between all the selected elements.
• the encrypted bit or bit set CB n such as a byte, is produced by performing an XOR operation between a bit or bit set to be encrypted D n and the produced encryption bit or bit set Y n , for example between a byte to be encrypted and a produced encryption byte.
• the next bit or bit set can be encrypted by selecting the next plaintext bit or bit set and producing an encryption bit or bit set based on the next elements in the encryption arrays.
• the lengths of the encryption arrays are prime numbers that are different from each other.
• the algorithm does not consist of known equations that could be easily solved and thus make the encryption easy to decipher.
• the contents and/or sizes and quantity of the key arrays can also be modified during the encryption process. These changes can also be made on the basis of the current values of the key arrays at the time. The changes can be made in any way whatsoever as long as the sender and recipient make identical changes.
• the element in the encryption array of the encryption key consists of one or more randomly selected bits or one or more randomly selected bytes, where the lengths of the encryption bit or bit set, plaintext bit or bit set, and/or the encrypted bit or bit set are equal to the length of the element in the encryption array.
• the embodiments can be utilized in digital data transmission networks to organize data encryption where the data transmission network includes at least two devices, the first of which is at least the sender and the second at least a recipient.
• the sent data is encrypted with an encryption key and the encrypted data is sent to the other device.
• the encrypted data received by the other device is decrypted using the same encryption key that was used to encrypt the data.
• An advantage of the embodiment is that it allows for the efficient and secure implementation of encryption, where a solution compliant with the invention enables the secure storage of data or the secure transfer of data and messages through a nontrusted communication channel.
• One embodiment can also be used to adjust the number and length of the encryption key arrays used as the encryption key for the algorithm as required, in which case the effective execution of the encryption can be adjusted against the computing power required to decipher the encryption.
• Figure 1 demonstrates the solution according to one embodiment as a functional diagram
• Figure 2 demonstrates the use of the solution according to one embodiment for the encryption of data during data transfer
• Figure 3 presents an example of an encryption key according to one embodiment
• Figure 4 presents an example of an encryption key according to another embodiment
• Figure 5 presents an example of an encryption key according to one embodiment and of the determination of the encryption elements based on the contents of the encryption arrays;
• Figure 6 presents an example of changing the values of the encryption key elements during the encryption process according to one embodiment
• Figures 7A and 7B present the values of simulated encrypted data for a solution according to one embodiment . Detailed description
• the idea of the method used in one embodiment is that it uses an encryption key that consists of several encryption arrays whose elements contain randomly generated data.
• the number of encryption arrays is at least 2, in some embodiments at least 3 or 4, for example.
• the number of encryption arrays can also be at least 5.
• the sender and recipient have access to the same encryption keys, i.e. the same encryption arrays.
• Encryption algorithms compliant with the embodiment utilize the features of encryption keys described above.
• the embodiment allows for efficient and secure implementation of encryption. This makes it possible to store information securely or transmit information and messages securely through a nontrusted communication channel.
• Figure 1 demonstrates the operation of one embodiment pertaining to the encryption of data as a diagram.
• Information or data is encrypted with apparatus using a software-based solution, a hardware-based solution, or a combination of the two.
• the encrypted information is produced one bit or other block of data with a predetermined length at a time from the plaintext content to be encrypted using the encryption bit Y n produced in a byte-specific or bit- or bit- set-specific manner.
• a byte is used as an example of the length of a predetermined block of data processed at a time, but the length of the data processed in the below embodiments could instead be a certain number of bits or certain number of bytes, for example.
• the plaintext bit or bit set, encryption bit or bit set, encrypted bit or bit set, and the elements of the encryption arrays are equal in length to each other, i.e. their length is a certain number of bits or bytes.
• the byte Y n used to encrypt the plaintext byte D n is produced using an encryption key, which comprises at least two encryption arrays that include differing numbers of elements such that the highest common factor of the number of elements in any two arrays is 1 (however, one array may include an arbitrary number of elements), and the elements in which include randomly generated data, for example.
• the encryption byte Y n is produced by selecting one predetermined element from each encryption array and by performing an XOR operation between all the selected elements.
• the encrypted byte CB n is produced by performing an XOR operation between the plaintext byte D n to be encrypted and the produced encryption byte Y n .
• the contents and/or sizes and quantity of the key arrays can also be modified during the encryption process. These changes can also be made on the basis of the current values of the key arrays at the time.
• next byte can be encrypted by selecting the next plaintext byte producing the next encryption byte based on the encryption array elements determined next.
• the encryption byte Y n can be produced as follows, for example:
• ] is the element intended for the byte of the first encryption array in the order of m
• B[m modIBI] is the element intended for the byte of the second encryption array in the order of m
• N[m modIN I] is the element intended for the byte of the Nth encryption array in the order of m.
• m is zero.
• the value of m is increased by one, and the xor result for arrays A-N is calculated using the new index m, similarly to Y n above.
• the value of m is increased with the result plus one, and this value is used to calculate the final value of Y n .
• the value of index m can be different in one or more encryption arrays at the beginning.
• the index of encryption array A can be m a , the index of encryption array B m b , the index of encryption array C m c , and the index of encryption array N m n .
• Indices m A, m B, m c and/or m N can also be specified to be equals.
• the index of each array may increase equally in accordance with the contents of the arrays and/or according to a specific rule.
• the lengths of the encryption arrays can be prime numbers that are different from each other.
• the element in the encryption array of the encryption key consists of one or more randomly selected bits or one or more randomly selected bytes, where the lengths of the encryption byte, plaintext byte, and/or the encrypted byte are equal to the length of the element in the encryption array.
• the method determines an initial point, i.e. an individual initial element for each encryption array, from which the encryption process starts.
• the initial point can be standard, for example index 0 in each encryption array.
• the initial point may also be key-specific, for example each encryption array may have a its own randomly selected point that is known to both the sender and the recipient.
• some other operation that combines two bytes such that the order of the bytes is irrelevant and the result of the operation between two random bytes is also random, for example 'not XOR', can also be used instead of an XOR operation.
• encrypted information is sent from a transmitting device through a data network or data link to a receiving device.
• the receiving device will decipher the decryption of the received encrypted information one byte at a time using an encryption key.
• the receiving device can decipher the received information one byte at a time as follows, for example:
• - Y n is a byte generated from the encryption key of the algorithm whose order is n
• the encrypted information is stored onto a data storage medium of a device, such as a mass-memory unit.
• the encryption of the information can be deciphered in the manner described above.
• One aspect of the invention also pertains to a device used for encrypting information.
• the device is arranged for the storage and management of an encryption key, the execution of data encryption, and the deciphering of the encryption using an encryption key.
• the device is adapted to produce encrypted information one byte at a time from plaintext data to be encrypted using a byte-specifically produced encryption byte Y n , where the byte consists of a certain number of bits or bytes.
• the arrangement is adapted to produce the byte Y n that is used to encrypt the plaintext byte D n is using an encryption key, which comprises at least two encryption arrays that include differing numbers of elements such that the highest common factor of the number of elements in any two arrays is 1, and the elements in which include randomly generated data, for example.
• the length of a single encryption array can however be chosen arbitrarily.
• the length of a single encryption array can be specified to be such that the highest common factor of the number of elements in the encryption array in question and in any other encryption array is higher than 1.
• the device is adapted to produce the encryption byte Y n by selecting one predetermined element from each encryption array based on the sequence number of the byte to be encrypted n and by performing an XOR operation between all the selected elements.
• the arrangement is adapted to produce the encrypted byte CB n by performing XOR operations between the plaintext byte D n to be encrypted and the produced encryption byte Y n .
• the encryption method can be used for the encryption of data communications or the storage of information.
• Such arrangement could, for example, comprise devices that transfer information to each other, such as devices and/or a server that communicate with each other in a data transmission network.
• Figure 2 presents an example of one embodiment of the apparatus as a diagram.
• a device and method in accordance with the invention can be used to arrange data encryption for a digital data transmission network in accordance with a symmetric encryption model.
• the data transmission network can be a wired or wireless network, such as an IP network, Internet, Intranet, LAN, WLAN, CDMA, TDMA, FDMA, or Bluetooth.
• the data transmission network includes at least two devices that communicate with each other 201, 202, one of which at least functions as the sender and the other at least as the recipient. Communication between the devices is carried out in the form of data, such as the transmission of messages, files, and/or emails, or, for example, video and/or audio files and/or video and/or audio streams.
• devices 201, 202 are equipped for the storage and management of the encryption key 203, 204, the execution of the data encryption and/or the deciphering of the encryption with the chosen algorithm and encryption key.
• the devices can be equipped for the tasks specified above with, for example, software or a similar set of commands executed within the processor environment, that is used to manage encryption keys, distribute encryption keys, and/or the encryption and/or decryption of data.
• the device can also be equipped for reading, storing, receiving, and/or sending information.
• the device can consist of any device that stores and/or sends and receives information, such as a computer, smart phone, portable device, server, or a similar device that is equipped with the resources for managing and distributing encryption keys and/or the encryption and/or decryption of data using a solution in accordance with the invention.
• a database can, for example, be arranged for the encryption keys in the memory of the device with commands executed in the processor environment of the device.
• the device contains, for example, information intended to be stored and/or sent, which may consist of a message, file, video and/or audio file, and/or video and/or audio stream.
• information intended to be stored and/or sent which may consist of a message, file, video and/or audio file, and/or video and/or audio stream.
• the device selects a predetermined initial point in the encryption key stored in its memory and begins to encrypt the message using the encryption key according to a method in accordance with the invention. If the encryption key is stored on the device in an encrypted format, its encryption is deciphered.
• the encryption of information to be sent can be performed with an encryption algorithm in accordance with the solution of the invention that is executed by the processor equipment of the device. After the encryption, the encrypted information may be stored and/or sent to a recipient through a data network.
• the recipient device receives the message and selects the predetermined initial point in the encryption key stored in its memory and begins to decipher the information of the encrypted message using an encryption key.
• each encryption key is only used once, which means that if the device that received the information in the above example wishes to respond to the device that sent the encrypted message, both devices will use a new encryption key when the recipient of the first message sends information to the sender of the first message.
• Figure 3 presents an example of the encryption key 300, which was produced using three encryption arrays.
• the arrays differ from each other in length and here the length of each table is a prime number, such as 7, 5, and 3 as used in the example in figure 3.
• the encryption key 300 used in the example in figure 3 comprises encryption arrays A, B, and C.
• Encryption array A contains seven elements al...a7
• encryption array B contains five elements bl...b5
• encryption array C contains three elements cl...c3.
• the encryption key is stored onto the device that is used to encrypt information and/or decipher the encryption of information.
• Each element in the array contains a randomly generated byte. In one embodiment, each element may also contain a predetermined number of randomly generated bits or bytes.
• Figure 4 presents another example of encryption key 400, which is comprised of a single array where the location of each encryption array A, B, and C in the array is known. This embodiment otherwise corresponds to the example in figure 3, but it may be more efficient in terms of implementation on some devices, because it only requires a single array. In the arrangement, the range of elements in the array where certain encryption arrays (i.e. certain elements in the encryption arrays) are located is predetermined. In the example in figure 4, the elements for encryption array A are located in elements 1-7 of the encryption key array, elements for encryption array B are located in elements 8-12 of the encryption key array, and elements for encryption array C are located in elements 13-15 of the encryption key array.
• FIG. 5 presents an example of the operation of encryption key 500.
• the encryption key is comprised from three encryption arrays A, B, and C, which are different in length.
• the lengths of the arrays are prime numbers, and in this example the lengths are 7, 5, and 11.
• the number and lengths of the arrays are just examples, and they can be larger or smaller than presented in the example. It has been possible to specify a dedicated initial point for each encryption array A, B, and C, which in this example is an encryption-array-specific index ((m Ai , m Bi , m Ci) where the encryption process is started.
• An encryption byte is produced by selecting one element from each encryption array according to a predetermined index, and by performing an XOR operation between all the selected elements.
• the predetermined index can be the initial point (encryption array A index/element 1, encryption array B index/element 2, encryption array C index/element 7), in which case the XOR operation in the example according to figure 5 is A[al] ® B[b2] ® C[c7].
• the production of the encryption byte can be initiated with a certain rule, for example by selecting elements from points (initial point + 1). As the next encryption byte is produced, we proceed in each encryption array on the basis of the contents of the encryption array according to the new index.
• new index is determined by increasing the index of previously selected elements (al, b2, cl) based on the number determined using the contents of the previous encryption array elements (al, b2, cl).
• the result of the XOR operation presented above could be 3, for example, in which case the current index of each encryption array would be increased by 3.
• mi is the current index of the encryption array
• m 2 is the new index, which is used as the basis for producing the next encryption byte.
• the equal advance in each encryption array based on the contents of the elements is presented using highlighted elements and arrows in figure 5.
• Figure 6 represents encryption key 500 in accordance with figure 5, where the values of encryption array A, B, and C have been changed on the basis of the contents of the encryption arrays.
• the process has reached location a4, b5, and clO in the elements/indices in accordance with the example presented in figure 5.
• the value of K could be 1, in which case the value of element a7 in encryption array A would be changed to a7®L based on the contents of the encryption arrays, the value of element b3 in encryption array B to b3®L, and the value of element c2 in encryption array C to c2®L.
• the encryption process can proceed to the determination of the next encryption byte.
• the next encryption byte has been determined, we can once again change the values of the elements on the basis of the contents of the encryption array in the manner described above, for example.
• the values of the elements can also be changed using another method ahead of the encryption, for example according to the contents of the encryption arrays and a specific rule.
• a predetermined or random number can be added to or subtracted from the index.
• another operation that combines two bytes such that the order of the bytes is irrelevant and the result of the operation between two random bytes is also random for example 'not XOR', can also be used instead of an XOR operation.
• the number and/or length of the encryption arrays can also be changed.
• Figures 7A and 7B present the values of simulated encrypted data for a solution according to one embodiment.
• the encrypted data only contains zeroes.
• 10 mb of data has been encrypted, and the figure presents the values of the encrypted data.
• Figure 5B shows 10 mb of data encrypted again using a partially different key, and the second encryption cycle is compared in figure 7B with previously encrypted data (which is also presented in figure 7A).
• the simulations allow us to see that the data encrypted using a solution in accordance with the invention is different after each cycle and the encrypted data shows no visually apparent correlation between the different encryption cycles.
• the encryption key comprises six encryption arrays (A, B, C, D, E, and F).
• the lengths of the encryption arrays are arranged to be of different sizes such that the highest common factor of the lengths of any two tables is 1. This can, for example, be realized by ensuring that the length of each encryption array is a different prime number.
• the lengths of the encryption arrays can range from a few hundred bytes up to kilobytes, for example.
• the encryption method includes a predetermined initial point, which means that each encryption array of the encryption key has a dedicated index where the encryption process begins.
• the initial point can be standard, for example index 0 in each encryption array, or it can be key-specific, for example a randomly selected point for each encryption array that is known to both the sender and the recipient.
• the initial point (for example, encryption array A, index/element 1, B index/element 22, C index/element 213, etc.) is used to calculate the value of a single byte in a predetermined manner, which is dependent on each element value according to the indices of the initial points of encryption arrays A-F.
• an XOR operation is performed between the elements of selected encryption arrays, for example A[al] ® B[bl] ® C[cl] ® D[dl] ® E[el] ® F[f1], where al, bl, cl, dl, el, and fl are the values of the initial points of the encryption arrays in question.
• a predetermined operation is performed between the result of the XOR operation performed between the specified encryption array elements and the encrypted data byte.
• the determined result is an encrypted byte that can be sent through a nontrusted communication channel or stored in an encrypted form.
• the index of each encryption array can be increased by 1, for example, and if the index exceeds the upper bound of the encryption array, we can continue from the beginning of said encryption array.
• the index can also be increased on the basis of the contents of the encryption arrays. Because the encryption arrays are different in length and the length have no common factors, we can thus move forward by a number equal to the product of the lengths of the encryption arrays during the encryption of the next byte without using the same combination of indices in the arrays of the encryption arrays.
• the method describe above produces a sequence whose length is the product of the lengths of the arrays.
• the length of the sequence is at least the product of the lengths of the arrays divided by 256.
• a new encryption byte can be used to encrypt each byte to be encrypted.
• the algorithm in accordance with the invention can be used to encrypt a message whose maximum length is the length of the sequence.
• CB encrypted byte
• Y is a byte generated by the algorithm
• D is a plaintext data byte that is to be encrypted.
• the examples use an XOR operation (bitwise exclusive or), but it is also possible to use a similar integration instead of XOR, which can be used to decipher the encryption in reverse order, and which will retain the even distribution of random numbers.
• the algorithm works by encrypting data one byte or predetermined byte set at a time.
• the encrypted byte whose order is n can thus be produced as follows:
• Y n is a one-time random key
• the encryption is a one-time pad mechanism, which has been proven to be impossible to crack.
• Y n is produced by calculating random numbers from the set such that the same sequence is repeated so infrequently that the length of the message to be encrypted is shorter than the sequence generated by the algorithm.
• the decryption of an encrypted message can, for example, be performed as follows when the encryption byte Y n is generated using an encryption key in the same manner as at the sending/encrypting end:
• the algorithm for Y can be produced in the following manner, where
• refers to the length of array x and the values in the encryption array element consist of random bytes, such as values 0-255 or signed numbers -127...128, and where index n refers to the number of the byte being encrypted: Y n fy(n, A, B, C, D, E, F)
• function fy is dependent on the number n and all encryption arrays.
• the value of the function must use different combinations of the values in the arrays such that a large number of independent results are produced.
• the function can take the following form, for example:
• Y n fy(m, A, B, C, D, E, F)
• the order of the XOR operations is not significant.
• the mod operation used in the above examples is the remainder, and the indices of the encryption arrays start from zero.
• the next key to be used can be agreed upon at the start of the session. In one embodiment, it can also be agreed that only a part of the key is changed each time.
• the sequence of the algorithm i.e. the length after which it produces repeating values for the encryption byte Y n is dependent on the number of the used arrays and their lengths, as well as the manner with which the m index is increased. If someone wishes to crack the algorithm by trying different options as the array values, the required number of tries depends on the total length of the encryption arrays (how many randomly generated numbers the encryption key contains).
• the encryption method can also be used with quite limited arrays, in which case it is already hard to crack by trying different values, but the sequence is short. A longer sequence can be arranged in other ways, for example by performing an XOR operation between an encryption byte generated using an algorithm in accordance with the invention and a byte produced by a pseudo random number generator (that produces a long sequence).
• One embodiment can also be used with public-key cryptosystems, which are based on two parties agreeing upon a secret key in advance using a public-key method, with the agreed upon secret key then being used to encrypt the actual traffic. If a solution in accordance with the invention is to be used in a public-key cryptosystem, an algorithm in accordance with the invention can be used to encrypt the actual traffic. A public-key method is used to agree upon the encryption keys to be used in accordance with the solution of the invention. The actual traffic will then be surely encrypted. Both the agreeing upon a key and the encryption of the actual traffic are weaknesses of current systems, and the solution of the invention allows for one of these weaknesses to be remedied.
• a symmetric encryption method can freely be used in intranet- type situations without a public key, provided that all users are known in advance and use devices that are under the operator's control, such as in VPN networks. It is clear to a professional that the different embodiments of the invention are also not limited exclusively to the examples presented above and can thus vary within the framework of the claims presented below. Characteristic features possibly presented with other characteristic features in the description can also be used as separate from each other where necessary.

Landscapes

• Engineering & Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• Theoretical Computer Science (AREA)
• Physics & Mathematics (AREA)
• Computer Networks & Wireless Communication (AREA)
• Signal Processing (AREA)
• General Engineering & Computer Science (AREA)
• Computer Hardware Design (AREA)
• General Health & Medical Sciences (AREA)
• Bioethics (AREA)
• Software Systems (AREA)
• Health & Medical Sciences (AREA)
• General Physics & Mathematics (AREA)
• Nonlinear Science (AREA)
• Computing Systems (AREA)
• Storage Device Security (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=74668880

Family Applications (1)

Country Status (3)

Families Citing this family (3)

Family Cites Families (1)

• 2020
  • 2020-01-31 FI FI20205097A patent/FI128939B/fi active IP Right Grant
• 2021
  • 2021-01-27 WO PCT/FI2021/050052 patent/WO2021152212A1/en not_active Ceased
  • 2021-01-27 EP EP21706636.4A patent/EP4097912A1/de active Pending

Also Published As

Similar Documents

Legal Events