| 发明名称 | Method for authenticated encryption and decryption | ||
| 摘要 | In this invention, a new authenticated encryption and decryption technique has been proposed. In general, conventional encryption modes like (CTR, CBC, and CFB etc.) cannot provide integrity support and in order to ensure both the privacy and integrity, they require two passes and additional support like MAC, CRC etc. However, this new authenticated encryption technique can ensure both the privacy and integrity in single pass without any MAC or CRC support. Most importantly, this new technique can easy be incorporated with the existing encryption modes. As a consequence of the integration, the existing encryption modes can resolve several security issues related to integrity, without impairing their existing security properties. | ||
| 申请公布号 | US9225708(B2) | 申请公布日期 | 2015.12.29 |
| 申请号 | US201414323845 | 申请日期 | 2014.07.03 |
| 申请人 | NATIONAL CHENG KUNG UNIVERSITY | 发明人 | Hwang Tzonelih |
| 分类号 | H04L29/08;H04L29/06;G09C1/00;H04L9/06 | 主分类号 | H04L29/08 |
| 代理机构 | Muncy, Geissler, Olds & Lowe P.C. | 代理人 | Muncy, Geissler, Olds & Lowe P.C. |
| 主权项 | 1. A method for authenticated encryption and decryption, comprising: receiving a binary plain text at an encryption end; performing an encryption process according to the binary plain text data, the encryption process comprising following steps: providing n encryption paths, wherein n is a positive integer; providing a first input encryption parameter At to the t-th path of the n encryption paths correspondingly, wherein t is an integer, 1≦t≦n, 0≦r<t, r is an integer, and At+r is a function f(Mt) with an input parameter of a binary plain text Mt; performing a first encryption logic computation for the first input encryption parameter At of the t-th path correspondingly, to generate a first middle encryption value Bt; performing an encryption computation for the first middle encryption value Bt of the t-th path and an encryption kernel correspondingly so as to generate a second middle encryption value Ft; providing a second input encryption parameter Gt to the t-th path of the n encryption paths correspondingly, wherein 0≦s<t, s is an integer, and Gt+s is a function f(Mt) with an input parameter of the binary plain text Mn; performing a second encryption logic computation for the second middle encryption value Ft of the t-th path and the second input encryption parameter Gt, to generate a cipher text Ct; providing p encryption/authentication paths, wherein p is a positive integer; providing a first encryption/authentication parameter AVj to a j-th path of p encryption/authentication paths correspondingly, wherein 1≦j≦p; performing a first encryption/authentication logic computation for the first encryption/authentication parameter AVj of the j-th encryption/authentication path correspondingly, to generate a first middle encryption/authentication value BVj; performing an encryption computation for the first middle encryption/authentication value BVj of the j-th encryption/authentication path and the encryption kernel correspondingly, to generate a second middle encryption/authentication value FVj of the j-th encryption/authentication path; providing a second encryption/authentication data GVj to the j-th path; performing a second encryption/authentication logic computation for the second middle encryption/authentication value FVj of the j-th encryption/authentication path and the second encryption/authentication data GVj correspondingly, to generate a cipher text Cn+j; receiving the cipher text Cn+j at a decryption end and performing a decryption process, the decryption process comprising following steps: providing n decryption paths; providing a first input decryption parameter Jt to a t-th path of the n decryption paths correspondingly, wherein 1≦t≦n; performing a first decryption logic computation for the first input decryption parameter Jt of the t-th path correspondingly so as to generate a first middle decryption value Kt; performing a decryption computation for the first middle decryption value Kt of the t-th path and a decryption kernel correspondingly, to generate a second middle decryption value Lt; performing a second logic decryption computation for the second middle decryption value Lt of the t-th path and a second input decryption parameter Nt, to generate a decrypted binary plain text Mt′; providing p decryption/authentication paths, wherein p is a positive integer; providing a first decryption-authentication parameter JVj to a j-th decryption/authentication path of the p decryption/authentication paths correspondingly, wherein 1≦j≦p; performing a first logic decryption/authentication computation for the first decryption-authentication parameter JVj of the j-th decryption/authentication path correspondingly so as to generate a first middle decryption/authentication value KVj; performing a decryption computation for the first middle decryption value KVj of the j-th decryption/authentication path and the decryption kernel correspondingly so as to generate a second middle decryption/authentication value LVj of the j-th decryption/authentication path; and performing a second logic decryption/authentication computation for the second middle decryption/authentication value LVj of the j-th decryption/authentication path and second decryption/authentication data NVj so as to generate a decryption/authentication plain text MVj. | ||
| 地址 | Tainan TW | ||